Samovolné vypnutí notebooku

[motji]

Otestujte na www.virustotal.com

C:\Program Files\mpTrim.exe


-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

[Jendasss]

Dobré poledne, soubor jsem otestoval, zde výstup analýzy:


Soubor již byl testován:
MD5: 29fe1a6709ea2e40ea2f59bc317aed4c
Poprvé zaslán: 2007.10.08 06:50:13 UTC
Datum: 2010.06.18 02:12:04 UTC [>30D]
Výsledky: 1/40
Stálý odkaz: analisis/4bdf502706662178fde25c1ed2f02bb29d4f36e925ac8db7c8585a611512a6c9-1276827124

[Jendasss]

A za chvíli zkopíruju celý výstup skenování souboru... J.

[Jendasss]

Kompletní log z VirusTotalu:

Soubor mpTrim.exe přijatý 2010.07.18 09:40:07 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 1/42 (2.39%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 9.
Odhadovaný čas začátku mezi 105 a 150 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.31 2010.07.18 -
AhnLab-V3 2010.07.17.00 2010.07.16 -
AntiVir 8.2.4.12 2010.07.16 -
Antiy-AVL 2.0.3.7 2010.07.15 -
Authentium 5.2.0.5 2010.07.17 -
Avast 4.8.1351.0 2010.07.17 -
Avast5 5.0.332.0 2010.07.17 -
AVG 9.0.0.836 2010.07.18 -
BitDefender 7.2 2010.07.18 -
CAT-QuickHeal 11.00 2010.07.16 -
ClamAV 0.96.0.3-git 2010.07.18 -
Comodo 5463 2010.07.18 -
DrWeb 5.0.2.03300 2010.07.18 -
eSafe 7.0.17.0 2010.07.15 Win32.TrojanHorse
eTrust-Vet 36.1.7715 2010.07.16 -
F-Prot 4.6.1.107 2010.07.17 -
F-Secure 9.0.15370.0 2010.07.18 -
Fortinet 4.1.143.0 2010.07.17 -
GData 21 2010.07.18 -
Ikarus T3.1.1.84.0 2010.07.18 -
Jiangmin 13.0.900 2010.07.18 -
Kaspersky 7.0.0.125 2010.07.18 -
McAfee 5.400.0.1158 2010.07.18 -
McAfee-GW-Edition 2010.1 2010.07.16 -
Microsoft 1.6004 2010.07.18 -
NOD32 5287 2010.07.17 -
Norman 6.05.11 2010.07.17 -
nProtect 2010-07-18.02 2010.07.18 -
Panda 10.0.2.7 2010.07.18 -
PCTools 7.0.3.5 2010.07.18 -
Prevx 3.0 2010.07.18 -
Rising 22.56.04.04 2010.07.16 -
Sophos 4.55.0 2010.07.18 -
Sunbelt 6599 2010.07.18 -
SUPERAntiSpyware 4.40.0.1006 2010.07.18 -
Symantec 20101.1.1.7 2010.07.18 -
TheHacker 6.5.2.1.318 2010.07.16 -
TrendMicro 9.120.0.1004 2010.07.18 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.18 -
VBA32 3.12.12.6 2010.07.16 -
ViRobot 2010.7.12.3932 2010.07.17 -
VirusBuster 5.0.27.0 2010.07.17 -
Rozšiřující informace
File size: 227328 bytes
MD5...: 29fe1a6709ea2e40ea2f59bc317aed4c
SHA1..: 0dd780b437aa7e481377fbf49e58f98da87a8c9e
SHA256: 4bdf502706662178fde25c1ed2f02bb29d4f36e925ac8db7c8585a611512a6c9
ssdeep: 6144:x8Kaer2ysGPdOWA04C0jbDof6v/4KiMeo2:PNztMC0jbDWuAKiMeo
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x17c001
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x77000 0x2e200 8.00 09096fdb384060f840f9cf1d83dc5af7
DATA 0x78000 0x3000 0xe00 7.73 d115059e9cf7baff74dcda05cbb3c870
BSS 0x7b000 0xe0000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x15b000 0x3000 0xe00 7.84 e66233b7ca3629d95afd8baf7640847c
.tls 0x15e000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x15f000 0x1000 0x200 0.21 9c932a84b920ca018838d30e0848d614
.reloc 0x160000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x169000 0x13000 0x4e00 7.45 55260de45c178858a405e9be1109837e
.aspack 0x17c000 0x3000 0x2600 5.44 430e4616546433a0a8cc61aec0603d54
.data 0x17f000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 15 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: VariantChangeTypeEx
> advapi32.dll: RegSetValueExA
> gdi32.dll: UnrealizeObject
> user32.dll: WindowFromPoint
> ole32.dll: IsEqualGUID
> comctl32.dll: ImageList_SetIconSize
> shell32.dll: ShellExecuteA
> comdlg32.dll: GetSaveFileNameA
> winmm.dll: waveOutWrite
> shell32.dll: SHGetPathFromIDListA
> ole32.dll: CoTaskMemFree
> msacm32.dll: acmStreamUnprepareHeader

