pomalé pc

[Trepifajkslak]

Moje pc je nějaké zpomalené - tady je log :

Logfile of random's system information tool 1.08 (written by random/random)
Run by Buchy at 2010-08-26 16:23:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (8%) free of 76 GB
Total RAM: 1789 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:32, on 26.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Buchy\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Buchy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\Buchy\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [nod32] C:\DOCUME~1\Buchy\LOCALS~1\Temp\nodqq.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\Buchy\LOCALS~1\Temp\dsoqq.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GT Connect.lnk = C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: WirelessSelector.lnk = ?
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (bonjour service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Update Service (gupdate1c98693303ccbd8) (gupdate1c98693303ccbd8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (idrivert) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8413 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-06 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-12-31 2349080]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"cdoosoft"=C:\DOCUME~1\Buchy\LOCALS~1\Temp\herss.exe [2010-01-22 96768]
"nod32"=C:\DOCUME~1\Buchy\LOCALS~1\Temp\nodqq.exe [2010-05-11 112640]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-05-08 321328]
"dso32"=C:\DOCUME~1\Buchy\LOCALS~1\Temp\dsoqq.exe [2010-06-08 115200]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GT Connect.lnk - C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
WirelessSelector.lnk - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDriveAutoRun"=255
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ODEON\JAF\JCOP.EXE"="C:\Program Files\ODEON\JAF\JCOP.EXE:*:Enabled:JCOP"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:Vietcong"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-26 16:12:53 ----D---- C:\Program Files\Metin2_TESTER
2010-08-26 14:56:26 ----D---- C:\Program Files\Cenega Czech
2010-08-26 13:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-26 13:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-26 13:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-26 13:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-26 13:42:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-26 13:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-26 13:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-26 13:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-26 13:40:23 ----D---- C:\WINDOWS\LastGood
2010-08-03 17:23:05 ----D---- C:\Documents and Settings\Buchy\Data aplikací\com.bigfatsimulations.airportmadness3.3A85083A650345D1ADAB4572C5816AD2DC9802A3.1
2010-08-03 17:22:48 ----D---- C:\Program Files\AirportMadness3
2010-08-03 17:21:08 ----D---- C:\games
2010-08-03 15:14:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-08-03 13:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-01 13:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-08-26 16:23:24 ----D---- C:\Program Files\trend micro
2010-08-26 16:21:39 ----D---- C:\Documents and Settings\Buchy\Data aplikací\uTorrent
2010-08-26 16:12:53 ----RD---- C:\Program Files
2010-08-26 15:24:17 ----D---- C:\WINDOWS\temp
2010-08-26 15:19:47 ----D---- C:\WINDOWS\Internet Logs
2010-08-26 13:53:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-26 13:53:54 ----RSD---- C:\WINDOWS\assembly
2010-08-26 13:50:45 ----HD---- C:\WINDOWS\inf
2010-08-26 13:50:45 ----D---- C:\WINDOWS
2010-08-26 13:50:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-26 13:50:44 ----D---- C:\WINDOWS\system32\drivers
2010-08-26 13:50:44 ----D---- C:\WINDOWS\system32
2010-08-26 13:50:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-26 13:50:38 ----A---- C:\WINDOWS\imsins.BAK
2010-08-26 13:50:05 ----SHD---- C:\WINDOWS\Installer
2010-08-26 13:50:05 ----D---- C:\Config.Msi
2010-08-26 13:50:04 ----D---- C:\WINDOWS\Prefetch
2010-08-26 13:49:43 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-26 13:49:11 ----D---- C:\WINDOWS\WinSxS
2010-08-26 13:41:59 ----D---- C:\Program Files\Movie Maker
2010-08-26 13:38:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-26 12:30:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-25 20:10:07 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-08-03 17:22:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-08-03 17:22:20 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-03 17:21:29 ----D---- C:\Documents and Settings\Buchy\Data aplikací\Adobe
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-05-04 64160]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 filedisk;filedisk; C:\WINDOWS\system32\drivers\filedisk.sys [2004-06-09 10556]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-08-03 18688]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-06-21 547072]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-08-03 321536]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2007-05-16 42368]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-05-10 208576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2008-07-24 15264]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-06-29 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-06-29 25512]
S3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2006-10-31 8064]
S3 GTUQBUS;GT UQ BUS; C:\WINDOWS\system32\DRIVERS\gtuqbus.sys [2006-10-31 36992]
S3 netrcacm;RCA USB Digital Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\netrcacm.sys [2003-01-20 20648]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2008-07-24 47744]
S3 wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 bonjour service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 GtFlashSwitch;GtFlashSwitch; C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-06 152984]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-19 348344]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S2 gupdate1c98693303ccbd8;Google Update Service (gupdate1c98693303ccbd8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-07 1029456]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 flexnet licensing service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-21 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idrivert;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny podvecer preji

