preventivka - stav pc

[motji]

Zkuste jej smazat vnouzovém režimu, pokud nepůjde, napište mi přesný název a umístění, smažu ho přes combofix.

[BOnioo1775]

Uz jsem ho smazal.Dal jsem to v COMODu mezi blokovane soubory a pak dal smazat a je to pryc.

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[BOnioo1775]

joo,vse ok,nemam problem ,myslim ze je to vse. dik za vsechno a mejte se

[motji]

Ještě poprosím o ten log ze Rsitu

[BOnioo1775]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Butterfly at 2010-09-17 07:34:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 65 GB (65%) free of 100 GB
Total RAM: 1022 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:34:49, on 2010-09-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\Program Files\PDFZilla\PDFZilla\winsrv.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\My Folder\My !\PC\Malware\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Butterfly.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IeMonitor - {8170D7DC-BDD6-461e-88EB-F047257898C9} - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DownloadStudio IE Toolbar - {CB789373-04D5-4ef4-9C16-871463FD0830} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [iSafeCW] D:\Program Files\PDFZilla\PDFZilla\winsrv.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AvastUI.lnk = C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odebírat RSS/Podcast pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O8 - Extra context menu item: Přidat stránku do DownloadStudio obrázkového alba... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Stáhnout obrázek pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Stáhnout odkaz pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Stáhnout stránku pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Stáhnout video pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_video.htm
O8 - Extra context menu item: Stáhnout výběr pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Zobrazit odkazy stránky pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8535 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8170D7DC-BDD6-461e-88EB-F047257898C9}]
DownloadStudio IE Add-on - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll [2010-08-31 670024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CB789373-04D5-4ef4-9C16-871463FD0830} - DownloadStudio IE Toolbar - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll [2010-08-31 168264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-28 19557480]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-06-01 2039240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-01-30 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2
"JavaQuickStarterService"=2
"WMPNetworkSvc"=3
"TuneUp.UtilitiesSvc"=2
"TuneUp.Defrag"=3
"sp_rssrv"=2