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: ASPack compressed Win32 Executable (generic) (90.1%)
Win32 Executable Generic (5.7%)
Win16/32 Executable Delphi generic (1.3%)
Generic Win/DOS Executable (1.3%)
DOS Executable Generic (1.3%)
packers (Kaspersky): ASPack
packers (F-Prot): Aspack

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-

[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Folder::
c:\program files\SweetIM

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

Firefox::
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6ryqvf4z.default\
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


A napište, jak to vypadá s počítačem?

[Jendasss]

Děkuji za návod, vše jsem dle instrukcí provedl, nížeji přikládám LOG. Počítač se chová, řekl bych, "normálně"... nepociťuji žádnou změnu

ComboFix 10-07-16.01 - user 18.07.2010 13:26:48.3.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3070.1610 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\msvcp71.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\msvcr71.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\live.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-18 do 2010-07-18 )))))))))))))))))))))))))))))))
.

2010-07-18 11:33 . 2010-07-18 11:33 -------- d-----w- c:\users\user\AppData\Local\temp
2010-07-18 11:33 . 2010-07-18 11:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-18 11:33 . 2010-07-18 11:33 -------- d-----w- c:\users\DZH~1.OLY\AppData\Local\temp
2010-07-18 11:33 . 2010-07-18 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-18 08:40 . 2010-07-18 08:40 -------- d-----w- c:\program files\MioMap v3 Updater
2010-07-17 15:16 . 2010-07-17 15:16 -------- d-----w- c:\program files\Lavalys
2010-07-17 10:57 . 2010-07-17 10:57 -------- d-----w- c:\program files\trend micro
2010-07-16 15:25 . 2010-07-16 15:25 -------- d-----w- c:\program files\Greek ScreenSaver
2010-07-16 15:24 . 2010-07-16 15:24 -------- d-----w- c:\program files\WallpaperScreensavers.net
2010-07-16 15:24 . 2010-07-16 15:24 -------- d-----w- c:\program files\Greek Islands ScreenSaver
2010-07-16 15:20 . 2010-07-16 15:20 -------- d-----w- c:\program files\Common Files\Java
2010-07-16 15:20 . 2010-06-22 02:36 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 14:17 . 2010-07-15 14:18 -------- d-----w- C:\Kos - dokumenty
2010-07-15 13:49 . 2010-07-17 17:43 -------- d-----w- C:\Řecko - Kos (07_2010)
2010-07-04 08:33 . 2010-07-04 08:57 -------- d-----w- c:\program files\Popisovač CD-DVD
2010-06-24 07:23 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:23 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 07:23 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 07:23 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 07:23 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-19 08:50 . 2010-06-19 08:50 -------- d-----w- c:\users\user\AppData\Local\AOL
2010-06-19 08:50 . 2010-06-19 08:52 -------- d-----w- c:\program files\ICQ7.2

