vir-uzamceni windows

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Collect::
C:\WINDOWS\System32\drivers\f6ca8081.sys

Driver::
f6ca8081

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Miki.37]

navrhuji jit spat uz tady uplne na tom stole lezim a spim dekuji za pomoc jestli je tam jeste nejaka chyba doresime treba zitra ale dnes na to vazne uz nevidim jeste jednou dekuji za pomoc

[motji]

Souhlasím, zítra se mrknu na ten log z combofixu, už by to mělo být ok .
Dobrou noc

[Miki.37]

tady:

omboFix 10-07-12.02 - Miki 13.07.2010 0:45.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1682 [GMT 2:00]
Spuštěný z: c:\documents and settings\Miki\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Miki\Plocha\CFScript.txt

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

file zipped: c:\windows\System32\drivers\f6ca8081.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\drivers\f6ca8081.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_f6ca8081


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-12 do 2010-07-12 )))))))))))))))))))))))))))))))
.

2010-07-12 21:39 . 2009-06-07 14:14 -------- d--h--w- c:\documents and settings\Administrator.MIKI-PC.000\Okolní tiskárny
2010-07-12 21:39 . 2009-06-07 14:14 -------- d--h--w- c:\documents and settings\Administrator.MIKI-PC.000\Okolní síť
2010-07-12 21:39 . 2009-06-07 14:14 -------- d-----w- c:\documents and settings\Administrator.MIKI-PC.000\Plocha
2010-07-12 21:39 . 2009-06-07 14:14 -------- d-----w- c:\documents and settings\Administrator.MIKI-PC.000\Oblíbené položky
2010-07-12 21:39 . 2009-06-07 14:14 -------- d-----w- c:\documents and settings\Administrator.MIKI-PC.000\Dokumenty
2010-07-12 21:39 . 2009-06-07 14:14 -------- d-----r- c:\documents and settings\Administrator.MIKI-PC.000\Nabídka Start
2010-07-12 21:39 . 2009-06-07 12:20 -------- d--h--w- c:\documents and settings\Administrator.MIKI-PC.000\Šablony
2010-07-12 21:32 . 2010-07-12 21:32 -------- d-sh--w- c:\documents and settings\Administrator.MIKI-PC\IETldCache
2010-07-12 20:26 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-12 20:25 . 2010-07-12 21:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-12 20:25 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-12 20:17 . 2010-07-12 20:17 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-07-12 20:16 . 2010-06-08 02:16 763832 ----a-w- c:\windows\BDTSupport.dll
2010-07-12 20:16 . 2010-01-22 06:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-07-12 20:16 . 2009-10-27 22:36 1152444 ----a-w- c:\windows\UDB.zip
2010-07-12 20:16 . 2008-11-26 09:08 131 ----a-w- c:\windows\IDB.zip
2010-07-12 20:16 . 2010-06-08 00:21 1652664 ----a-w- c:\windows\PCTBDCore.dll
2010-07-12 20:16 . 2010-01-22 06:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-07-12 20:16 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-07-12 20:16 . 2010-03-29 08:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-07-12 20:16 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-07-12 20:16 . 2010-04-08 12:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-07-12 20:15 . 2010-07-12 22:49 -------- d-----w- c:\program files\Spyware Doctor
2010-07-12 20:15 . 2010-07-12 20:16 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-12 20:11 . 2010-07-12 20:11 -------- d-----w- C:\_OTM
2010-07-12 19:53 . 2010-07-12 19:53 -------- d-----w- c:\windows\system32\wbem\Repository
2010-07-12 19:53 . 2010-07-12 19:53 -------- d-----w- c:\program files\Realtek AC97
2010-07-12 19:53 . 2010-07-12 19:53 -------- d-----w- c:\program files\Sweet Home 3D
2010-07-12 19:53 . 2010-07-12 19:53 -------- d-----w- c:\program files\Ralink
2010-07-12 19:35 . 2010-07-12 19:52 -------- d-----w- c:\program files\trend micro
2010-07-12 19:35 . 2010-07-12 19:35 -------- d-----w- C:\rsit
2010-07-12 19:29 . 2010-07-12 21:33 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-12 19:20 . 2010-07-12 19:20 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2010-07-12 19:19 . 2010-07-12 19:52 -------- d-----w- c:\documents and settings\Administrator\Šablony
2010-07-12 19:19 . 2010-07-12 19:52 -------- d-----w- c:\documents and settings\Administrator\Data aplikací
2010-07-12 19:19 . 2010-07-12 19:52 -------- d-s---w- c:\documents and settings\Administrator
2010-07-09 16:09 . 2010-07-09 16:09 -------- d-----w- c:\windows\down
2010-07-08 20:14 . 2010-07-08 20:14 -------- d-----w- c:\program files\MOSCHIP
2010-07-08 20:14 . 2008-05-22 10:43 249856 ----a-w- c:\windows\system32\MOSCHIP_PciUninst.exe
2010-07-08 19:06 . 2009-07-14 19:39 741468 ----a-w- c:\windows\system32\Scutum.dll
2010-07-08 19:06 . 2009-05-11 09:45 147456 ----a-w- c:\windows\system32\DiagFunc.dll
2010-07-08 19:06 . 2009-05-08 11:08 114688 ----a-w- c:\windows\system32\W32N55.dll
2010-07-08 19:06 . 2009-04-21 13:31 19072 ----a-w- c:\windows\system32\drivers\Scutum50.sys
2010-07-08 19:06 . 2008-12-30 14:55 143459 ----a-w- c:\windows\system32\RalinkGina.dll