C:\Documents and Settings\Butterfly\Nabídka Start\Programy\Po spuštění
AvastUI.lnk - C:\Program Files\Alwil Software\Avast5\AvastUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-04 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe"="C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Flow\Flow.exe"="C:\Program Files\Flow\Flow.exe:*:Enabled:Flow"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\vncviewer.exe"="C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\tvnserver.exe"="C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Documents and Settings\Butterfly\Dokumenty\LAN WC3\Frozen Throne.exe"="C:\Documents and Settings\Butterfly\Dokumenty\LAN WC3\Frozen Throne.exe:*:Enabled:Frozen Throne"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-09-16 22:49:15 ----D---- C:\rsit
2010-09-16 19:52:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2010-09-16 18:32:06 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Ashampoo
2010-09-16 18:31:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-09-16 18:11:34 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2010-09-16 18:11:20 ----D---- C:\Program Files\Ashampoo
2010-09-15 23:34:10 ----A---- C:\WINDOWS\system32\drivers\cpuidlep.sys
2010-09-15 23:27:15 ----SHD---- C:\RECYCLER
2010-09-15 23:11:03 ----D---- C:\WINDOWS\temp
2010-09-15 10:21:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-15 10:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-15 10:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-15 10:19:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-15 10:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-15 10:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-15 10:16:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-12 23:31:32 ----D---- C:\Program Files\Microsoft Bootvis
2010-09-12 22:47:04 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\TrueCrypt
2010-09-12 22:45:51 ----A---- C:\WINDOWS\system32\drivers\truecrypt.sys
2010-09-12 22:45:50 ----D---- C:\Program Files\TrueCrypt
2010-09-12 17:06:36 ----A---- C:\WINDOWS\system32\drivers\VBoxDrv.sys
2010-09-12 17:06:25 ----A---- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2010-09-12 17:06:05 ----D---- C:\Program Files\Oracle
2010-09-11 12:56:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2010-09-10 16:51:01 ----D---- C:\Program Files\uTorrent
2010-09-10 16:49:40 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\uTorrent
2010-09-09 18:01:26 ----A---- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
2010-09-09 17:22:09 ----D---- C:\Program Files\Microsoft.NET
2010-09-08 21:33:56 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Conceiva
2010-09-08 21:33:12 ----D---- C:\Program Files\WinPcap
2010-09-08 21:29:36 ----A---- C:\bho.txt
2010-09-08 20:09:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Conceiva
2010-09-08 20:07:49 ----A---- C:\WINDOWS\DownloadStudioScheduleMonitor.INI
2010-09-08 19:59:52 ----D---- C:\Program Files\Conceiva
2010-09-08 19:31:17 ----D---- C:\Program Files\Endless Slideshow Screensaver
2010-09-05 12:23:43 ----D---- C:\Program Files\ICQ7.2
2010-09-04 21:26:09 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Thinstall
2010-09-03 18:30:25 ----D---- C:\Program Files\Uniblue
2010-09-03 18:30:02 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2010-09-02 21:37:40 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-09-02 21:37:38 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Spyware Terminator
2010-09-02 21:37:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-09-02 21:37:32 ----D---- C:\Program Files\Spyware Terminator
2010-09-01 21:45:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2010-09-01 21:39:21 ----D---- C:\Program Files\COMODO
2010-08-30 21:55:09 ----RD---- C:\Sandbox
2010-08-30 10:23:57 ----D---- C:\Program Files\PcMedik
2010-08-29 16:38:19 ----D---- C:\Downloads
2010-08-29 15:22:05 ----AH---- C:\Documents and Settings\All Users\Data aplikací\msadoex.dll
2010-08-29 12:51:53 ----A---- C:\WINDOWS\Sandboxie.ini
2010-08-29 12:22:14 ----A---- C:\WINDOWS\smode.dll
2010-08-29 11:53:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Zbshareware Lab
2010-08-29 11:53:02 ----D---- C:\Program Files\USB Disk Security
2010-08-29 10:00:30 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-08-28 17:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Montpellier-Informatique
2010-08-28 00:03:24 ----D---- C:\pear
2010-08-27 20:51:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-27 18:28:58 ----D---- C:\Program Files\Secunia
2010-08-27 18:06:05 ----ASH---- C:\pagefile.sys
2010-08-27 16:53:37 ----RSHD---- C:\Documents and Settings\Butterfly\Data aplikací\DisplayDriverTEMP
2010-08-27 16:53:32 ----D---- C:\WINDOWS\XSxS
2010-08-27 13:23:57 ----D---- C:\Shoty
2010-08-27 13:23:51 ----D---- C:\Program Files\ScreenShots
2010-08-27 09:37:41 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\CosmeticGuide
2010-08-27 09:35:29 ----D---- C:\Program Files\Two Pilots
2010-08-27 09:35:28 ----D---- C:\Program Files\Cosmetic Guide
2010-08-26 22:11:08 ----D---- C:\Program Files\MAXON
2010-08-26 18:17:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-08-26 10:16:58 ----A---- C:\WINDOWS\system32\tmp_docprotector.ini
2010-08-23 20:07:36 ----D---- C:\Program Files\Elecard
2010-08-23 18:30:21 ----D---- C:\WINDOWS\system32\Adobe
2010-08-23 13:11:37 ----D---- C:\Program Files\Common Files\Java
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\java.exe
2010-08-23 10:56:41 ----A---- C:\WINDOWS\sndvol32.exe
2010-08-23 10:38:45 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-23 10:37:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2010-08-23 10:36:42 ----D---- C:\PFiles
2010-08-22 22:21:23 ----D---- C:\Program Files\Common Files\Java(3)
2010-08-22 16:49:46 ----D---- C:\Program Files\Codec Pack - All In 1
2010-08-22 12:33:46 ----D---- C:\Program Files\Common Files\Futuremark Shared
2010-08-21 18:40:57 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ProgSense
2010-08-21 18:40:45 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Orbit
2010-08-20 00:02:25 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Sereniti
2010-08-19 22:12:12 ----D---- C:\VritualRoot
2010-08-19 21:14:19 ----D---- C:\Program Files\Sunbelt Software
2010-08-19 19:50:10 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-08-19 19:50:09 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-08-19 19:50:08 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-08-19 19:50:07 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-08-19 19:49:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-08-19 19:47:48 ----D---- C:\Program Files\Alwil Software
2010-08-19 14:52:40 ----D---- C:\WINDOWS\system32\RTCOM
2010-08-19 14:52:17 ----A---- C:\WINDOWS\vncutil.exe
2010-08-19 14:52:17 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-08-19 14:52:17 ----A---- C:\WINDOWS\SkyTel.exe
2010-08-19 14:52:17 ----A---- C:\WINDOWS\RtlUpd.exe
2010-08-19 14:52:16 ----A---- C:\WINDOWS\RTLCPL.EXE
2010-08-19 14:52:14 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010-08-19 14:52:14 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-08-19 14:52:11 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2010-08-19 14:52:11 ----A---- C:\WINDOWS\RTHDCPL.EXE
2010-08-19 14:52:11 ----A---- C:\WINDOWS\MicCal.exe
2010-08-19 14:52:05 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2010-08-19 14:52:04 ----D---- C:\Program Files\Realtek
2010-08-19 14:52:04 ----A---- C:\WINDOWS\ALCWZRD.EXE
2010-08-19 14:51:04 ----A---- C:\WINDOWS\RtlExUpd.dll
2010-08-19 10:45:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-08-18 16:17:25 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ATI
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-08-18 16:13:11 ----D---- C:\ATI
2010-08-18 15:00:04 ----D---- C:\Program Files\ATI
2010-08-18 14:39:47 ----D---- C:\Program Files\ATI Technologies