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-18 08:40 . 2007-01-08 21:12 602092 ----a-w- c:\windows\system32\perfh005.dat
2010-07-18 08:40 . 2007-01-08 21:12 116204 ----a-w- c:\windows\system32\perfc005.dat
2010-07-17 21:22 . 2009-07-21 13:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-17 15:11 . 2009-07-22 19:35 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-07-17 15:10 . 2010-01-01 11:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-17 13:23 . 2009-07-22 18:51 -------- d-----w- c:\users\user\AppData\Roaming\ICQ
2010-07-16 15:20 . 2009-08-05 07:32 -------- d-----w- c:\program files\Java
2010-07-15 14:10 . 2009-07-21 14:33 -------- d-----w- c:\programdata\Microsoft Help
2010-07-04 09:21 . 2009-07-22 18:35 -------- d-----w- c:\programdata\DVD Shrink
2010-07-04 08:57 . 2010-07-04 08:33 -------- d-----w- c:\program files\Popisovač CD-DVD
2010-06-19 08:51 . 2009-07-22 18:50 -------- d-----w- c:\program files\ICQ6.5
2010-06-19 08:51 . 2009-07-21 12:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-02 15:57 . 2010-06-02 15:56 -------- d-----w- c:\program files\Microsoft Expression
2010-06-02 14:49 . 2009-07-21 11:58 102216 ----a-w- c:\users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-29 18:55 . 2010-05-29 18:54 -------- d-----w- c:\program files\Seznam.cz
2010-05-28 15:10 . 2009-07-22 18:44 -------- d-----w- c:\users\user\AppData\Roaming\Skype
2010-05-28 15:09 . 2009-07-22 18:46 -------- d-----w- c:\users\user\AppData\Roaming\skypePM
2010-05-27 17:10 . 2010-05-27 17:09 -------- d-----w- c:\program files\FormatFactory
2010-05-26 17:06 . 2010-06-09 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-09 10:48 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 09:18 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-19 14:11 . 2009-07-21 12:40 -------- d-----w- c:\program files\Google
2010-05-04 05:59 . 2010-06-09 10:47 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-09 10:47 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-09 10:47 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-09 10:47 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-03 09:26 . 2010-05-03 09:26 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-05-03 09:26 . 2010-05-03 09:26 47360 ----a-w- c:\users\user\AppData\Roaming\pcouffin.sys
2010-05-03 09:26 . 2010-05-03 09:26 47360 ----a-w- c:\users\user\AppData\Roaming\pcouffin.sys
2010-05-01 14:13 . 2010-06-09 10:47 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-01-01 11:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-01-01 11:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 14:13 . 2010-05-26 07:43 2048 ----a-w- c:\windows\system32\tzres.dll
2007-02-16 09:31 . 2010-05-17 11:03 227328 ----a-w- c:\program files\mpTrim.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-06-19 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"SMail"="c:\program files\Seznam Postak\Postak.exe" [2006-05-18 450560]

c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Total Commander.lnk - c:\program files\totalcmd\TOTALCMD.EXE [2009-7-21 3497720]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-27 752168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-07-22 17:14 33136 ----a-w- c:\windows\ASScrPro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-04-12 15:06 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2009-12-10 14:05 401728 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
2008-06-13 16:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
2008-01-25 16:32 778240 ----a-w- c:\program files\P4P\P4P.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-05-19 09:02 462104 ----a-w- c:\program files\Seznam.cz\postak.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-20 10:15 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-07-22 18:39 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):7c,8c,ab,ec,22,3d,ca,01

R2 gupdate1ca0bb3b5a4f7ae;Google Update Service (gupdate1ca0bb3b5a4f7ae);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-23 133104]
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [2003-07-17 18848]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-23 16:36]

2010-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-23 16:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.knightstar.net
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6ryqvf4z.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6ryqvf4z.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6ryqvf4z.default\extensions\xmlfiller@software602.cz\platform\WINNT_x86-msvc\plugins\npfiller.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
Celkový čas: 2010-07-18 13:36:44
ComboFix-quarantined-files.txt 2010-07-18 11:36

Před spuštěním: Volných bajtů: 51 227 770 880
Po spuštění: Volných bajtů: 51 208 663 040

- - End Of File - - D12D689E2512536D21EE3AB61446441D

[motji]

Odzkoušejte ho, zda se ještě vypíná, a napište

[Jendasss]

Příjemný podvečer,

doposud se notebook nevypnul... až před malou chvílí. Po opětovném zapnutí se nově objevila hláška "Catalyst control center: Host application přestal pracovat", a to celkem dvakrát... je možné, že se notebook nějak automaticky vypne (nastaveno?) při nepřiměřeném zatížení?

J.

[motji]

catalyst control center souvisí s grafikou, mám takový pocit.
Spíš bych řekla při přehřívání, jaká je teď teplota počítače?

[Jendasss]

... možná zkusím přeinstalovat ovladače grafiky... občas "zamrzá"...

Teplota CPU je teď - dle EVERESTu - 72 °C.

J.