2010-07-08 19:06 . 2008-09-10 13:55 200704 ----a-w- c:\windows\system32\ssleay32.dll
2010-07-08 19:06 . 2008-09-10 13:55 1085440 ----a-w- c:\windows\system32\libeay32.dll
2010-07-08 19:06 . 2010-07-12 19:53 -------- dc----w- c:\windows\system32\DRVSTORE
2010-07-08 19:01 . 2005-06-06 09:51 11264 ----a-w- c:\windows\system32\drivers\vulfntr.sys
2010-07-08 19:01 . 2005-01-05 10:02 6912 ----a-w- c:\windows\system32\drivers\vulfnth.sys
2010-07-08 19:01 . 2003-10-03 14:28 45056 ----a-w- c:\windows\system32\vusetup.dll
2010-07-08 19:00 . 2010-07-08 19:00 -------- d-----w- c:\windows\system32\ALIEHCI
2010-07-08 19:00 . 2005-02-21 13:32 10326 ------w- c:\windows\system32\drivers\ALiGP.SYS
2010-07-08 19:00 . 2005-02-21 13:12 5331 ------w- c:\windows\system32\drivers\ALiRTHUB.SYS
2010-07-08 19:00 . 2005-02-21 13:11 31925 ------w- c:\windows\system32\drivers\ALiHUB.SYS
2010-07-08 19:00 . 2005-02-21 13:09 83596 ------w- c:\windows\system32\drivers\ALiEHCI.SYS
2010-07-08 19:00 . 2004-07-09 07:55 28672 ------w- c:\windows\system32\Unusb20.exe
2010-07-08 19:00 . 2001-11-13 19:24 35587 ------w- c:\windows\system32\rmusb20.EXE
2010-06-14 14:31 . 2010-06-14 14:31 -------- d-----w- c:\program files\Common Files\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-12 21:38 . 2009-06-07 14:56 -------- d-----w- c:\program files\ESET
2010-07-12 19:05 . 2009-06-07 12:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-11 15:50 . 2009-06-07 14:33 -------- d-----r- c:\program files\Skype
2010-07-11 15:29 . 2009-06-07 18:27 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-07-11 14:30 . 2009-06-07 18:27 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-25 20:44 . 2010-02-27 23:50 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-06-16 14:01 . 2009-06-07 14:38 -------- d-----w- c:\program files\programyICQ6.5
2010-05-21 18:19 . 2010-05-21 18:19 0 ----a-w- c:\windows\nsreg.dat
2010-05-21 18:18 . 2010-05-21 18:18 -------- d-----w- c:\program files\CentrumczToolbar
2010-05-16 14:50 . 2010-05-16 14:49 -------- d-----w- c:\program files\Hamachi
2010-05-16 14:49 . 2010-05-16 14:49 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-05-16 14:44 . 2010-05-16 14:44 -------- d-----w- c:\program files\Common Files\3DO Shared
2010-05-16 14:44 . 2010-05-16 14:44 -------- d-----w- c:\program files\3DO
2010-05-16 13:58 . 2010-05-16 13:58 -------- d-----w- c:\program files\directx
2010-05-15 14:42 . 2010-05-08 13:53 -------- d-----w- c:\program files\free-downloads.net
2010-05-08 13:52 . 2009-06-09 16:29 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-05-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-05-15 14:42 2515552 ----a-w- c:\program files\free-downloads.net\tbfre1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-05-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2010-05-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-06-07 36864]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-10 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]
"SoundMan"="SOUNDMAN.EXE" [2006-03-02 577536]
"RemoteControl"="c:\program files\programy\PowerDVD 6\PDVDServ.exe" [2005-01-12 32768]
"Adobe Reader Speed Launcher"="c:\program files\programy\Adobe Reader 9.1\Reader\Reader_sl.exe" [2009-02-27 35696]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\programy\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"PWRISOVM.EXE"="c:\program files\Programy\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-11 1287120]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-6-7 196608]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2010-7-8 1561888]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\programyICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\programy\\utorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Hry\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"c:\\Documents and Settings\\Miki\\Dokumenty\\ICQ\\364941234\\ReceivedFiles\\200225726 pepe\\mirc.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Hry\\Activision\\Call of Duty 1\\CoDMP.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\3DO\\Heroes 3 Complete\\HEROES3.EXE"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 pctcore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [12.7.2010 22:16 218592]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [7.6.2009 14:32 13696]
R2 browser defender update service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [12.7.2010 22:16 112592]
R2 sdauxservice;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [12.7.2010 22:15 366840]
S2 gupdate1c9e93a7db219ae;Služba Google Update (gupdate1c9e93a7db219ae);c:\program files\Google\Update\GoogleUpdate.exe [9.6.2009 21:42 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.6.2009 18:29 691696]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - PCTSDInjDriver32
.
Obsah adresáře 'Naplánované úlohy'

