VIRY.CZ

Tak je tady ten log z kombofix, ale nic jsem tam nenalezl, tak opravdu nevim. Treba je to pouze logo ktere se tam zobrazuje, ale...

ComboFix 10-12-06.04 - Lipickovi 07.12.2010 18:05:50.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2048.1541 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lipickovi\Plocha\ComboFix.exe
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lipickovi\Data aplikací\PriceGong
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Lipickovi\Data aplikací\PriceGong\Data\z.xml
c:\windows\XSxS

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.

2010-12-06 15:37 . 2010-12-07 00:15 -------- d-----w- c:\program files\FreeRapid-0.85
2010-12-04 23:04 . 2007-06-27 01:58 2303488 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys
2010-12-04 23:04 . 2007-06-27 01:58 2303488 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-12-04 22:49 . 2010-12-04 22:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2010-12-04 22:48 . 2010-12-04 22:48 0 ----a-w- c:\windows\ativpsrm.bin
2010-12-04 22:24 . 2010-12-04 22:24 -------- d-----w- c:\program files\DIFX
2010-12-04 22:24 . 2010-12-05 13:54 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-04 22:22 . 2010-12-04 22:22 -------- d-----w- C:\ATI
2010-12-04 18:11 . 2010-12-04 18:11 -------- d-----w- c:\program files\Common Files\DirectX
2010-12-04 17:56 . 2010-12-04 17:56 -------- d-----w- c:\program files\SCi Games
2010-12-04 17:56 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2010-12-04 17:56 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2010-12-04 17:56 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2010-12-04 17:56 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2010-12-04 17:56 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2010-12-04 17:56 . 2010-12-04 17:56 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2010-12-04 17:56 . 2010-12-04 17:56 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2010-12-04 15:50 . 2010-12-04 16:04 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-12-04 15:37 . 2010-12-04 16:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2010-12-04 15:37 . 2010-12-04 15:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Symantec
2010-12-04 15:34 . 2010-12-04 15:53 -------- d-----w- c:\windows\system32\Adobe
2010-12-04 10:54 . 2010-12-04 10:54 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-04 07:28 . 2010-12-04 11:55 -------- d-----w- c:\program files\trend micro
2010-12-04 07:28 . 2010-12-04 07:29 -------- d-----w- C:\rsit
2010-12-04 06:34 . 2010-12-04 06:34 -------- d-----w- c:\documents and settings\Lipickovi\Local Settings\Data aplikací\ConduitEngine
2010-12-04 06:33 . 2010-12-04 06:34 -------- d-----w- c:\program files\ConduitEngine
2010-12-04 06:33 . 2010-12-04 06:33 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-12-03 21:19 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\IJL_11.DLL
2010-11-16 16:29 . 2010-11-16 16:33 -------- d-----w- c:\program files\ICQ7.2
2010-11-12 17:49 . 2010-11-12 18:38 -------- d-----w- c:\documents and settings\Lipickovi\Data aplikací\avidemux
2010-11-12 17:48 . 2010-11-12 17:49 -------- d-----w- c:\program files\Avidemux 2.5
2010-11-12 17:47 . 2010-11-12 17:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SiComponents
2010-11-10 21:06 . 2010-11-10 21:06 -------- d-----w- c:\documents and settings\Lipickovi\Data aplikací\HandBrake

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 11:49 . 2010-09-28 11:49 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-27 10:29 . 2010-10-07 18:29 563952 ----a-w- C:\WindowsXP-KB893056-x86-CSY.exe
2010-09-27 10:29 . 2010-10-07 18:29 194800 ----a-w- C:\WindowsXP-KB893056-x86-Symbols-CSY.exe
2010-09-26 13:38 . 2010-09-12 06:57 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 05:50 . 2010-09-18 05:50 87608 ----a-w- c:\documents and settings\Lipickovi\Data aplikací\inst.exe
2010-09-18 05:50 . 2010-09-18 05:50 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-09-18 05:50 . 2010-09-18 05:50 47360 ----a-w- c:\documents and settings\Lipickovi\Data aplikací\pcouffin.sys
2010-09-18 04:35 . 2010-09-18 04:35 1409 ----a-w- c:\windows\QTFont.for
2010-09-15 03:50 . 2010-09-27 09:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2010-09-27 09:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-12 06:56 . 2010-09-12 06:57 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-12 06:56 . 2010-09-12 06:57 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2010-10-20 19:52 2735200 ----a-w- c:\program files\Freecorder\tbFre1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-04-14 16:33 140288 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]
"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 65536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BDARemote.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk
backup=c:\windows\pss\BDARemote.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2010-09-07 15:50 2176512 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
"WebClient"=2 (0x2)
"SysmonLog"=3 (0x3)
"RDSessMgr"=3 (0x3)
"SSDPSRV"=3 (0x3)
"xmlprov"=3 (0x3)
"ImapiService"=3 (0x3)
"Browser"=2 (0x2)
"Schedule"=2 (0x2)
"UPS"=3 (0x3)
"Themes"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"upnphost"=3 (0x3)
"wscsvc"=2 (0x2)
"SharedAccess"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"CLMLServer"="c:\program files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
"PCMAgent"="c:\program files\CyberLink\PowerCinema\PCMAgent.exe"
"PlayMovie"="c:\program files\CyberLink\PlayMovie\PMVService.exe"
"TVEService"="c:\program files\CyberLink\TV Enhance\TVEService.exe"
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe"
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
"BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" /run

