Nahodna blue death

[DutchCZE]

Zdravim Vas, a prosim o pomoc
Nahodne naskakuje bluedeath... pokousel jsem se na to prijit ale nepovedlo se. Teploty OK, registry, temp, atd. cistene
posledni BD byla s chybovou hlaskou:

Kód: Vybrat vše

STOP:0x0000008E
***(0xC0000005, 0xBF60856A, 0xA93D8A48, 0X00000000)
***Antivavvaxx.dll - Addres BF60856A base at BF 557000, DateStamp 4af19825

Chtel jsem uploadnout Minidump ale po cisteni PC zmiznul...

[Rudy]

Soubor Antivavvaxx.dll, na který hláška odkazuje, asi nebude legitimní. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

[DutchCZE]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jan at 2010-11-18 22:44:39
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 30 GB (42%) free of 70 GB
Total RAM: 3582 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:44:45, on 18.11.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
F:\!!! ETcko od Peti\etmin\etmin.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Jan\Dokumenty\Stažené soubory\RSIT(3).exe
C:\Program Files\trend micro\Jan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - etmin.lnk = F:\!!! ETcko od Peti\etmin\etmin.exe
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2009\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2009\\Wizard.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Sandra Lite 2010c\RpcAgentSrv.exe

--
End of file - 7265 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-09-15 2745696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-03-27 362232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
m‘|\ü []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LeechGet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-03-27 5107232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-06-28 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-07-12 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jan^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

C:\Documents and Settings\Jan\Nabídka Start\Programy\Po spuštění
Zástupce - etmin.lnk - F:\!!! ETcko od Peti\etmin\etmin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"F:\!!! ETcko od Peti\ET.exe"="F:\!!! ETcko od Peti\ET.exe:*:Enabled:ET"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Sandra Lite 2010c\RpcAgentSrv.exe"="C:\Sandra Lite 2010c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Sandra Lite 2010c\WNt500x86\sandra.mui"="C:\Sandra Lite 2010c\WNt500x86\sandra.mui:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\InterVideo\DVD6\WinDVD.exe"="C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG10\avgdiagex.exe"="C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011"
"C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG10\avgam.exe"="C:\Program Files\AVG\AVG10\avgam.exe:*:Enabled:Správce událostí AVG"
"C:\Program Files\AVG\AVG10\avgemcx.exe"="C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Sandra Lite 2010c\WNt500x86\RpcSandraSrv.exe"="C:\Sandra Lite 2010c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-11-18 22:25:48 ----A---- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000002-80661102}.BAK
2010-11-18 18:13:34 ----D---- C:\Program Files\Defraggler
2010-11-18 17:30:52 ----D---- C:\Documents and Settings\Jan\Data aplikací\Sun
2010-11-14 15:11:46 ----HD---- C:\Program Files\Zero G Registry
2010-11-06 22:29:03 ----D---- C:\Avenger
2010-11-06 22:29:03 ----A---- C:\avenger.txt
2010-11-06 10:58:13 ----D---- C:\32788R22FWJFW
2010-11-05 22:15:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-11-05 21:20:01 ----D---- C:\Qoobox
2010-11-05 21:09:13 ----HD---- C:\$AVG
2010-11-05 20:57:54 ----D---- C:\Documents and Settings\Jan\Data aplikací\AVG10
2010-11-05 20:55:12 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2010-11-05 20:54:18 ----D---- C:\WINDOWS\system32\drivers\AVG
2010-11-05 20:54:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2010-11-05 20:53:43 ----D---- C:\Program Files\AVG
2010-11-05 20:52:31 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-11-05 20:52:28 ----D---- C:\Program Files\CleanMyPC
2010-11-05 20:49:35 ----D---- C:\Program Files\RegCleaner
2010-11-05 20:42:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2010-11-05 17:55:50 ----D---- C:\Documents and Settings\Jan\Data aplikací\Uniblue
2010-11-02 19:21:40 ----D---- C:\Program Files\ATI Technologies
2010-11-02 19:12:41 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-11-02 19:12:41 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-11-02 19:12:41 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-11-02 19:12:38 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-11-02 19:12:38 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-11-02 19:12:38 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-11-02 19:12:38 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-11-02 19:12:38 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-11-02 19:12:37 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-11-02 19:12:36 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-11-02 19:12:36 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-11-02 19:12:36 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-11-02 19:12:36 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-11-02 19:12:36 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-11-02 19:12:35 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-11-02 19:12:35 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-11-02 19:12:35 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-11-02 19:12:35 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-11-02 19:12:34 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-11-02 19:12:32 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-11-02 19:12:31 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-11-02 19:12:31 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-11-02 19:12:22 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-11-02 19:12:22 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-11-02 19:12:22 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-11-02 17:02:57 ----D---- C:\Program Files\ATI Stream
2010-10-24 19:03:15 ----D---- C:\DVD
2010-10-24 19:01:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-10-24 19:01:12 ----D---- C:\Program Files\DVD Shrink
2010-10-24 18:52:48 ----A---- C:\WINDOWS\NeroDigital.ini
2010-10-24 17:50:16 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2010-10-24 17:50:16 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\picn20.dll
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-10-24 17:50:06 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-10-24 17:50:06 ----D---- C:\Program Files\Common Files\Ahead
2010-10-24 17:50:06 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-10-24 17:50:06 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-10-24 17:50:02 ----D---- C:\Program Files\Nero
2010-10-24 17:46:37 ----D---- C:\Documents and Settings\Jan\Data aplikací\DVD Flick
2010-10-24 17:46:18 ----A---- C:\WINDOWS\system32\ssubtmr6.dll
2010-10-24 17:46:17 ----D---- C:\Program Files\DVD Flick
2010-10-24 17:42:43 ----D---- C:\Documents and Settings\Jan\Data aplikací\Vso
2010-10-19 13:51:54 ----D---- C:\Program Files\Game Booster
2010-10-19 13:51:54 ----D---- C:\Documents and Settings\Jan\Data aplikací\IObit