2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-09 19:42]

2010-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-09 19:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\programy\OFFICE~1\OFFICE11\EXCEL.EXE/3000
IE: wikikomentáře google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\Miki\Data aplikací\Mozilla\Firefox\Profiles\fxwp5yo9.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils2.dll
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils3.dll
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils35.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\programy\Adobe Reader 9.1\Reader\browser\nppdf32.dll
FF - plugin: c:\program files\Programy\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: c:\program files\Programy\DivX\DivX Web Player\npdivx32.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-13 00:51
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(880)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

- - - - - - - > 'explorer.exe'(4736)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\docume~1\Miki\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\SOUNDMAN.EXE
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\programy\COCIManager.exe
c:\program files\Ralink\Common\RaRegistry.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-07-13 00:53:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-12 22:53
ComboFix2.txt 2010-07-12 21:46

Před spuštěním: Volných bajtů: 29 872 312 320
Po spuštění: Volných bajtů: 30 014 103 552

- - End Of File - - 1CB89D5D10FAA1EEDB8B131F374009D9

[Miki.37]

Dobrou a fakt dik moc

[motji]

Dobré ranko
Jak to vypadá s naším pacientem?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[Miki.37]

sry byl jsem dele v praci uz jdu na to

[Miki.37]

tady :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Miki at 2010-07-13 19:24:03
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 32 GB (79%) free of 40 GB
Total RAM: 2047 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:11, on 13.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\programy\PowerDVD 6\PDVDServ.exe
C:\Program Files\programy\Adobe Reader 9.1\Reader\Reader_sl.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\programy\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Programy\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Program Files\programy\COCIManager.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Ralink\Common\RaRegistry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\programyICQ6.5\ICQ.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Miki\Local Settings\Temporary Internet Files\Content.IE5\5W0399CK\RSIT[1].exe
C:\Program Files\trend micro\Miki.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\programy\PowerDVD 6\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\programy\Adobe Reader 9.1\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\programy\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\Programy\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\programy\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: wikikomentáře google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\programy\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\programyICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\programyICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International
O16 - DPF: {8100d56a-5661-482c-bee8-afece305d968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O18 - Protocol: bw+0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BEEB502B-6850-415E-B649-DADF4C8F424F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Autodesk Licensing Service (autodesk licensing service) - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba Google Update (gupdate1c9e93a7db219ae) (gupdate1c9e93a7db219ae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB (pnkbstrb) - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Ralink Registry Writer (ralinkregistrywriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RaRegistry.exe