Ma duvod byt zpomalene

Doporucuji odinstalovat Ad-Aware - program ma jiz ukoncen vyvoj, tudiz neni schopen celit aktualnim hrozbam. Po ukonceni leceni, nasadime nejakou nahradu

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Doporucuji odinstalovat klienty P2P siti - jsou potencialnim rizikem pro bezpecnost PC a jsou velmi casto zdrojem viru a haveti - navic jejich pouzivani odporuje i pravidlum naseho fora (vice zde)

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  services.msc

• Kliknete na OK
• Najdete sluzby nize
• Google Update Service
  Java Quick Starter
• U kazde provedte toto
  • Klik na ni pravym mysidlem a zvolit Vlastnosti
  • Nyní klik na Zastavit
  • Typ spousteni nastavit na Zakazano
  • Potvrdte kliknutim na OK

Spustte HJT a provedeme fixnuti polozek

• HJT najdete zde C:\Program Files\trend micro\Buchy.exe
• Otevre se Vam okno, kliknete na Do a system scan only
• V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
• R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
  R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
  O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
  O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
• Kliknete na Fix checked (vlevo dole)
• HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "MSMSGS"=-
  "cdoosoft"=-
  "nod32"=-
  "dso32"=-
  "PC Suite Tray"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
  C:\DOCUME~1\Buchy\LOCALS~1\Temp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]

• Kliknete na cervene tlacitko MoveIt!
• Sem pote dejte obsah okna Results (pod zelenou carou)
• Pokud budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles

[Trepifajkslak]