======List of files/folders modified in the last 1 months======

2010-11-18 22:44:43 ----D---- C:\Program Files\trend micro
2010-11-18 22:44:35 ----D---- C:\WINDOWS\Prefetch
2010-11-18 22:36:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-18 22:34:29 ----D---- C:\Documents and Settings\Jan\Data aplikací\ICQ
2010-11-18 22:26:09 ----D---- C:\WINDOWS\Temp
2010-11-18 22:25:54 ----D---- C:\WINDOWS
2010-11-18 22:25:49 ----D---- C:\WINDOWS\system32
2010-11-18 19:31:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-18 18:18:14 ----D---- C:\Documents and Settings\Jan\Data aplikací\HLSW
2010-11-18 18:13:34 ----RD---- C:\Program Files
2010-11-18 17:19:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\IconTweaker
2010-11-18 17:18:39 ----D---- C:\WINDOWS\Minidump
2010-11-17 22:19:20 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-15 17:01:21 ----SHD---- C:\WINDOWS\Installer
2010-11-15 17:01:16 ----D---- C:\Program Files\Ask.com
2010-11-15 17:01:15 ----SD---- C:\WINDOWS\Tasks
2010-11-15 17:01:15 ----HD---- C:\Config.Msi
2010-11-14 23:58:08 ----D---- C:\Documents and Settings\Jan\Data aplikací\HPAppData
2010-11-14 14:23:04 ----SD---- C:\Documents and Settings\Jan\Data aplikací\Microsoft
2010-11-13 19:55:15 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-11-08 00:13:35 ----D---- C:\WINDOWS\system32\drivers
2010-11-06 01:10:46 ----SHD---- C:\System Volume Information
2010-11-06 01:10:06 ----HD---- C:\WINDOWS\inf
2010-11-05 22:15:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-05 21:53:45 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-03 22:01:43 ----RASH---- C:\boot.ini
2010-11-03 22:01:43 ----A---- C:\WINDOWS\win.ini
2010-11-03 22:01:43 ----A---- C:\WINDOWS\system.ini
2010-11-03 22:01:41 ----D---- C:\WINDOWS\pss
2010-11-03 21:18:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-03 21:18:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-10-31 20:03:15 ----D---- C:\Program Files\SpeedFan
2010-10-31 18:38:47 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml8.tmp
2010-10-31 18:38:47 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml4E.tmp
2010-10-31 18:38:46 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml4C.tmp
2010-10-31 18:34:02 ----D---- C:\Program Files\Mozilla Thunderbird
2010-10-31 17:48:09 ----D---- C:\Program Files\ICQ7.2
2010-10-31 12:57:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-28 12:34:28 ----D---- C:\Program Files\Mozilla Firefox
2010-10-24 17:50:06 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2009-04-28 44944]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-08-09 166272]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2010-08-09 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-08-09 581984]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2010-09-07 298448]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-08-09 160704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-04 4423168]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-04-08 101904]
R3 avgfwdx;avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-12 30432]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 26192]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-22 222672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
S3 avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-07-12 30432]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
S3 SANDRA;SANDRA; \??\C:\Sandra Lite 2010c\WNt500x86\Sandra.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-03-27 751464]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-08-09 2480048]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-04 602112]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG10\avgfws.exe [2010-09-10 3210176]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-13 75136]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-06 136176]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Sandra Lite 2010c\RpcAgentSrv.exe [2009-08-24 93336]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix. Nějaký problém tam bude.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[DutchCZE]

