Vytížený počítač skoro na maximum

[petredgar]

Dobrý den!
Po instalaci nějakého softwaru (bylo více, netušil jsem, že bude některý z nich vadný) se mi začal počítač vytěžovat na skoro maximum, přestože nic nedělám. Nejvíc vytížené jsou procesy svchost.exe a System.
Při startu jsem viděl na chvíli spuštěných několik procesů typu "x.exe", kde x bylo celkem náhodné číslo. Asi se schovali do jiných a teď nevím, jak se toho zbavit. Prosím o pomoc!:)
Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-11-24 14:44:21
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 27 GB (12%) free of 228 GB
Total RAM: 1788 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:14, on 24.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\services.exe
C:\Windows\System32\wuaucldt.exe
C:\windows\system32\taskmgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Users\Petr\AppData\Local\Temp\8912837.exe
C:\windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\wuauclt.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wifi.vkol.cz:3128
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [services] C:\Windows\services.exe
O4 - HKLM\..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SSDruid] "C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe" /startup
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [wuaucldt] c:\users\petr\wuaucldt.exe
O4 - HKCU\..\Run: [MSConfig] C:\Users\Petr\kcv.exe \u
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate1c99f0fa0068f00) (gupdate1c99f0fa0068f00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7591 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-24 202256]
"services"=C:\Windows\services.exe [2010-11-23 45568]
"wuaucldt"=c:\windows\system32\wuaucldt.exe [2010-11-24 33280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-25 133104]
"SSDruid"=C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe [2003-01-23 1511424]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"wuaucldt"=c:\users\petr\wuaucldt.exe [2010-11-24 33280]
"MSConfig"=C:\Users\Petr\kcv.exe [2010-11-24 18432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
20Dollars2Surf.lnk - C:\Program Files\20Dollars2Surf\20dollars2surf.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\blbfzcbr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\blbfzcbr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-11-24 13:56:03 ----D---- C:\Program Files\Convert AVI to MP4
2010-11-24 13:54:54 ----RA---- C:\Users\Petr\AppData\Roaming\BG0Ai.txt
2010-11-24 10:02:43 ----A---- C:\windows\system32\wuaucldt.exe
2010-11-23 19:50:00 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2010-11-23 19:49:59 ----A---- C:\windows\system32\WUDFx.dll
2010-11-23 19:49:59 ----A---- C:\windows\system32\WUDFSvc.dll
2010-11-23 19:49:59 ----A---- C:\windows\system32\WUDFPlatform.dll
2010-11-23 19:49:59 ----A---- C:\windows\system32\WUDFHost.exe
2010-11-23 19:49:59 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2010-11-23 19:49:59 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2010-11-23 19:30:01 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2010-11-23 19:30:01 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2010-11-23 19:28:56 ----D---- C:\Users\Petr\AppData\Roaming\PC Suite
2010-11-23 19:28:55 ----D---- C:\Users\Petr\AppData\Roaming\Nokia
2010-11-23 19:28:54 ----D---- C:\ProgramData\PC Suite
2010-11-23 19:27:49 ----D---- C:\Program Files\Common Files\PCSuite
2010-11-23 19:27:45 ----D---- C:\Program Files\Common Files\Nokia
2010-11-23 19:26:51 ----D---- C:\Program Files\DIFX
2010-11-23 19:26:47 ----A---- C:\windows\system32\drivers\pccsmcfd.sys
2010-11-23 19:25:37 ----DC---- C:\windows\system32\DRVSTORE
2010-11-23 19:25:08 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-23 19:18:44 ----A---- C:\windows\system32\nmwcdcls.dll
2010-11-23 19:18:43 ----D---- C:\Program Files\Nokia
2010-11-23 19:15:16 ----D---- C:\ProgramData\Installations
2010-11-23 19:08:29 ----D---- C:\Users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers
2010-11-23 19:05:22 ----D---- C:\Program Files\DVDVideoSoft
2010-11-23 19:05:22 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-11-23 14:11:40 ----A---- C:\windows\services.exe
2010-11-23 12:47:00 ----A---- C:\windows\system32\drivers\blbfzcbr.sys
2010-11-23 12:40:18 ----RSH---- C:\Users\Petr\AppData\Roaming\juzjf.exe
2010-11-22 10:44:31 ----RSH---- C:\Users\Petr\AppData\Roaming\nsvb.exe
2010-11-02 21:34:07 ----D---- C:\Users\Petr\AppData\Roaming\.minecraft
2010-11-02 11:04:02 ----D---- C:\Program Files\StrongDC++