All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dso32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
========== FILES ==========
LoadLibrary failed for C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll moved successfully.
C:\WINDOWS\system32\SET117.tmp moved successfully.
C:\WINDOWS\system32\SET13.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP106.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1ED.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP284.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA7.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI83.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB1.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB10.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB11.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB12.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB13.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB14.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB15.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB16.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB17.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB18.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB2.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB3.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB4.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB5.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB6.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB7.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB8.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDB9.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBA.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBB.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBC.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBD.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBE.tmp moved successfully.
C:\WINDOWS\Internet Logs\xDBF.tmp moved successfully.
C:\WINDOWS\temp\CR_3F.tmp folder moved successfully.
C:\WINDOWS\temp\CR_7.tmp folder moved successfully.
C:\WINDOWS\temp\GUR1.tmp moved successfully.
C:\WINDOWS\temp\GUR2.tmp moved successfully.
C:\WINDOWS\temp\is1A.tmp moved successfully.
C:\WINDOWS\temp\is20.tmp moved successfully.
C:\WINDOWS\temp\is56.tmp moved successfully.
C:\WINDOWS\temp\is58.tmp moved successfully.
C:\WINDOWS\temp\l7m5874b.TMP moved successfully.
C:\WINDOWS\temp\ZLT000a9.TMP moved successfully.
C:\WINDOWS\temp\ZLT00122.TMP moved successfully.
C:\WINDOWS\temp\ZLT00229.TMP moved successfully.
C:\WINDOWS\temp\ZLT002ae.TMP moved successfully.
C:\WINDOWS\temp\ZLT004f8.TMP moved successfully.
C:\WINDOWS\temp\ZLT006a8.TMP moved successfully.
C:\WINDOWS\temp\ZLT00a61.TMP moved successfully.
C:\WINDOWS\temp\ZLT00ac6.TMP moved successfully.
C:\WINDOWS\temp\ZLT00c46.TMP moved successfully.
C:\WINDOWS\temp\ZLT00d1d.TMP moved successfully.
C:\WINDOWS\temp\ZLT00dee.TMP moved successfully.
C:\WINDOWS\temp\ZLT00e03.TMP moved successfully.
C:\WINDOWS\temp\ZLT00ed0.TMP moved successfully.
C:\WINDOWS\temp\ZLT00f8b.TMP moved successfully.
C:\WINDOWS\temp\ZLT01268.TMP moved successfully.
C:\WINDOWS\temp\ZLT013a2.TMP moved successfully.
C:\WINDOWS\temp\ZLT013b2.TMP moved successfully.
C:\WINDOWS\temp\ZLT013f4.TMP moved successfully.
C:\WINDOWS\temp\ZLT0160a.TMP moved successfully.
C:\WINDOWS\temp\ZLT01611.TMP moved successfully.
C:\WINDOWS\temp\ZLT017e1.TMP moved successfully.
C:\WINDOWS\temp\ZLT018d3.TMP moved successfully.
C:\WINDOWS\temp\ZLT01b0b.TMP moved successfully.
C:\WINDOWS\temp\ZLT01d8e.TMP moved successfully.
C:\WINDOWS\temp\ZLT01d8f.TMP moved successfully.
C:\WINDOWS\temp\ZLT02055.TMP moved successfully.
C:\WINDOWS\temp\ZLT02152.TMP moved successfully.
C:\WINDOWS\temp\ZLT0226a.TMP moved successfully.
C:\WINDOWS\temp\ZLT02487.TMP moved successfully.
C:\WINDOWS\temp\ZLT02598.TMP moved successfully.
C:\WINDOWS\temp\ZLT02600.TMP moved successfully.
C:\WINDOWS\temp\ZLT029eb.TMP moved successfully.
C:\WINDOWS\temp\ZLT02ae8.TMP moved successfully.
C:\WINDOWS\temp\ZLT02b7e.TMP moved successfully.
C:\WINDOWS\temp\ZLT02c57.TMP moved successfully.
C:\WINDOWS\temp\ZLT02d81.TMP moved successfully.
C:\WINDOWS\temp\ZLT02d89.TMP moved successfully.
C:\WINDOWS\temp\ZLT02e38.TMP moved successfully.
C:\WINDOWS\temp\ZLT02fe2.TMP moved successfully.
C:\WINDOWS\temp\ZLT030cb.TMP moved successfully.
C:\WINDOWS\temp\ZLT03174.TMP moved successfully.
C:\WINDOWS\temp\ZLT03185.TMP moved successfully.
C:\WINDOWS\temp\ZLT031f2.TMP moved successfully.
C:\WINDOWS\temp\ZLT033f4.TMP moved successfully.
C:\WINDOWS\temp\ZLT03404.TMP moved successfully.
C:\WINDOWS\temp\ZLT03469.TMP moved successfully.
C:\WINDOWS\temp\ZLT034d4.TMP moved successfully.
C:\WINDOWS\temp\ZLT0367c.TMP moved successfully.
C:\WINDOWS\temp\ZLT037d1.TMP moved successfully.
C:\WINDOWS\temp\ZLT0382d.TMP moved successfully.
C:\WINDOWS\temp\ZLT03909.TMP moved successfully.
C:\WINDOWS\temp\ZLT03c67.TMP moved successfully.
C:\WINDOWS\temp\ZLT03ce3.TMP moved successfully.
C:\WINDOWS\temp\ZLT03dba.TMP moved successfully.
C:\WINDOWS\temp\ZLT03df4.TMP moved successfully.
C:\WINDOWS\temp\ZLT03ea6.TMP moved successfully.
C:\WINDOWS\temp\ZLT03fc4.TMP moved successfully.
C:\WINDOWS\temp\ZLT040d0.TMP moved successfully.
C:\WINDOWS\temp\ZLT0414a.TMP moved successfully.
C:\WINDOWS\temp\ZLT04337.TMP moved successfully.
C:\WINDOWS\temp\ZLT0438d.TMP moved successfully.
C:\WINDOWS\temp\ZLT045a3.TMP moved successfully.
C:\WINDOWS\temp\ZLT045ff.TMP moved successfully.
C:\WINDOWS\temp\ZLT047a4.TMP moved successfully.
C:\WINDOWS\temp\ZLT047ca.TMP moved successfully.
C:\WINDOWS\temp\ZLT048de.TMP moved successfully.
C:\WINDOWS\temp\ZLT04ada.TMP moved successfully.
C:\WINDOWS\temp\ZLT04c6f.TMP moved successfully.
C:\WINDOWS\temp\ZLT0519f.TMP moved successfully.
C:\WINDOWS\temp\ZLT053a7.TMP moved successfully.