Dekuji za Vasi odpoved
ComboFix tvrdosijne vyzadoval uninstal AVG... to jsem si nabehl!!! AVG se zle vzpouzelo, vcetne nepristupneho internetu (drivery sitovky) a nemoznosti vratit puvodni drivery. Nakonec (cca 20min) se podaril ten povedeny antivir obejit... Uz me na PC AVG nesmi

Zde je log z CF:

ComboFix 10-11-18.05 - Jan 19.11.2010 20:44:40.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3186 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jan\Dokumenty\Stažené soubory\ComboFix.exe

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\helper.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


((((((((((((((((((((((((( Soubory vytvořené od 2010-10-19 do 2010-11-19 )))))))))))))))))))))))))))))))
.

2010-11-05 19:57 . 2010-11-05 19:57 -------- d-----w- c:\documents and settings\Jan\Data aplikací\AVG10
2010-11-05 19:55 . 2010-11-05 19:55 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2010-11-05 19:54 . 2010-11-19 19:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2010-11-05 19:53 . 2010-11-19 19:41 -------- d-----w- c:\program files\AVG
2010-11-05 19:52 . 2010-11-19 19:41 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2010-11-05 19:52 . 2010-11-05 19:52 -------- d-----w- c:\program files\CleanMyPC
2010-11-05 19:49 . 2010-11-05 20:13 -------- d-----w- c:\program files\RegCleaner
2010-11-05 19:42 . 2010-11-05 19:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2010-11-05 16:55 . 2010-11-05 16:55 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Uniblue
2010-11-05 16:17 . 2010-11-05 16:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\PackageAware
2010-11-02 18:21 . 2010-11-02 18:22 -------- d-----w- c:\program files\ATI Technologies
2010-11-02 16:02 . 2010-11-02 16:02 -------- d-----w- c:\program files\ATI Stream
2010-10-24 18:03 . 2010-10-24 18:08 -------- d-----w- C:\DVD
2010-10-24 18:01 . 2010-10-24 18:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2010-10-24 18:01 . 2010-10-24 18:01 -------- d-----w- c:\program files\DVD Shrink
2010-10-24 17:53 . 2010-10-24 17:53 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\Ahead
2010-10-24 16:50 . 2004-03-03 19:30 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-10-24 16:50 . 2004-03-03 19:30 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-10-24 16:50 . 2010-10-24 16:50 -------- d-----w- c:\program files\Common Files\Ahead
2010-10-24 16:50 . 2004-07-20 15:24 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-10-24 16:50 . 2004-07-20 15:24 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-10-24 16:50 . 2004-07-20 15:24 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-10-24 16:50 . 2004-07-20 15:24 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-10-24 16:50 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-10-24 16:50 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-10-24 16:50 . 2001-06-26 06:15 38912 ------w- c:\windows\system32\picn20.dll
2010-10-24 16:50 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-10-24 16:50 . 2010-10-24 16:50 -------- d-----w- c:\program files\Nero
2010-10-24 16:46 . 2010-10-24 18:13 -------- d-----w- c:\documents and settings\Jan\Data aplikací\DVD Flick
2010-10-24 16:46 . 2008-08-31 11:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2010-10-24 16:46 . 2007-08-31 16:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2010-10-24 16:46 . 2004-03-08 22:00 662288 ----a-w- c:\windows\system32\mscomct2.ocx
2010-10-24 16:46 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
2010-10-24 16:46 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2010-10-24 16:46 . 1998-06-23 22:00 164144 ----a-w- c:\windows\system32\comct232.ocx
2010-10-24 16:46 . 2010-10-24 16:46 -------- d-----w- c:\program files\DVD Flick
2010-10-24 16:42 . 2010-10-24 16:43 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Vso