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\CyberLink\\TV Enhance\\TVEnhance.exe"=
"c:\\Program Files\\CyberLink\\TV Enhance\\TVEService.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [8.9.2010 18:55 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [8.9.2010 18:56 196048]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.9.2010 12:49 691696]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [8.9.2010 18:56 102736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8.9.2010 18:56 297552]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8.9.2010 18:56 162768]
R1 scrambler;scrambler;c:\windows\system32\drivers\scrambler.sys [14.2.2005 11:17 206336]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [7.9.2010 16:50 142592]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/26 15:43];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13.3.2010 11:58 87536]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\CyberLink\PlayMovie\000.fcl [12.9.2010 8:16 61424]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.9.2010 18:56 19024]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [15.12.2008 13:31 143467]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [7.10.2010 20:52 20328]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [12.9.2010 8:18 364635]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [12.9.2010 8:18 172121]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [6.9.2010 18:19 2829696]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [8.9.2010 18:55 119200]
.
Obsah adresáře 'Naplánované úlohy'

2010-10-29 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-10-29 19:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 18:21
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\CyberLink\PlayMovie\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-12-07 18:25:01
ComboFix-quarantined-files.txt 2010-12-07 17:24

Před spuštěním: Volných bajtů: 21 495 214 080
Po spuštění: Volných bajtů: 21 478 932 480

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=signature(eb2787fd)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
signature(eb2787fd)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 2DD2C286BAA2534CF97BDC8D4B025CCA

Zkusím Vám něco smazat a když Vám nebude fungovat nějaký jiný program než ten keylloger, tak to vrátím z qooboxu, takže ho nemažte, neodinstalovávejte combofix, než řeknu.


Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tady je log Windowsy nabehli normalka

ComboFix 10-12-06.04 - Lipickovi 08.12.2010 0:26.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2048.1437 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lipickovi\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lipickovi\Plocha\CFScript.txt
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\drivers\scrambler.sys"
"c:\windows\system32\IJL_11.DLL"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\scrambler.sys
c:\windows\system32\IJL_11.DLL

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SCRAMBLER
-------\Service_scrambler


((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.

2010-12-06 15:37 . 2010-12-07 00:15 -------- d-----w- c:\program files\FreeRapid-0.85
2010-12-04 23:04 . 2007-06-27 01:58 2303488 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys
2010-12-04 23:04 . 2007-06-27 01:58 2303488 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-12-04 22:49 . 2010-12-04 22:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2010-12-04 22:48 . 2010-12-04 22:48 0 ----a-w- c:\windows\ativpsrm.bin
2010-12-04 22:24 . 2010-12-04 22:24 -------- d-----w- c:\program files\DIFX
2010-12-04 22:24 . 2010-12-05 13:54 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-04 22:22 . 2010-12-04 22:22 -------- d-----w- C:\ATI
2010-12-04 18:11 . 2010-12-04 18:11 -------- d-----w- c:\program files\Common Files\DirectX
2010-12-04 17:56 . 2010-12-04 17:56 -------- d-----w- c:\program files\SCi Games
2010-12-04 17:56 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2010-12-04 17:56 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2010-12-04 17:56 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2010-12-04 17:56 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2010-12-04 17:56 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2010-12-04 17:56 . 2010-12-04 17:56 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2010-12-04 17:56 . 2010-12-04 17:56 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2010-12-04 15:50 . 2010-12-04 16:04 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-12-04 15:37 . 2010-12-04 16:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2010-12-04 15:37 . 2010-12-04 15:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Symantec
2010-12-04 15:34 . 2010-12-04 15:53 -------- d-----w- c:\windows\system32\Adobe
2010-12-04 10:54 . 2010-12-04 10:54 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-04 07:28 . 2010-12-04 11:55 -------- d-----w- c:\program files\trend micro
2010-12-04 07:28 . 2010-12-04 07:29 -------- d-----w- C:\rsit
2010-12-04 06:34 . 2010-12-04 06:34 -------- d-----w- c:\documents and settings\Lipickovi\Local Settings\Data aplikací\ConduitEngine
2010-12-04 06:33 . 2010-12-04 06:34 -------- d-----w- c:\program files\ConduitEngine
2010-12-04 06:33 . 2010-12-04 06:33 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-11-16 16:29 . 2010-11-16 16:33 -------- d-----w- c:\program files\ICQ7.2
2010-11-12 17:49 . 2010-11-12 18:38 -------- d-----w- c:\documents and settings\Lipickovi\Data aplikací\avidemux
2010-11-12 17:48 . 2010-11-12 17:49 -------- d-----w- c:\program files\Avidemux 2.5
2010-11-12 17:47 . 2010-11-12 17:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SiComponents
2010-11-10 21:06 . 2010-11-10 21:06 -------- d-----w- c:\documents and settings\Lipickovi\Data aplikací\HandBrake