C:\WINDOWS\temp\ZLT053ca.TMP moved successfully.
C:\WINDOWS\temp\ZLT053fd.TMP moved successfully.
C:\WINDOWS\temp\ZLT05680.TMP moved successfully.
C:\WINDOWS\temp\ZLT05acb.TMP moved successfully.
C:\WINDOWS\temp\ZLT05bcc.TMP moved successfully.
C:\WINDOWS\temp\ZLT05be7.TMP moved successfully.
C:\WINDOWS\temp\ZLT05c76.TMP moved successfully.
C:\WINDOWS\temp\ZLT05dde.TMP moved successfully.
C:\WINDOWS\temp\ZLT05e39.TMP moved successfully.
C:\WINDOWS\temp\ZLT05e77.TMP moved successfully.
C:\WINDOWS\temp\ZLT05ec6.TMP moved successfully.
C:\WINDOWS\temp\ZLT05f8f.TMP moved successfully.
C:\WINDOWS\temp\ZLT05fcc.TMP moved successfully.
C:\WINDOWS\temp\ZLT06007.TMP moved successfully.
C:\WINDOWS\temp\ZLT064aa.TMP moved successfully.
C:\WINDOWS\temp\ZLT065f0.TMP moved successfully.
C:\WINDOWS\temp\ZLT066a9.TMP moved successfully.
C:\WINDOWS\temp\ZLT06b1d.TMP moved successfully.
C:\WINDOWS\temp\ZLT06b22.TMP moved successfully.
C:\WINDOWS\temp\ZLT06bae.TMP moved successfully.
C:\WINDOWS\temp\ZLT06c42.TMP moved successfully.
C:\WINDOWS\temp\ZLT06ce2.TMP moved successfully.
C:\WINDOWS\temp\ZLT06df0.TMP moved successfully.
C:\WINDOWS\temp\ZLT06fde.TMP moved successfully.
C:\WINDOWS\temp\ZLT071cd.TMP moved successfully.
C:\WINDOWS\temp\ZLT071ea.TMP moved successfully.
C:\WINDOWS\temp\ZLT0747f.TMP moved successfully.
C:\WINDOWS\temp\ZLT07730.TMP moved successfully.
C:\WINDOWS\temp\ZLT078e4.TMP moved successfully.
C:\WINDOWS\temp\ZLT07ab1.TMP moved successfully.
C:\WINDOWS\temp\ZLT07ae9.TMP moved successfully.
C:\WINDOWS\temp\ZLT07b04.TMP moved successfully.
C:\WINDOWS\temp\ZLT07cf8.TMP moved successfully.
C:\WINDOWS\temp\ZLT07e26.TMP moved successfully.
C:\WINDOWS\temp\ZLT07ea4.TMP moved successfully.
C:\WINDOWS\temp\ZLT07fc2.TMP moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{FE5F6FFB-51E9-411A-B305-B25F11FCF03A} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{F901FBA7-D2FF-4617-959A-987EE831D117} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{E669A6D6-2E32-4ACD-B74A-EB086C31A5A2} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{E48816B6-297B-43E8-A88A-3BB2F706FC94} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{DF0D3BE0-7AA9-4373-B4BE-A13FB0658F03} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{DB887E18-FB06-400D-A99F-8DB2F587CC8E} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{C10B6865-D6BD-4F23-A390-17E94BBB2483} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{BAF63CD1-A5D6-4477-B05D-129D52C9E6FB} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{B8DF52E5-852E-4DCF-9ECD-C628F3B53740} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{B5A47027-CA76-459A-8099-6A876C0F602F} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{A692CB7C-0CCF-4B4D-8609-E543FC92971E} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{98CEF253-E36A-42AE-AA34-8FA06CA749DB} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{97A29A40-1376-4156-8E35-5D09527234AD} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{94AF3789-569C-4585-9D80-B3DF4EFA1D4A} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{9188196A-4753-442C-9B35-829CD70B2C7A} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{8DB9D207-2852-41B8-9E9E-C5D73B0DA383} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{87F2B3FB-DD15-4879-A832-6C601B62B927} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{8736B2FA-5A5E-414F-A828-54537016DCA0} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{871A8AB3-866A-4DBE-98FB-934E7EB409D0} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{5206425D-5E3E-4076-B8FA-06C49EAD5D86} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{44EB819F-BF58-4D34-9D4B-0349AC3FEA50} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{207614DE-4118-40FA-AAFC-14CA1AF495EE} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{1CB1F113-B396-405E-913D-3ED58F6F7B8B} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{11D0F98D-96DE-40CD-AA09-821D4FA82A7C} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{0B2899E1-649F-4731-BFB8-5D0F709F0A68} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{0737381A-31FF-4FCF-8784-2C722A7A1DE5} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\{0205251B-867B-4D40-B138-1404FB622D3D} folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\WPDNSE folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\WER2e18.dir00 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\NGLATempNokia folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\nCommsTempNokia folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\NccTemp folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\msohtml1\01 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\msohtml1 folder moved successfully.
Folder move failed. C:\DOCUME~1\Buchy\LOCALS~1\temp\IswTmp\Logs scheduled to be moved on reboot.
Folder move failed. C:\DOCUME~1\Buchy\LOCALS~1\temp\IswTmp scheduled to be moved on reboot.
C:\DOCUME~1\Buchy\LOCALS~1\temp\conduit folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\chrome_6651 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\chrome_24379 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\chrome_24216 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\chrome_23806 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\chrome_18746 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\AskSearch folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\7zS183.tmp folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\070510193348 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\041610194206 folder moved successfully.
C:\DOCUME~1\Buchy\LOCALS~1\temp\041610194149 folder moved successfully.
Folder move failed. C:\DOCUME~1\Buchy\LOCALS~1\temp scheduled to be moved on reboot.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator.PEPEK-18NDUBQBC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS.0