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-17 21:19 . 2010-08-07 21:11 234392 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-17 21:19 . 2010-08-07 21:11 234392 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-17 18:53 . 2010-08-07 21:20 138904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-13 18:55 . 2010-08-07 21:10 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-31 17:38 . 2010-09-23 22:33 13815 ----a-w- c:\documents and settings\All Users\Data aplikací\xml8.tmp
2010-10-31 17:38 . 2010-08-12 17:50 2267 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4E.tmp
2010-10-31 17:38 . 2010-08-12 17:50 5898 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4C.tmp
2010-09-13 15:27 . 2010-09-13 15:27 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2010-09-07 02:49 . 2010-09-07 02:49 298448 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-09-07 02:48 . 2010-09-07 02:48 34384 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-09-07 02:48 . 2010-09-07 02:48 249424 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-09-07 02:48 . 2010-09-07 02:48 26064 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-09-01 11:25 . 2010-08-12 17:50 0 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4D.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Jan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Z stupce - etmin.lnk - f:\!!! etcko od peti\etmin\etmin.exe [2009-10-8 24064]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jan^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Jan\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
m‘|\ü [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-03-27 14:07 362232 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 14:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2010-03-27 14:06 5107232 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-06-28 21:39 74752 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"f:\\!!! ETcko od Peti\\ET.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Sandra Lite 2010c\\RpcAgentSrv.exe"=
"c:\\Sandra Lite 2010c\\WNt500x86\\sandra.mui"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Sandra Lite 2010c\\WNt500x86\\RpcSandraSrv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [7.8.2010 22:26 5248]
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13.9.2010 16:27 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 3:48 26064]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [9.8.2010 23:53 911680]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7.9.2010 3:49 298448]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [9.8.2010 23:53 2480048]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7.8.2010 23:02 246520]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [9.8.2010 23:53 160704]
S0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys --> c:\windows\system32\DRIVERS\a347bus.sys [?]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.9.2010 3:48 249424]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.9.2010 19:57 136176]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19.8.2010 21:42 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19.8.2010 21:42 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19.8.2010 21:42 26192]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\sandra lite 2010c\RpcAgentSrv.exe [12.8.2010 18:39 93336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-06 18:57]

2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-06 18:57]

2010-11-19 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = hxxp://start.icq.com/
IE: Analyzovat LeechGetem - file://c:\program files\LeechGet 2009\\Parser.html
IE: Download LeechGetem - file://c:\program files\LeechGet 2009\\AddUrl.html
IE: Download s průvodcem LeechGetu - file://c:\program files\LeechGet 2009\\Wizard.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jan\Data aplikací\Mozilla\Firefox\Profiles\bvhnkaez.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2228)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-11-19 20:49:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-19 19:49

Před spuštěním: Volných bajtů: 31 124 914 176
Po spuštění: Volných bajtů: 31 020 285 952

- - End Of File - - 08ECEF15D0623CD3F7A38A796AB3AAAC

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[DutchCZE]

Prave ted BD:
hlaseni chyby: atiduag.dll-addres BF294ED5 base at BF1FC000, DateStamp 4af19b5a.

nyni spustim script pro CF a dam log.
Zatim velice dekuji

[Rudy]

Pravděpodobně máte poškozen ovladač gr. karty. Zkuste ho přeinstalovat.

[DutchCZE]

Pravděpodobně máte poškozen ovladač gr. karty. Zkuste ho přeinstalovat.

Zkousel jsem uz cca 3 verze driveru od ati...
Zde je log z CF:

ComboFix 10-11-18.05 - Jan 19.11.2010 23:01:35.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3202 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jan\Plocha\CFScript.txt

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jan\Dokumenty\cc_20101119_210151.reg
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_48.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-19 do 2010-11-19 )))))))))))))))))))))))))))))))
.