[motji]

Ano, obladače od grafiky přeinstalujte - stahněte nejnovější.
Ta teplota je stále docela vysoká, ale může to být i tou grafikou. Uvidíme po té přeinstalaci.

[Jendasss]

Dobré poledne,

ovladače byly aktualizovány, přeinstalovány... aktualizoval jsem dle doporučení aktualizace grafických ovladačů také NET Framework... i přesto se 2 hlášky o tom, že "Catalyst control" přestal fungovat objevují... notebook sice pracuje po zavření obou chybových oken správně, přesto - pro jistotu - ještě přikládám LOG z RSITu a prosím o jeho kontrolu

Moc díky, J.

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-07-19 12:29:29
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 41 GB (41%) free of 100 GB
Total RAM: 3070 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:29:32, on 19.7.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Seznam Postak\Postak.exe
C:\Users\user\Program Files\DNA\btdna.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.knightstar.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam Postak\Postak.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\user\Program Files\DNA\btdna.exe"
O4 - Startup: Total Commander.lnk = C:\Program Files\totalcmd\TOTALCMD.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1ca0bb3b5a4f7ae) (gupdate1ca0bb3b5a4f7ae) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 7341 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-05-19 1117976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-24 159744]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SMail"=C:\Program Files\Seznam Postak\Postak.exe [2006-05-18 450560]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-06-19 133368]
"BitTorrent DNA"=C:\Users\user\Program Files\DNA\btdna.exe [2010-07-18 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2009-07-22 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-04-12 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2009-12-10 401728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\P4P\P4P.exe [2008-01-25 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe [2010-05-19 462104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-22 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0CE\Distillr\acrotray.exe [2003-07-17 217180]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-07-19 12:29:29 ----D---- C:\rsit
2010-07-19 12:03:32 ----D---- C:\AMD
2010-07-19 12:02:29 ----D---- C:\ProgramData\ATI
2010-07-19 11:56:09 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-07-19 09:45:31 ----HD---- C:\ATI
2010-07-18 18:51:48 ----D---- C:\Users\user\AppData\Roaming\DNA
2010-07-18 18:51:48 ----D---- C:\Program Files\DNA
2010-07-18 17:23:03 ----D---- C:\Program Files\Tomb Raider - Legend
2010-07-18 17:22:13 ----A---- C:\Windows\level.ini
2010-07-18 17:15:14 ----D---- C:\Program Files\Western Digital Technologies
2010-07-18 13:36:48 ----SHD---- C:\$RECYCLE.BIN
2010-07-18 13:36:46 ----D---- C:\Windows\temp
2010-07-18 13:24:35 ----HD---- C:\ComboFix
2010-07-18 13:23:47 ----A---- C:\Windows\SWXCACLS.exe
2010-07-18 10:40:56 ----D---- C:\Program Files\MioMap v3 Updater
2010-07-17 21:29:12 ----A---- C:\Windows\zip.exe
2010-07-17 21:29:12 ----A---- C:\Windows\SWSC.exe
2010-07-17 21:29:12 ----A---- C:\Windows\SWREG.exe
2010-07-17 21:29:12 ----A---- C:\Windows\sed.exe
2010-07-17 21:29:12 ----A---- C:\Windows\PEV.exe
2010-07-17 21:29:12 ----A---- C:\Windows\NIRCMD.exe
2010-07-17 21:29:12 ----A---- C:\Windows\MBR.exe
2010-07-17 21:29:12 ----A---- C:\Windows\grep.exe
2010-07-17 21:26:37 ----D---- C:\Windows\ERDNT
2010-07-17 21:23:59 ----HD---- C:\Qoobox
2010-07-17 17:16:17 ----D---- C:\Program Files\Lavalys
2010-07-17 12:57:25 ----D---- C:\Program Files\trend micro
2010-07-16 17:25:30 ----D---- C:\Program Files\Greek ScreenSaver
2010-07-16 17:24:48 ----D---- C:\Program Files\WallpaperScreensavers.net
2010-07-16 17:24:05 ----D---- C:\Program Files\Greek Islands ScreenSaver
2010-07-16 17:20:56 ----D---- C:\ProgramData\Sun
2010-07-16 17:20:55 ----D---- C:\Program Files\Common Files\Java
2010-07-16 17:20:09 ----A---- C:\Windows\system32\javaws.exe
2010-07-16 17:20:09 ----A---- C:\Windows\system32\javaw.exe
2010-07-16 17:20:09 ----A---- C:\Windows\system32\java.exe
2010-07-16 17:20:09 ----A---- C:\Windows\system32\deployJava1.dll
2010-07-15 15:49:23 ----RD---- C:\Řecko - Kos (07_2010)
2010-07-04 10:46:04 ----A---- C:\Windows\pslabeler3.ini
2010-07-04 10:33:30 ----D---- C:\Program Files\Popisovač CD-DVD
2010-06-24 09:23:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 09:23:05 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 09:23:05 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 09:23:05 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 09:23:05 ----A---- C:\Windows\system32\dfshim.dll