User: Buchtaob
->Temp folder emptied: 1745759 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 66125598 bytes
->Google Chrome cache emptied: 10902333 bytes
->Flash cache emptied: 909 bytes

User: Buchy
->Temp folder emptied: 51820 bytes
->Temporary Internet Files folder emptied: 40712027 bytes
->Java cache emptied: 239450 bytes
->FireFox cache emptied: 59523931 bytes
->Google Chrome cache emptied: 230484562 bytes
->Opera cache emptied: 2225924 bytes
->Flash cache emptied: 203591 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User.WINDOWS.0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 2052152 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Monika
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 1985048 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pepek
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 110591594 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78508050 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 578,00 mb


Restore points cleared and new OTM Restore Point set!

OTM by OldTimer - Version 3.1.15.0 log created on 08262010_175537

Files moved on Reboot...
File C:\DOCUME~1\Buchy\LOCALS~1\temp\IswTmp\Logs not found!
File C:\DOCUME~1\Buchy\LOCALS~1\temp\IswTmp not found!
C:\DOCUME~1\Buchy\LOCALS~1\temp folder moved successfully.
File C:\Documents and Settings\Buchy\Local Settings\Temp\IswTmp\Logs\ISWSHEX.swl not found!
C:\WINDOWS\temp\IswTmp\Logs\ISWSHEX.swl.old moved successfully.

Registry entries deleted on Reboot...

[vyosek]

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[Trepifajkslak]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4483

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

26.8.2010 18:20:07
mbam-log-2010-08-26 (18-20-07).txt

Typ skenu: Rychlý sken
Skenované objekty: 206881
Uplynulý čas: 8 minuta(y), 41 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 14

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\eer6ril9.exe (Spyware.OnlineGames) -> No action taken.
C:\i8ikdjwt.exe (Spyware.OnlineGames) -> No action taken.
C:\n6eyw.exe (Worm.Taterf) -> No action taken.
C:\1thes92p.exe (Spyware.OnlineGames) -> No action taken.
C:\33r.exe (Spyware.OnlineGames) -> No action taken.
C:\9rfpp.exe (Spyware.OnlineGames) -> No action taken.
C:\bu8.exe (Worm.Tarterf) -> No action taken.
C:\qhbfqx.exe (Spyware.OnlineGames) -> No action taken.
C:\s1.exe (Spyware.OnlineGames) -> No action taken.
C:\Documents and Settings\Monika\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\Monika\Nabídka Start\Programy\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
C:\cgaqyi.exe (Spyware.OnlineGames) -> No action taken.
C:\p6xebrnt.exe (Spyware.OnlineGames) -> No action taken.
C:\yqq8eqil.exe (Spyware.OnlineGames) -> No action taken.