======List of files/folders modified in the last 1 months======

2010-11-24 14:44:23 ----AD---- C:\windows\Temp
2010-11-24 14:44:22 ----D---- C:\Program Files\trend micro
2010-11-24 14:36:39 ----D---- C:\Windows
2010-11-24 14:36:05 ----D---- C:\ProgramData\hpqLog
2010-11-24 14:25:23 ----D---- C:\Program Files\mIRC
2010-11-24 14:09:28 ----SHD---- C:\System Volume Information
2010-11-24 14:08:31 ----D---- C:\windows\system32\drivers
2010-11-24 14:01:56 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2010-11-24 13:56:03 ----RD---- C:\Program Files
2010-11-24 13:53:01 ----D---- C:\windows\rescache
2010-11-24 10:02:43 ----D---- C:\windows\System32
2010-11-24 02:13:37 ----AD---- C:\windows\system32\cs-CZ
2010-11-23 23:31:36 ----D---- C:\Program Files\Warcraft III
2010-11-23 20:41:48 ----D---- C:\Program Files\Garena
2010-11-23 19:56:01 ----D---- C:\windows\Prefetch
2010-11-23 19:52:21 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-11-23 19:52:20 ----D---- C:\windows\inf
2010-11-23 19:50:40 ----D---- C:\windows\winsxs
2010-11-23 19:50:32 ----D---- C:\windows\system32\catroot
2010-11-23 19:49:41 ----D---- C:\windows\system32\drivers\UMDF
2010-11-23 19:44:14 ----D---- C:\windows\system32\catroot2
2010-11-23 19:44:01 ----D---- C:\windows\system32\wbem
2010-11-23 19:44:01 ----D---- C:\windows\system32\drivers\cs-CZ
2010-11-23 19:28:54 ----D---- C:\ProgramData
2010-11-23 19:28:29 ----SHD---- C:\windows\Installer
2010-11-23 19:27:49 ----D---- C:\Program Files\Common Files
2010-11-23 18:40:50 ----A---- C:\windows\ScrAntic.ini
2010-11-22 23:30:24 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-11-21 21:49:33 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2010-11-21 14:00:25 ----D---- C:\ProgramData\TrackMania
2010-11-12 19:39:59 ----D---- C:\windows\system32\Tasks
2010-11-02 19:29:23 ----HD---- C:\jexepackres

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 blbfzcbr;blbfzcbr; C:\windows\System32\Drivers\blbfzcbr.sys [2010-11-23 40128]
R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2008-05-30 108752]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2008-05-30 51376]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2008-05-30 12928]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-07-14 207688]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-07-14 55176]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-12-16 56816]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 ahvda34r;ahvda34r; C:\windows\system32\drivers\ahvda34r.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-02-14 1331192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Petr\AppData\Local\Temp\FZW3559.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-07-14 79240]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-07-14 35240]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-07-14 34152]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c99f0fa0068f00;Google Update Service (gupdate1c99f0fa0068f00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
S4 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
S4 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S4 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
S4 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S4 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-25 66872]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-01-15 202040]

-----------------EOF-----------------

[JaRon]

O4 - HKLM\..\Run: [services] C:\Windows\services.exe
O4 - HKLM\..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe
O4 - HKCU\..\Run: [wuaucldt] c:\users\petr\wuaucldt.exe
O4 - HKCU\..\Run: [MSConfig] C:\Users\Petr\kcv.exe \u
FIXni v HijackThis
+
restart a docisti s MBAM

[petredgar]

Zkusil jsem to vyčistit pomocí HijackThis, poté dočistit MBAMem... Ale moc jsem si věřil a vymazal toho moc. Windows nechtěly naběhnout, naštěstí se to obnovilo ze zálohy...
Proto příkládám znova log z RSIT a prosím o podrobnější návod. Díky!


Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-11-24 19:27:54
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 27 GB (12%) free of 228 GB
Total RAM: 1788 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:17, on 24.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\mIRC\mirc.exe
C:\Users\Petr\AppData\Local\Temp\7583.exe
C:\Users\Petr\AppData\Roaming\Microsoft\soucymawyz.exe
C:\windows\system32\conime.exe
C:\windows\system32\svchost.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wifi.vkol.cz:3128
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SSDruid] "C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe" /startup
O4 - HKCU\..\Run: [MSConfig] C:\Users\Petr\amis.exe \u
O4 - HKCU\..\Run: [vonof] C:\Users\Petr\AppData\Roaming\Microsoft\bimilyf.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O17 - HKLM\System\CS2\Services\Tcpip\..\{CC36B031-5B34-4AF9-BA0D-E74C7FCFC38D}: NameServer = 10.12.0.1,10.6.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Network Connectivity Service (ea4d2aetniyaoa) - Unknown owner - C:\Users\Petr\AppData\Roaming\Microsoft\wattez.exe
O23 - Service: Google Update Service (gupdate1c99f0fa0068f00) (gupdate1c99f0fa0068f00) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

