zavirované PC

[pauler]

RSIT je níže, jiné další problémy nejsou podařilo se spustit avast a prohledal jsem počítač a
našel+ odstranil nějaké 3 malware.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2010-12-15 16:39:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (74%) free of 50 GB
Total RAM: 2047 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:40:38, on 15.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Pavel\Plocha\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25401
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-436374069-583907252-839522115-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Rodiče')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-436374069-583907252-839522115-1006 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Rodiče')
O4 - S-1-5-21-436374069-583907252-839522115-1006 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Rodiče')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 6402 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-01-27 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-01-08 91432]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-10-27 133432]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Pavel\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-12-15 16:39:56 ----D---- C:\rsit
2010-12-15 13:27:44 ----D---- C:\WINDOWS\LastGood
2010-12-15 13:27:44 ----A---- C:\WINDOWS\system32\muweb.dll
2010-12-15 13:27:44 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-12-15 13:27:44 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-12-14 19:35:16 ----D---- C:\Program Files\Microsoft Security Essentials
2010-12-14 19:24:02 ----D---- C:\WINDOWS\TEMP
2010-12-14 19:23:56 ----D---- C:\Program Files\Google
2010-12-14 19:23:54 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-14 19:23:53 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-12-14 19:23:52 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-14 19:23:50 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-14 19:23:48 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-14 19:23:48 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-12-14 19:23:44 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-14 19:23:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-12-14 17:39:43 ----D---- C:\TEMP
2010-12-14 17:22:14 ----SHD---- C:\RECYCLER
2010-12-14 15:41:32 ----A---- C:\Boot.bak
2010-12-14 15:41:28 ----RASHD---- C:\cmdcons
2010-12-14 15:24:11 ----D---- C:\WINDOWS\ERDNT
2010-12-14 13:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-12-12 11:12:46 ----D---- C:\_OTM
2010-12-11 17:59:13 ----D---- C:\Program Files\trend micro
2010-12-07 19:41:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-12-05 14:12:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\F-Secure
2010-12-05 14:04:51 ----D---- C:\WINDOWS\Sun
2010-12-05 14:04:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-12-05 14:04:25 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-12-05 14:03:31 ----D---- C:\Documents and Settings\Pavel\Data aplikací\Sun
2010-12-05 13:59:48 ----D---- C:\Documents and Settings\Pavel\Data aplikací\QuickScan
2010-12-05 13:24:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-11-24 16:20:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-11-24 16:18:18 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2010-11-24 16:18:14 ----D---- C:\Documents and Settings\Pavel\Data aplikací\DAEMON Tools Lite
2010-11-17 09:46:59 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys

======List of files/folders modified in the last 1 months======

2010-12-15 13:31:24 ----SD---- C:\WINDOWS\Tasks
2010-12-15 13:29:23 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-15 13:27:47 ----D---- C:\WINDOWS
2010-12-15 13:27:44 ----HD---- C:\WINDOWS\inf
2010-12-15 13:27:44 ----D---- C:\WINDOWS\system32
2010-12-15 13:07:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-14 20:04:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-14 19:35:36 ----SHD---- C:\WINDOWS\Installer
2010-12-14 19:35:23 ----D---- C:\WINDOWS\system32\drivers
2010-12-14 19:35:21 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-12-14 19:35:16 ----RD---- C:\Program Files
2010-12-14 19:35:11 ----D---- C:\WINDOWS\pchealth
2010-12-14 19:35:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-14 19:23:39 ----D---- C:\WINDOWS\WinSxS
2010-12-14 18:44:38 ----D---- C:\Documents and Settings\Pavel\Data aplikací\Mozilla
2010-12-14 17:50:19 ----D---- C:\Documents and Settings\Pavel\Data aplikací\ICQ
2010-12-14 17:33:20 ----D---- C:\WINDOWS\Debug
2010-12-14 17:19:26 ----SHD---- C:\System Volume Information
2010-12-14 17:19:26 ----D---- C:\WINDOWS\system32\Restore
2010-12-14 15:49:01 ----A---- C:\WINDOWS\system.ini
2010-12-14 15:48:44 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-14 15:45:42 ----D---- C:\WINDOWS\AppPatch
2010-12-14 15:45:39 ----D---- C:\Program Files\Common Files
2010-12-14 15:41:33 ----RASH---- C:\boot.ini
2010-12-14 13:37:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-14 13:37:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-12 14:28:40 ----D---- C:\WINDOWS\network diagnostic
2010-12-12 13:22:49 ----D---- C:\WINDOWS\system32\config
2010-12-12 13:22:40 ----D---- C:\WINDOWS\system32\wbem
2010-12-12 13:22:39 ----D---- C:\WINDOWS\Registration
2010-12-11 13:06:41 ----D---- C:\WINDOWS\Prefetch
2010-12-10 19:53:17 ----D---- C:\Program Files\Alwil Software
2010-12-10 13:25:00 ----D---- C:\Program Files\SpeedFan
2010-12-07 19:37:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-05 13:59:48 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-12-05 13:04:04 ----D---- C:\WINDOWS\SoftwareDistribution
2010-11-21 14:47:40 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvp2p;NVIDIA PCI to PCI Bridge Filter; C:\WINDOWS\system32\DRIVERS\nvp2p.sys [2003-12-23 8576]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-24 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-01-31 2310272]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-10-07 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-10-07 103736]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-14 136176]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

[cernohous13]

Zdá se to čisté.

Odstav (popř. odinstaluj) MSE - mohly by si s Avastem překážet.

V případě problémů se ozvi.

[pauler]

OK, díky za pomoc

[cernohous13]

Nemáš zač - rádo se stalo a my jsme tady i příště