[vyosek]

Zasrane jak jetel to mate
Vse co nasel MBAM smazte a udelejte kompletni (uplny) sken

[Trepifajkslak]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4483

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

26.8.2010 20:15:23
mbam-log-2010-08-26 (20-15-23).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 313917
Uplynulý čas: 1 hodina(y), 36 minuta(y), 21 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 8

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Monika\Data aplikací\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.
C:\_OTM\MovedFiles\08262010_175537\C_DOCUME~1\Buchy\LOCALS~1\temp\nodqq.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0000007.exe (Worm.Taterf) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0000463.exe (Worm.Taterf) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0001461.exe (Worm.Taterf) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0001478.exe (Worm.Taterf) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0001487.exe (Worm.Taterf) -> No action taken.
C:\System Volume Information\_restore{78CE8562-4B8A-455E-BB7E-E03E3A097EC1}\RP1\A0001501.exe (Worm.Taterf) -> No action taken.

[vyosek]

Vse smaznout...

Jak se chova PC

[Trepifajkslak]

díky moc , už je to lepší

[vyosek]

Nemate zac, ale jeste mi neutikejte uklidim po sobe (utilitach) a udelame zaverecnou kontrolku

MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
  • Vyskoci na Vas okenko, do ktereho zkopirujte text nize

  • Kód: Vybrat vše

    dfrg.msc

  • Kliknete na OK
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Vlozte novy log z RSITu

[Trepifajkslak]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Buchy at 2010-08-27 13:56:41
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (13%) free of 76 GB
Total RAM: 1789 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:56:55, on 27.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Buchy\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Buchy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2405280
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GT Connect.lnk = C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: WirelessSelector.lnk = ?
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (bonjour service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service (flexnet licensing service) - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: InstallDriver Table Manager (idrivert) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7325 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-08-26 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-06 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-08-26 2734688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GT Connect.lnk - C:\Program Files\T-Mobile\GT Connect\GT Connect.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
WirelessSelector.lnk - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDriveAutoRun"=255
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ODEON\JAF\JCOP.EXE"="C:\Program Files\ODEON\JAF\JCOP.EXE:*:Enabled:JCOP"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:Vietcong"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-27 13:56:41 ----D---- C:\rsit
2010-08-27 13:00:23 ----D---- C:\WINDOWS\LastGood
2010-08-27 12:44:08 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-27 08:50:19 ----D---- C:\Documents and Settings\Buchy\Data aplikací\Avira
2010-08-27 08:40:18 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-08-27 08:40:15 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-08-27 08:40:14 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-08-27 08:40:14 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-08-27 08:40:14 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-08-27 08:40:13 ----D---- C:\Program Files\Avira
2010-08-27 08:40:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-08-27 08:20:01 ----D---- C:\Program Files\Defraggler
2010-08-27 07:55:52 ----D---- C:\WINDOWS\ie8updates
2010-08-27 07:52:39 ----HDC---- C:\WINDOWS\ie8
2010-08-26 19:10:19 ----D---- C:\Program Files\Softonic-Eng7
2010-08-26 19:10:10 ----D---- C:\Program Files\GameSpy Arcade
2010-08-26 18:10:18 ----D---- C:\Documents and Settings\Buchy\Data aplikací\Malwarebytes
2010-08-26 18:10:04 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-26 18:10:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-26 18:10:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-26 18:10:02 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-26 16:12:53 ----D---- C:\Program Files\Metin2_TESTER
2010-08-26 14:56:26 ----D---- C:\Program Files\Cenega Czech
2010-08-26 13:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-26 13:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-26 13:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-26 13:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-26 13:42:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-26 13:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-26 13:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-26 13:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-03 17:23:05 ----D---- C:\Documents and Settings\Buchy\Data aplikací\com.bigfatsimulations.airportmadness3.3A85083A650345D1ADAB4572C5816AD2DC9802A3.1
2010-08-03 17:22:48 ----D---- C:\Program Files\AirportMadness3
2010-08-03 17:21:08 ----D---- C:\games
2010-08-03 15:14:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-08-03 13:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-01 13:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-08-27 13:56:53 ----D---- C:\WINDOWS\Prefetch
2010-08-27 13:56:49 ----D---- C:\WINDOWS\Internet Logs
2010-08-27 13:56:44 ----D---- C:\Program Files\trend micro
2010-08-27 13:55:49 ----D---- C:\WINDOWS\temp
2010-08-27 13:55:49 ----D---- C:\WINDOWS
2010-08-27 13:01:14 ----HD---- C:\WINDOWS\inf
2010-08-27 13:01:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-27 13:01:13 ----D---- C:\WINDOWS\system32
2010-08-27 13:01:06 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-27 12:44:07 ----D---- C:\WINDOWS\repair
2010-08-27 12:44:05 ----D---- C:\WINDOWS\Registration
2010-08-27 11:35:59 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-27 08:40:18 ----D---- C:\WINDOWS\system32\drivers
2010-08-27 08:40:13 ----RD---- C:\Program Files
2010-08-27 08:39:17 ----SHD---- C:\WINDOWS\Installer
2010-08-27 08:39:17 ----D---- C:\Config.Msi
2010-08-27 08:39:16 ----D---- C:\WINDOWS\WinSxS
2010-08-27 08:18:52 ----SHD---- C:\System Volume Information
2010-08-27 08:18:52 ----D---- C:\WINDOWS\system32\Restore
2010-08-27 08:16:21 ----D---- C:\Program Files\Ask.com
2010-08-27 08:12:22 ----D---- C:\WINDOWS\Minidump
2010-08-27 08:12:22 ----D---- C:\WINDOWS\Debug
2010-08-27 08:08:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-27 08:02:05 ----D---- C:\WINDOWS\system32\cs-cz
2010-08-27 08:02:04 ----D---- C:\WINDOWS\Media
2010-08-27 08:02:04 ----D---- C:\WINDOWS\Help
2010-08-27 08:02:04 ----D---- C:\Program Files\Internet Explorer
2010-08-27 08:00:36 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-27 07:47:12 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-26 18:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2010-08-26 18:03:13 ----SD---- C:\WINDOWS\Tasks
2010-08-26 17:56:31 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-26 17:45:10 ----RD---- C:\Program Files\Skype
2010-08-26 17:44:49 ----RSD---- C:\WINDOWS\assembly
2010-08-26 17:42:44 ----D---- C:\Documents and Settings\Buchy\Data aplikací\uTorrent
2010-08-26 16:54:07 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-26 13:41:59 ----D---- C:\Program Files\Movie Maker
2010-08-25 20:10:07 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-08-03 17:22:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-08-03 17:22:20 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-03 17:21:29 ----D---- C:\Documents and Settings\Buchy\Data aplikací\Adobe
2010-08-03 11:09:32 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-05-04 64160]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 filedisk;filedisk; C:\WINDOWS\system32\drivers\filedisk.sys [2004-06-09 10556]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-08-03 18688]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-06-21 547072]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-08-03 321536]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2007-05-16 42368]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-05-10 208576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2008-07-24 15264]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-06-29 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-06-29 25512]
S3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2006-10-31 8064]
S3 GTUQBUS;GT UQ BUS; C:\WINDOWS\system32\DRIVERS\gtuqbus.sys [2006-10-31 36992]
S3 netrcacm;RCA USB Digital Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\netrcacm.sys [2003-01-20 20648]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2008-07-24 47744]
S3 wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 bonjour service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 GtFlashSwitch;GtFlashSwitch; C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-07 1029456]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-19 348344]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 flexnet licensing service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-21 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idrivert;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1c98693303ccbd8;Google Update Service (gupdate1c98693303ccbd8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-06 152984]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy - mate tam Softonic-Eng7 Toolbar