2010-11-19 20:28 . 2010-01-12 05:35 100896 ----a-w- c:\windows\system32\RTNUninst32.dll
2010-11-19 20:28 . 2010-01-12 05:35 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-11-18 17:13 . 2010-11-18 17:13 -------- d-----w- c:\program files\Defraggler
2010-11-14 14:11 . 2010-11-14 15:41 -------- d-----w- c:\documents and settings\Jan\.LOGOComfort6
2010-11-14 14:11 . 2010-11-14 14:11 -------- d--h--w- c:\program files\Zero G Registry
2010-11-14 14:10 . 2010-11-14 14:10 -------- d--h--w- c:\documents and settings\Jan\InstallAnywhere
2010-11-06 09:58 . 2010-11-06 09:58 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-11-05 19:57 . 2010-11-05 19:57 -------- d-----w- c:\documents and settings\Jan\Data aplikací\AVG10
2010-11-05 19:55 . 2010-11-05 19:55 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2010-11-05 19:54 . 2010-11-19 19:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2010-11-05 19:53 . 2010-11-19 19:41 -------- d-----w- c:\program files\AVG
2010-11-05 19:52 . 2010-11-19 19:41 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2010-11-05 19:52 . 2010-11-05 19:52 -------- d-----w- c:\program files\CleanMyPC
2010-11-05 19:49 . 2010-11-05 20:13 -------- d-----w- c:\program files\RegCleaner
2010-11-05 19:42 . 2010-11-05 19:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2010-11-05 16:55 . 2010-11-05 16:55 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Uniblue
2010-11-05 16:17 . 2010-11-05 16:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\PackageAware
2010-11-02 18:21 . 2010-11-02 18:22 -------- d-----w- c:\program files\ATI Technologies
2010-11-02 16:02 . 2010-11-02 16:02 -------- d-----w- c:\program files\ATI Stream
2010-10-24 18:03 . 2010-10-24 18:08 -------- d-----w- C:\DVD
2010-10-24 18:01 . 2010-10-24 18:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2010-10-24 18:01 . 2010-10-24 18:01 -------- d-----w- c:\program files\DVD Shrink
2010-10-24 17:53 . 2010-10-24 17:53 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\Ahead
2010-10-24 16:50 . 2004-03-03 19:30 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-10-24 16:50 . 2004-03-03 19:30 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-10-24 16:50 . 2010-10-24 16:50 -------- d-----w- c:\program files\Common Files\Ahead
2010-10-24 16:50 . 2004-07-20 15:24 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-10-24 16:50 . 2004-07-20 15:24 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-10-24 16:50 . 2004-07-20 15:24 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-10-24 16:50 . 2004-07-20 15:24 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-10-24 16:50 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-10-24 16:50 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-10-24 16:50 . 2001-06-26 06:15 38912 ------w- c:\windows\system32\picn20.dll
2010-10-24 16:50 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-10-24 16:50 . 2010-10-24 16:50 -------- d-----w- c:\program files\Nero
2010-10-24 16:46 . 2010-10-24 18:13 -------- d-----w- c:\documents and settings\Jan\Data aplikací\DVD Flick
2010-10-24 16:46 . 2008-08-31 11:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2010-10-24 16:46 . 2007-08-31 16:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2010-10-24 16:46 . 2004-03-08 22:00 662288 ----a-w- c:\windows\system32\mscomct2.ocx
2010-10-24 16:46 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
2010-10-24 16:46 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2010-10-24 16:46 . 1998-06-23 22:00 164144 ----a-w- c:\windows\system32\comct232.ocx
2010-10-24 16:46 . 2010-10-24 16:46 -------- d-----w- c:\program files\DVD Flick
2010-10-24 16:42 . 2010-10-24 16:43 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Vso