--
End of file - 6957 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-79991764-2708180305-948282052-1004UA.job
C:\windows\tasks\User_Feed_Synchronization-{FCFE04A7-757E-48F5-AE5E-12D4B50CAB92}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-25 133104]
"SSDruid"=C:\Program Files\XemiComputers\ScreenSaver Druid\ScreenSaverDruid.exe [2003-01-23 1511424]
"MSConfig"=C:\Users\Petr\amis.exe [2010-11-24 18432]
"vonof"=C:\Users\Petr\AppData\Roaming\Microsoft\bimilyf.exe [2010-11-24 308736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-24 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
C:\PROGRA~1\20DOLL~1\20DOLL~1.EXE [2010-01-28 89088]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kkvrahnb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-11-24 19:24:11 ----A---- C:\windows\system32\drivers\kkvrahnb.sys
2010-11-24 19:21:55 ----RSH---- C:\Users\Petr\AppData\Roaming\juzjf.exe
2010-11-24 19:21:54 ----RSH---- C:\Users\Petr\AppData\Roaming\nsvb.exe
2010-11-24 19:21:00 ----D---- C:\windows\pss
2010-11-24 17:46:17 ----RSHD---- C:\RECYCLER
2010-11-24 13:54:54 ----RA---- C:\Users\Petr\AppData\Roaming\BG0Ai.txt
2010-11-23 19:28:56 ----D---- C:\Users\Petr\AppData\Roaming\PC Suite
2010-11-23 19:28:55 ----D---- C:\Users\Petr\AppData\Roaming\Nokia
2010-11-23 19:28:54 ----D---- C:\ProgramData\PC Suite
2010-11-23 19:25:08 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-23 19:18:43 ----D---- C:\Program Files\Nokia
2010-11-23 19:15:16 ----D---- C:\ProgramData\Installations
2010-11-23 19:08:29 ----D---- C:\Users\Petr\AppData\Roaming\DVDVideoSoftIEHelpers
2010-11-23 19:05:22 ----D---- C:\Program Files\DVDVideoSoft
2010-11-23 19:05:22 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-11-02 21:34:07 ----D---- C:\Users\Petr\AppData\Roaming\.minecraft
2010-11-02 11:04:02 ----D---- C:\Program Files\StrongDC++

======List of files/folders modified in the last 1 months======

2010-11-25 04:11:17 ----D---- C:\windows\system32\config
2010-11-25 04:10:59 ----D---- C:\windows\winsxs
2010-11-25 04:10:59 ----D---- C:\windows\Tasks
2010-11-25 04:10:59 ----D---- C:\windows\system32\wbem
2010-11-25 04:10:59 ----D---- C:\windows\system32\Tasks
2010-11-25 04:10:59 ----D---- C:\windows\system32\spool
2010-11-25 04:10:59 ----D---- C:\windows\system32\Msdtc
2010-11-25 04:10:59 ----D---- C:\windows\system32\drivers\etc
2010-11-25 04:10:59 ----D---- C:\windows\system32\drivers\cs-CZ
2010-11-25 04:10:59 ----D---- C:\windows\system32\CodeIntegrity
2010-11-25 04:10:59 ----D---- C:\windows\rescache
2010-11-25 04:10:59 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2010-11-25 04:10:59 ----D---- C:\Users\Petr\AppData\Roaming\Ventrilo
2010-11-25 04:10:59 ----AD---- C:\windows\system32\cs-CZ
2010-11-25 04:10:58 ----D---- C:\Users\Petr\AppData\Roaming\IrfanView
2010-11-25 04:10:58 ----D---- C:\Users\Petr\AppData\Roaming\GHISLER
2010-11-25 04:10:58 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2010-11-25 04:10:57 ----D---- C:\Program Files\Warcraft III
2010-11-25 04:10:57 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-11-25 04:10:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-25 04:10:51 ----D---- C:\windows\registration
2010-11-25 03:20:16 ----D---- C:\windows\system32\drivers\UMDF
2010-11-25 03:16:25 ----D---- C:\windows\system32\LogFiles
2010-11-24 19:27:57 ----D---- C:\Program Files\trend micro
2010-11-24 19:27:56 ----AD---- C:\windows\Temp
2010-11-24 19:24:11 ----D---- C:\windows\system32\drivers
2010-11-24 19:23:32 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2010-11-24 19:23:10 ----D---- C:\windows\System32
2010-11-24 19:22:07 ----D---- C:\Program Files\mIRC
2010-11-24 19:21:00 ----D---- C:\Windows
2010-11-24 19:20:18 ----SHD---- C:\System Volume Information
2010-11-24 19:19:35 ----D---- C:\windows\system32\catroot2
2010-11-24 19:18:58 ----D---- C:\windows\inf
2010-11-24 19:18:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-11-24 19:12:41 ----D---- C:\ProgramData\hpqLog
2010-11-24 18:14:37 ----D---- C:\windows\Performance
2010-11-24 17:59:47 ----RD---- C:\Program Files
2010-11-23 20:41:48 ----D---- C:\Program Files\Garena
2010-11-23 19:56:01 ----D---- C:\windows\Prefetch
2010-11-23 19:50:32 ----D---- C:\windows\system32\catroot
2010-11-23 19:28:54 ----D---- C:\ProgramData
2010-11-23 19:28:29 ----SHD---- C:\windows\Installer
2010-11-23 19:27:49 ----D---- C:\Program Files\Common Files
2010-11-21 14:00:25 ----D---- C:\ProgramData\TrackMania
2010-11-13 14:42:40 ----A---- C:\windows\ScrAntic.ini
2010-11-02 19:29:23 ----HD---- C:\jexepackres