Doporucuji odinstalovat Ad-Aware - program ma jiz ukoncen vyvoj a neni tudiz schopen celit aktualnim hrozbam

• Nahrady za Ad-Aware:
  • Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
  • SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
• Samozrejme pouzivejte jen jeden z nich
• Osoben doporucuji SuperAntiSpyware

Otevrete si poznamkovy blok

• Start->spustit->notepad
• Vlozte text nize

• Kód: Vybrat vše

  Windows Registry Editor Version 5.00
  
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}"=-

• Soubor ulozte jako oprava.reg
• Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
• 
• Zavrit notepad a spustit dvojklikem oprava.reg
• Pripadny dotaz na zmenu registru potvrdte
• Okno jen problikne a opravi regsitry - soubor muzete smazat

Jinak log vypada OK

[Trepifajkslak]

děkuji moc ,ale s ad-aware bude menší problém - v přidat nebo odebrat programy vůbec není možné odebrat tento program ,když chci odinstalovat přes ccleaner píše že nenachází Ad-AwareAE.msi a totéž když ho chci odinstalovat přímo v programu tak co stím ?

[vyosek]

Zkuste pres Revo Uninstaller http://www.stahuj.centrum.cz/utility_a_ ... installer/
Pokud nepujde, tak ho vezmem po hlave skriptem