--
End of file - 20831 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-23 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae805869-2e5c-4ed4-8f7b-f1f7851a4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-31 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D5D47440-0750-463D-BAEF-A47D02414806}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-23 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-09 7561216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-03-09 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
"RemoteControl"=C:\Program Files\programy\PowerDVD 6\PDVDServ.exe [2005-01-12 32768]
"Adobe Reader Speed Launcher"=C:\Program Files\programy\Adobe Reader 9.1\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=C:\Program Files\programy\QuickCam10.exe [2006-06-26 614960]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"PWRISOVM.EXE"=C:\Program Files\Programy\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-06-07 36864]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-10 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Ralink Wireless Utility.lnk - C:\Program Files\Ralink\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\programyICQ6.5\ICQ.exe"="C:\Program Files\programyICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\programy\utorrent\uTorrent.exe"="C:\Program Files\programy\utorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe"="D:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Documents and Settings\Miki\Dokumenty\ICQ\364941234\ReceivedFiles\200225726 pepe\mirc.exe"="C:\Documents and Settings\Miki\Dokumenty\ICQ\364941234\ReceivedFiles\200225726 pepe\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Hry\Activision\Call of Duty 1\CoDMP.exe"="D:\Hry\Activision\Call of Duty 1\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"D:\Program Files\Call of Duty\CoDMP.exe"="D:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\3DO\Heroes 3 Complete\HEROES3.EXE"="C:\Program Files\3DO\Heroes 3 Complete\HEROES3.EXE:*:Enabled:Heroes of Might and Magic® III"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