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-19 21:14 . 2010-08-07 21:20 138904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-19 21:13 . 2010-08-07 21:11 234392 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-19 21:13 . 2010-08-07 21:11 234392 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-13 18:55 . 2010-08-07 21:10 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-31 17:38 . 2010-09-23 22:33 13815 ----a-w- c:\documents and settings\All Users\Data aplikací\xml8.tmp
2010-10-31 17:38 . 2010-08-12 17:50 2267 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4E.tmp
2010-10-31 17:38 . 2010-08-12 17:50 5898 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4C.tmp
2010-09-13 15:27 . 2010-09-13 15:27 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2010-09-07 02:49 . 2010-09-07 02:49 298448 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-09-07 02:48 . 2010-09-07 02:48 34384 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-09-07 02:48 . 2010-09-07 02:48 249424 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-09-07 02:48 . 2010-09-07 02:48 26064 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-09-01 11:25 . 2010-08-12 17:50 0 ----a-w- c:\documents and settings\All Users\Data aplikací\xml4D.tmp
.

((((((((((((((((((((((((((((( SnapShot@2010-11-19_19.48.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-19 20:28 . 2010-01-12 05:35 80416 c:\windows\system32\ReinstallBackups\0023\DriverFiles\RtNicProp32.dll
+ 2010-11-19 20:28 . 2010-01-12 05:35 100896 c:\windows\system32\ReinstallBackups\0023\DriverFiles\RTNUninst32.dll
+ 2010-11-19 20:28 . 2010-03-22 08:30 222672 c:\windows\system32\ReinstallBackups\0023\DriverFiles\Rtenicxp.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Jan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Z stupce - etmin.lnk - f:\!!! etcko od peti\etmin\etmin.exe [2009-10-8 24064]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jan^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Jan\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
m‘|\ü [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-03-27 14:07 362232 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 14:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2010-03-27 14:06 5107232 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-06-28 21:39 74752 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"f:\\!!! ETcko od Peti\\ET.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Sandra Lite 2010c\\RpcAgentSrv.exe"=
"c:\\Sandra Lite 2010c\\WNt500x86\\sandra.mui"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Sandra Lite 2010c\\WNt500x86\\RpcSandraSrv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [7.8.2010 22:26 5248]
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13.9.2010 16:27 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 3:48 26064]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [9.8.2010 23:53 911680]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7.9.2010 3:49 298448]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [9.8.2010 23:53 2480048]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7.8.2010 23:02 246520]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [9.8.2010 23:53 160704]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
S0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys --> c:\windows\system32\DRIVERS\a347bus.sys [?]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.9.2010 3:48 249424]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.9.2010 19:57 136176]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19.8.2010 21:42 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19.8.2010 21:42 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19.8.2010 21:42 26192]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\sandra lite 2010c\RpcAgentSrv.exe [12.8.2010 18:39 93336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-06 18:57]

2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-06 18:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = hxxp://start.icq.com/
IE: Analyzovat LeechGetem - file://c:\program files\LeechGet 2009\\Parser.html
IE: Download LeechGetem - file://c:\program files\LeechGet 2009\\AddUrl.html
IE: Download s průvodcem LeechGetu - file://c:\program files\LeechGet 2009\\Wizard.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jan\Data aplikací\Mozilla\Firefox\Profiles\bvhnkaez.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-19 23:04
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1372)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-11-19 23:05:33
ComboFix-quarantined-files.txt 2010-11-19 22:05
ComboFix2.txt 2010-11-19 19:49

Před spuštěním: Volných bajtů: 30 981 730 304
Po spuštění: Volných bajtů: 30 959 742 976

- - End Of File - - 03BBD2850EDB0D17AA67BC41374E222C

[Rudy]

1. Log již vypadá čistý.
2. Ovladač kompletně odinstalujte, registry vyčistěte CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a pak nainstalujte nejnovější verzi.

[DutchCZE]

.......... pak nainstalujte nejnovější verzi.

Podle mych zkusenosti update u ATI na posledni verzi defacto vzdy prinese snizeni FPS a BD skace stejne a pokazde s jinym chyb. hlasenim. Nej verze (ohledne FPS) je rada 9.xx.

Za pomoc pri vycisteni PC velice dekuji

[Rudy]

Podle mych zkusenosti update u ATI na posledni verzi defacto vzdy prinese snizeni FPS....

.

To je možné, právě kvůli problémům s ovladači nejsem příznivec GK ATI. Pak musíte vybrat takový, o kterém je obecně známo, že nepřináší nějaké problémy. Zkuste si zagooglit, něco najdete. Nemáte zač!