======List of files/folders modified in the last 1 months======

2010-07-19 12:26:22 ----D---- C:\Windows\System32
2010-07-19 12:26:21 ----D---- C:\Windows\inf
2010-07-19 12:26:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-19 12:21:01 ----SHD---- C:\Windows\Installer
2010-07-19 12:21:01 ----HD---- C:\Config.Msi
2010-07-19 12:21:01 ----D---- C:\Program Files\ATI
2010-07-19 12:14:58 ----D---- C:\Windows\system32\catroot
2010-07-19 12:14:57 ----D---- C:\Windows\system32\catroot2
2010-07-19 12:14:41 ----D---- C:\Windows\winsxs
2010-07-19 12:14:01 ----D---- C:\Windows
2010-07-19 12:12:26 ----D---- C:\Windows\Microsoft.NET
2010-07-19 12:09:26 ----D---- C:\Windows\system32\drivers
2010-07-19 12:09:06 ----SHD---- C:\System Volume Information
2010-07-19 12:02:29 ----HD---- C:\ProgramData
2010-07-19 12:02:14 ----D---- C:\Program Files\ATI Technologies
2010-07-19 12:00:37 ----RSD---- C:\Windows\assembly
2010-07-19 11:56:09 ----D---- C:\Program Files\Common Files
2010-07-18 21:45:47 ----A---- C:\Windows\system32\acovcnt.exe
2010-07-18 19:08:05 ----HD---- C:\Windows\system32\GroupPolicy
2010-07-18 19:07:29 ----D---- C:\Users\user\AppData\Roaming\ICQ
2010-07-18 18:51:48 ----RD---- C:\Program Files
2010-07-18 18:31:59 ----D---- C:\Windows\Prefetch
2010-07-18 13:34:08 ----A---- C:\Windows\system.ini
2010-07-18 13:33:55 ----D---- C:\Windows\system32\drivers\etc
2010-07-18 13:29:32 ----D---- C:\Windows\AppPatch
2010-07-17 23:18:33 ----D---- C:\Windows\Tasks
2010-07-17 17:23:16 ----D---- C:\Program Files\Windows Media Player
2010-07-17 17:10:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-16 18:21:05 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2010-07-16 17:20:04 ----D---- C:\Program Files\Java
2010-07-15 16:10:33 ----D---- C:\ProgramData\Microsoft Help
2010-07-04 11:21:22 ----D---- C:\ProgramData\DVD Shrink
2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe
2010-06-28 10:04:06 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-08-23 1201312]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 209920]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-17 2153688]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-05-03 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-17 18848]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-05-13 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
S3 catchme;catchme; \??\C:\Users\user\AppData\Local\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-08-23 13312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 176128]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\s [2010-03-13 446338]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-27 522792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 NMSAccessU;NMSAccessU; C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe [2008-05-03 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S2 gupdate1ca0bb3b5a4f7ae;Google Update Service (gupdate1ca0bb3b5a4f7ae); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-23 133104]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\s [2010-03-13 446338]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]

-----------------EOF-----------------

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********



Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


*****************************

Stahnul jste ty nejnovější ovladače?

[Jendasss]

Hezké odpoledne,

děkuji za rady a návody. Vše jsem provedl dle Vašich instrukcí... po restartu notebooku hlášky o Catalyst Control Centru opět dvakrát vyskočily... jinak vše funguje správně...

Co se ovladačů týče, tak jsem instalovaloval vše v poslední verzi, přímo ze stránek ATI Radeonu a ze stránek ASUSu pro konkrétní typ notebooku... většina byla z 06/2010.

J.

[motji]

Vydržte, poptám se kolegů