======List of files/folders created in the last 1 months======

2010-07-13 19:24:03 ----D---- C:\rsit
2010-07-13 19:24:03 ----D---- C:\Program Files\trend micro
2010-07-13 19:14:14 ----A---- C:\WINDOWS\_MSRSTRT.EXE
2010-07-13 15:25:02 ----SHD---- C:\RECYCLER
2010-07-12 23:46:57 ----D---- C:\WINDOWS\temp
2010-07-12 22:26:12 ----D---- C:\Documents and Settings\Miki\Data aplikací\Malwarebytes
2010-07-12 22:26:01 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-12 22:26:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-07-12 22:25:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-12 22:25:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-12 22:16:39 ----A---- C:\WINDOWS\BDTSupport.dll.old
2010-07-12 22:16:38 ----A---- C:\WINDOWS\PCTBDCore.dll.old
2010-07-12 22:15:54 ----D---- C:\Program Files\Spyware Doctor
2010-07-12 22:15:41 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-07-12 21:53:30 ----D---- C:\Program Files\Realtek AC97
2010-07-12 21:53:25 ----D---- C:\Program Files\Sweet Home 3D
2010-07-12 21:53:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ralink Driver
2010-07-12 21:53:18 ----D---- C:\Program Files\Ralink
2010-07-12 21:53:18 ----D---- C:\Documents and Settings\Miki\Data aplikací\InstallShield
2010-07-12 21:52:57 ----D---- C:\Config.Msi
2010-07-11 18:22:08 ----D---- C:\Documents and Settings\Miki\Data aplikací\Leadertech
2010-07-09 18:09:10 ----D---- C:\WINDOWS\down
2010-07-08 22:14:46 ----N---- C:\WINDOWS\system32\MOSCHIP_PciUninst.exe
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\W32N55.INI
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\W32N55.dll
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\Scutum.dll
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\RalinkGina.dll
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\drivers\Scutum50.sys
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\DiagFunc.ini
2010-07-08 21:06:33 ----A---- C:\WINDOWS\system32\DiagFunc.dll
2010-07-08 21:06:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-08 21:01:27 ----A---- C:\WINDOWS\system32\vusetup.dll
2010-07-08 21:01:27 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2010-07-08 21:01:27 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\Unusb20.exe
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\rmusb20.EXE
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\drivers\ALiRTHUB.SYS
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\drivers\ALiHUB.SYS
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\drivers\ALiGP.SYS
2010-07-08 21:00:55 ----N---- C:\WINDOWS\system32\drivers\ALiEHCI.SYS
2010-07-08 21:00:55 ----D---- C:\WINDOWS\system32\ALIEHCI
2010-06-14 16:31:58 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2010-07-13 19:24:03 ----RD---- C:\Program Files
2010-07-13 19:21:56 ----D---- C:\Documents and Settings\Miki\Data aplikací\ICQ
2010-07-13 19:20:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-13 19:17:41 ----D---- C:\WINDOWS
2010-07-13 19:17:02 ----D---- C:\Program Files\Common Files
2010-07-13 19:15:58 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 19:13:17 ----HD---- C:\WINDOWS\inf
2010-07-13 19:09:43 ----D---- C:\WINDOWS\Prefetch
2010-07-13 19:05:24 ----SHD---- C:\System Volume Information
2010-07-13 19:05:24 ----D---- C:\WINDOWS\system32\Restore
2010-07-13 19:01:43 ----D---- C:\Documents and Settings\Miki\Data aplikací\Skype
2010-07-13 17:36:38 ----D---- C:\Documents and Settings\Miki\Data aplikací\Hamachi
2010-07-13 16:07:53 ----D---- C:\Documents and Settings\Miki\Data aplikací\skypePM
2010-07-13 15:31:02 ----D---- C:\Program Files\Mozilla Firefox
2010-07-13 15:27:23 ----SHD---- C:\WINDOWS\CSC
2010-07-13 00:57:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-13 00:50:59 ----A---- C:\WINDOWS\system.ini
2010-07-13 00:50:44 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-13 00:49:29 ----D---- C:\WINDOWS\system32\config
2010-07-13 00:47:29 ----D---- C:\WINDOWS\system32
2010-07-13 00:47:28 ----D---- C:\WINDOWS\AppPatch
2010-07-12 23:39:49 ----D---- C:\Documents and Settings
2010-07-12 23:38:29 ----SHD---- C:\WINDOWS\Installer
2010-07-12 23:38:23 ----D---- C:\Program Files\ESET
2010-07-12 23:27:28 ----D---- C:\WINDOWS\msapps
2010-07-12 22:37:53 ----RD---- C:\WINDOWS\Offline Web Pages
2010-07-12 22:16:16 ----D---- C:\WINDOWS\WinSxS
2010-07-12 21:53:51 ----D---- C:\WINDOWS\system32\wbem
2010-07-12 21:53:51 ----D---- C:\WINDOWS\Registration
2010-07-12 21:53:18 ----D---- C:\WINDOWS\system32\DirectX
2010-07-12 21:53:12 ----D---- C:\Documents and Settings\Miki\Data aplikací\uTorrent
2010-07-12 21:52:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-07-12 21:52:51 ----D---- C:\WINDOWS\system32\appmgmt
2010-07-12 21:05:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-11 18:07:52 ----RSD---- C:\WINDOWS\assembly
2010-07-11 17:50:00 ----RD---- C:\Program Files\Skype
2010-07-11 17:29:56 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-07-09 15:30:22 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-25 22:44:19 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-06-16 16:01:53 ----D---- C:\Program Files\programyICQ6.5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-15 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-15 25888]
R3 cmigameport;cmigameport; C:\WINDOWS\system32\drivers\cmigameport.sys [2002-02-07 3712]
R3 cmpci;TerraTec Aureon 5.1 (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2004-10-01 373952]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-16 25280]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2006-06-23 38960]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-09 3650368]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-06-01 34944]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-06-01 13184]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2006-06-23 293808]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-08 691696]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 autodesk licensing service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-22 72704]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-09 143436]
R2 pnkbstra;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-29 75064]
R2 pnkbstrb;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-07-11 214520]
R2 ralinkregistrywriter;Ralink Registry Writer; C:\Program Files\Ralink\Common\RaRegistry.exe [2009-07-14 185632]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S2 gupdate1c9e93a7db219ae;Služba Google Update (gupdate1c9e93a7db219ae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-09 133104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-10 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 nettcpportsharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

pocitac je v pohode dekuji dekuji dekuji

[motji]

ještě odinstalujte DAEMON Tools Toolbar
Nevidím antivir a firewall , doinstalujte
doporučuji doinstalovat sp3.

Pokud nejsou problémy, je to vše

[Miki.37]

ok dodelam dikec

[motji]

Není zač