======List of files/folders modified in the last 1 months======

2010-09-17 07:34:38 ----D---- C:\WINDOWS\Prefetch
2010-09-17 07:30:48 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-16 22:59:50 ----D---- C:\WINDOWS
2010-09-16 22:54:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ICQ
2010-09-16 22:02:58 ----D---- C:\WINDOWS\system32\Restore
2010-09-16 19:53:26 ----D---- C:\WINDOWS\system32
2010-09-16 19:03:06 ----A---- C:\WINDOWS\system.ini
2010-09-16 18:42:59 ----SHD---- C:\WINDOWS\Installer
2010-09-16 18:42:58 ----D---- C:\Config.Msi
2010-09-16 18:42:33 ----D---- C:\Program Files\QuickTime
2010-09-16 18:35:34 ----A---- C:\Documents and Settings\Butterfly\Data aplikací\burnaware.ini
2010-09-16 18:23:40 ----D---- C:\WINDOWS\system32\config
2010-09-16 18:23:40 ----D---- C:\Program Files\Valve
2010-09-16 18:11:20 ----D---- C:\Program Files
2010-09-16 17:36:41 ----D---- C:\Program Files\Steam
2010-09-15 23:34:10 ----D---- C:\WINDOWS\system32\drivers
2010-09-15 23:12:57 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-15 23:07:10 ----D---- C:\WINDOWS\AppPatch
2010-09-15 23:07:06 ----D---- C:\Program Files\Common Files
2010-09-15 23:00:26 ----SHD---- C:\System Volume Information
2010-09-15 20:11:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\KeePass
2010-09-15 18:03:28 ----D---- C:\Program Files\The KMPlayer
2010-09-15 16:52:11 ----D---- C:\WINDOWS\Debug
2010-09-15 10:21:05 ----HD---- C:\WINDOWS\inf
2010-09-15 10:20:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-15 10:20:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-15 10:20:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-09-15 10:16:28 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-15 10:05:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-14 21:46:12 ----D---- C:\WINDOWS\Cursors
2010-09-14 19:51:34 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 1
2010-09-14 19:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2010-09-13 21:16:53 ----SD---- C:\WINDOWS\Tasks
2010-09-12 23:32:45 ----ASH---- C:\boot.ini
2010-09-12 23:32:45 ----A---- C:\WINDOWS\win.ini
2010-09-12 18:43:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-12 18:43:42 ----RSD---- C:\WINDOWS\assembly
2010-09-12 14:38:36 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-12 14:38:32 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-11 21:22:25 ----D---- C:\Program Files\WinUtilities
2010-09-11 12:53:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-10 14:43:07 ----D---- C:\Program Files\Opera
2010-09-09 18:48:37 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-09 18:04:00 ----D---- C:\WINDOWS\network diagnostic
2010-09-09 17:42:36 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-09 17:30:57 ----D---- C:\WINDOWS\system32\cs-cz
2010-09-09 17:23:39 ----D---- C:\WINDOWS\WinSxS
2010-09-09 17:22:19 ----D---- C:\WINDOWS\system32\en-US
2010-09-06 21:51:47 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Skype
2010-09-06 21:38:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\skypePM
2010-09-05 18:11:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-05 12:25:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-09-05 10:45:29 ----D---- C:\Program Files\Google
2010-09-05 10:42:15 ----D---- C:\Program Files\CCleaner
2010-09-04 21:14:03 ----D---- C:\Program Files\Common Files\Real
2010-09-04 13:23:48 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-09-04 11:45:13 ----D---- C:\Program Files\Microsoft Games
2010-09-04 11:24:31 ----D---- C:\WINDOWS\pss
2010-09-04 10:42:03 ----D---- C:\Documents and Settings
2010-09-03 20:55:34 ----D---- C:\Program Files\PKR
2010-09-03 20:55:34 ----D---- C:\Program Files\DVBViewerTE
2010-09-03 20:55:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Ventrilo
2010-09-03 20:55:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\TeamViewer
2010-09-03 20:55:33 ----D---- C:\Program Files\DivX
2010-09-03 19:05:50 ----D---- C:\Program Files\IObit
2010-09-03 18:32:42 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Uniblue
2010-09-03 13:48:07 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\dvdcss
2010-09-02 21:45:45 ----D---- C:\Program Files\Trend Micro
2010-08-30 15:11:02 ----SHD---- C:\WINDOWS\CSC
2010-08-29 13:05:18 ----D---- C:\WINDOWS\Help
2010-08-28 22:15:29 ----D---- C:\WINDOWS\Minidump
2010-08-28 14:01:03 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-08-27 16:40:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-08-27 16:40:27 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Real
2010-08-27 15:02:10 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-08-26 18:38:38 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\vlc
2010-08-26 16:02:32 ----D---- C:\Program Files\AIMP2
2010-08-25 22:28:56 ----D---- C:\Program Files\WhoCrashed
2010-08-25 13:46:54 ----D---- C:\Program Files\SystemRequirementsLab
2010-08-25 12:55:51 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\gtk-2.0
2010-08-23 21:26:18 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Mozilla
2010-08-23 13:10:45 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-08-23 12:25:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-08-23 11:15:56 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-08-23 10:39:43 ----D---- C:\WINDOWS\system32\wbem
2010-08-23 10:39:42 ----D---- C:\WINDOWS\Registration
2010-08-23 00:57:36 ----D---- C:\Program Files\Adobe
2010-08-22 17:03:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-20 22:10:35 ----A---- C:\WINDOWS\system32\resetlog.txt
2010-08-19 19:49:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-08-19 11:01:16 ----D---- C:\Program Files\Defraggler
2010-08-19 10:58:11 ----D---- C:\Program Files\FileHippo.com
2010-08-18 23:09:40 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Samsung
2010-08-18 23:09:33 ----D---- C:\Program Files\Samsung
2010-08-18 14:09:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-06-01 87824]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-21 697328]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2010-03-21 27904]
R0 ViBus;ViBus; C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-10-18 16896]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 ViPrt;VIA SATA IDE Device Driver; C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-10-18 52224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-06-01 25240]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2010-09-15 4484]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-09-12 231248]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-04 5243392]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 aejpbajh;aejpbajh; C:\WINDOWS\system32\drivers\aejpbajh.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-04-03 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-06-16 46592]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-01-09 42496]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-03-06 18944]
S3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-03-04 11520]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 P1131VID;Creative WebCam NX Pro (WDM); C:\WINDOWS\system32\DRIVERS\P1131Vid.sys [2004-03-26 91241]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-03-19 19072]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-06-23 32768]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-04 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-01 1778480]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-09-02 488960]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-31 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MatSvc;Microsoft Automated Troubleshooting Service; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-23 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-29 435008]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S4 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