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 kkvrahnb;kkvrahnb; C:\windows\System32\Drivers\kkvrahnb.sys [2010-11-24 40128]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2008-05-30 108752]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2008-05-30 51376]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2008-05-30 12928]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-07-14 207688]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-07-14 55176]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2009-12-16 56816]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 aij6s3zu;aij6s3zu; C:\windows\system32\drivers\aij6s3zu.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-02-14 1331192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Petr\AppData\Local\Temp\FZW3559.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-07-14 79240]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-07-14 35240]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-07-14 34152]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ea4d2aetniyaoa;Network Connectivity Service; C:\Users\Petr\AppData\Roaming\Microsoft\wattez.exe [2010-11-24 308736]
S2 gupdate1c99f0fa0068f00;Google Update Service (gupdate1c99f0fa0068f00); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-07 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
S4 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
S4 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S4 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
S4 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S4 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-25 66872]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-01-15 202040]

-----------------EOF-----------------

[petredgar]

Provedl jsem rovnou i opravu Hijackem, ale to co jsem měl minule fixnout, už tam nebylo.
Přidávám scan MBAMem:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5184

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

24.11.2010 20:24:27
mbam-log-2010-11-24 (20-24-27).txt

Typ skenu: Rychlý sken
Skenované objekty: 151869
Uplynulý čas: 14 minuta(y), 5 sekunda(y)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 3
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 16

Infikované procesy v paměti:
C:\Users\Petr\AppData\Local\Temp\7583.exe (Spyware.OnLineGames) -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kkvrahnb (Trojan.Agent) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msconfig (Trojan.Inject) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.Palevo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Petr\AppData\Local\Temp\7583.exe (Spyware.OnLineGames) -> No action taken.
C:\Users\Petr\amis.exe (Trojan.Inject) -> No action taken.
C:\Users\Petr\Documents\downloads\ventrilo-2.1.4.exe (Trojan.Dropper) -> No action taken.
C:\windows\system32\Drivers\kkvrahnb.sys (Trojan.Agent) -> No action taken.
C:\Users\Petr\AppData\Local\Temp\GCf6dj7Ge6.log (Backdoor.Agent) -> No action taken.
C:\Users\Petr\AppData\Roaming\juzjf.exe (Worm.Palevo) -> No action taken.
C:\windows\system32\Drivers\ndisvvan.sys (Rootkit.Agent) -> No action taken.
C:\windows\system32\secupdat.dat (Backdoor.Bot) -> No action taken.
C:\Users\Administrator\secupdat.dat (Worm.Autorun) -> No action taken.
C:\Users\Jan\secupdat.dat (Worm.Autorun) -> No action taken.
C:\Users\Petr\secupdat.dat (Worm.Autorun) -> No action taken.
C:\Users\Public\secupdat.dat (Worm.Autorun) -> No action taken.
C:\windows\ServiceProfiles\LocalService\secupdat.dat (Worm.Autorun) -> No action taken.
C:\windows\ServiceProfiles\NetworkService\secupdat.dat (Worm.Autorun) -> No action taken.
C:\windows\system32\config\systemprofile\secupdat.dat (Worm.Autorun) -> No action taken.
C:\Users\Petr\AppData\Roaming\nsvb.exe (Worm.Palevo) -> No action taken.

[JaRon]

vsetko najdene ZMAZ v MBAM - restart a napis ci su nejake problemy

[petredgar]

Nálezy MBAM jsem vymazal a restartoval PC, všechno vypadá v klidu. Děkuju za pomoc!:)

[JaRon]

fajn, nemas zac kontrolu s MBAM mozes zopakovat 1xmesacne preventivne