-----------------EOF-----------------

[motji]

Ještě pro můj klid na duši otestujte na www.virustotal.com
D:\Program Files\PDFZilla\PDFZilla\winsrv.exe

[BOnioo1775]

ten program je cisty,uz jsem ho nekolikrat proskenoval,ani firewall jako by ho nevidel ..

http://www.virustotal.com/file-scan/rep ... 1279658742


Jeste jednou diky za vsechno

S pozdravem BOnioo*

[motji]

Na virustotalu je to ten program? Podle názvu je to jiný

[BOnioo1775]

Newim ,ale je to von! pouzivam VirusTotal Uploader ,tak mozna tim to bude. Udelam to beznym zpusobem pro vas klid
http://www.virustotal.com/file-scan/rep ... 1284733057

Tak to je naky divny,kdyz to udelam pres VT Uploader tak zadna infekce,a kdyz to udelam bezne tak 2/43 a navic u toho puvodniho linku je spatny datum.

[motji]

Ten program používáte?
Může to být falešná detekce, ale tady si nejsem uplně jistá

[BOnioo1775]

jj pouzivam,ted sem to otestoval znova a uz to ukazuje jak by melo,tedy 2/43

[motji]

Ten program slouží k čemu?

[BOnioo1775]

k sledovani a zaznamenavani aktivit na pc,dokaze vytvaret screenshoty, a take vytvari logy,ktere muze posilat na muj email..tam se na ne muzu podivat z mobilu. Ale pouzivam to jen zridka,spis pro zabavu.

[motji]

tak to by mělo být v pořádku, je možné že to antivir označil jako keylloger kvůli tomu, jak se chová.

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]

 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.

Pokud nejsou problémy, je to vše