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 11:49 . 2010-09-28 11:49 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-27 10:29 . 2010-10-07 18:29 563952 ----a-w- C:\WindowsXP-KB893056-x86-CSY.exe
2010-09-27 10:29 . 2010-10-07 18:29 194800 ----a-w- C:\WindowsXP-KB893056-x86-Symbols-CSY.exe
2010-09-26 13:38 . 2010-09-12 06:57 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 05:50 . 2010-09-18 05:50 87608 ----a-w- c:\documents and settings\Lipickovi\Data aplikací\inst.exe
2010-09-18 05:50 . 2010-09-18 05:50 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-09-18 05:50 . 2010-09-18 05:50 47360 ----a-w- c:\documents and settings\Lipickovi\Data aplikací\pcouffin.sys
2010-09-18 04:35 . 2010-09-18 04:35 1409 ----a-w- c:\windows\QTFont.for
2010-09-15 03:50 . 2010-09-27 09:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2010-09-27 09:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-12 06:56 . 2010-09-12 06:57 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-12 06:56 . 2010-09-12 06:57 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2010-10-20 19:52 2735200 ----a-w- c:\program files\Freecorder\tbFre1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre1.dll" [2010-10-20 2735200]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-04-14 16:33 140288 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RestoreDesktop"="c:\program files\Restore Desktop\RestoreDesktop.exe" [2003-03-11 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]
"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-12-05 65536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-12-22 278528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BDARemote.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk
backup=c:\windows\pss\BDARemote.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2010-09-07 15:50 2176512 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
"WebClient"=2 (0x2)
"SysmonLog"=3 (0x3)
"RDSessMgr"=3 (0x3)
"SSDPSRV"=3 (0x3)
"xmlprov"=3 (0x3)
"ImapiService"=3 (0x3)
"Browser"=2 (0x2)
"Schedule"=2 (0x2)
"UPS"=3 (0x3)
"Themes"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"upnphost"=3 (0x3)
"wscsvc"=2 (0x2)
"SharedAccess"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"CLMLServer"="c:\program files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
"PCMAgent"="c:\program files\CyberLink\PowerCinema\PCMAgent.exe"
"PlayMovie"="c:\program files\CyberLink\PlayMovie\PMVService.exe"
"TVEService"="c:\program files\CyberLink\TV Enhance\TVEService.exe"
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe"
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
"BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" /run

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\CyberLink\\TV Enhance\\TVEnhance.exe"=
"c:\\Program Files\\CyberLink\\TV Enhance\\TVEService.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [8.9.2010 18:55 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [8.9.2010 18:56 196048]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.9.2010 12:49 691696]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [8.9.2010 18:56 102736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8.9.2010 18:56 297552]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8.9.2010 18:56 162768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [7.9.2010 16:50 142592]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/26 15:43];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [13.3.2010 11:58 87536]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\CyberLink\PlayMovie\000.fcl [12.9.2010 8:16 61424]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.9.2010 18:56 19024]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [8.9.2010 18:55 119200]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [15.12.2008 13:31 143467]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [7.10.2010 20:52 20328]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [12.9.2010 8:18 364635]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [12.9.2010 8:18 172121]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [6.9.2010 18:19 2829696]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
.
Obsah adresáře 'Naplánované úlohy'

2010-10-29 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-10-29 19:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-08 00:53
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\CyberLink\PlayMovie\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1052)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(276)
c:\documents and settings\Lipickovi\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-12-08 00:59:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-07 23:59
ComboFix2.txt 2010-12-07 17:25

Před spuštěním: Volných bajtů: 21 464 248 320
Po spuštění: Volných bajtů: 21 403 652 096

- - End Of File - - 70E9BBDF2704D0179A022C055D707D17

Tako to vypada ze jsme se toho zbavili, nic jiz nenabiha pri startu.
Mockrat diky za pomoc a klanim se az k zemi

Takže to byl určitě ten scrambler, který se ale ručně nesmazal.



Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Pocitac bezi normalne bez nejakych znamek ze by neco bylo spusteno nebo bezelo na pozadi
Diky za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lipickovi at 2010-12-10 22:44:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 21 GB (54%) free of 39 GB
Total RAM: 2048 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:45:22, on 10.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Restore Desktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\MHotkey.exe
C:\WINDOWS\ChiFuncExt.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lipickovi\Plocha\Antiviry\RSIT.exe
C:\Program Files\trend micro\Lipickovi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKCU\..\Run: [RestoreDesktop] C:\Program Files\Restore Desktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Lipickovi\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe

--
End of file - 10868 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\RegistryBooster.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-10-20 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-02 1241448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-02 1241448]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-10-20 2735200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"RemoteControl"=C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe [2005-12-05 65536]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2008-12-22 278528]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"LchDrvKey"=C:\WINDOWS\LchDrvKey.exe [2007-03-28 36864]
"WheelMouse"=C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe [2003-06-07 147456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RestoreDesktop"=C:\Program Files\Restore Desktop\RestoreDesktop.exe [2003-03-11 45056]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-09-07 2176512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BDARemote.lnk]
C:\PROGRA~1\USBTV~1\EM28XX\BDAREM~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2
"WebClient"=2
"SysmonLog"=3
"RDSessMgr"=3
"SSDPSRV"=3
"xmlprov"=3
"ImapiService"=3
"Browser"=2
"Schedule"=2
"UPS"=3
"Themes"=2
"FastUserSwitchingCompatibility"=3
"upnphost"=3
"wscsvc"=2
"SharedAccess"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-27 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\CyberLink\TV Enhance\TVEnhance.exe"="C:\Program Files\CyberLink\TV Enhance\TVEnhance.exe:*:Enabled:CyberLink TVEnhance"
"C:\Program Files\CyberLink\TV Enhance\TVEService.exe"="C:\Program Files\CyberLink\TV Enhance\TVEService.exe:*:Enabled:CyberLink TVEnhance Resident Program"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\CyberLink\TV Enhance\TVEnhance.exe"="C:\Program Files\CyberLink\TV Enhance\TVEnhance.exe:*:Enabled:CyberLink TVEnhance"
"C:\Program Files\CyberLink\TV Enhance\TVEService.exe"="C:\Program Files\CyberLink\TV Enhance\TVEService.exe:*:Enabled:CyberLink TVEnhance Resident Program"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-12-10 22:44:40 ----D---- C:\rsit
2010-12-10 22:06:10 ----D---- C:\Program Files\A4Tech
2010-12-10 21:39:34 ----SHD---- C:\RECYCLER
2010-12-10 20:58:45 ----A---- C:\WINDOWS\system32\Ph3xIB32MV.dll
2010-12-10 20:27:17 ----A---- C:\WINDOWS\mhotkey_reg.ini
2010-12-10 20:27:15 ----D---- C:\Program Files\KYE
2010-12-10 20:27:15 ----A---- C:\WINDOWS\PIC.dll
2010-12-10 20:27:15 ----A---- C:\WINDOWS\mHotkey.exe
2010-12-10 20:27:15 ----A---- C:\WINDOWS\LchDrvKey.exe
2010-12-10 20:27:15 ----A---- C:\WINDOWS\ChiFuncExt.exe
2010-12-10 20:27:06 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\InstallShield
2010-12-07 17:57:21 ----A---- C:\Boot.bak
2010-12-07 17:57:15 ----RASHD---- C:\cmdcons
2010-12-06 16:37:05 ----D---- C:\Program Files\FreeRapid-0.85
2010-12-05 00:04:24 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-12-04 23:49:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-12-04 23:24:01 ----D---- C:\Program Files\DIFX
2010-12-04 23:24:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-12-04 23:22:32 ----D---- C:\ATI
2010-12-04 19:11:53 ----D---- C:\Program Files\Common Files\DirectX
2010-12-04 18:56:39 ----D---- C:\Program Files\SCi Games
2010-12-04 18:21:46 ----D---- C:\WINDOWS\prefetch
2010-12-04 16:50:22 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-04 16:37:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-12-04 16:37:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-12-04 16:37:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-12-04 16:34:30 ----D---- C:\WINDOWS\system32\Adobe
2010-12-04 08:28:25 ----D---- C:\Program Files\trend micro
2010-12-04 07:33:59 ----D---- C:\Program Files\ConduitEngine
2010-12-04 07:33:59 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2010-11-16 17:29:35 ----D---- C:\Program Files\ICQ7.2
2010-11-12 18:49:11 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\avidemux
2010-11-12 18:48:50 ----D---- C:\Program Files\Avidemux 2.5
2010-11-12 18:47:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\SiComponents

======List of files/folders modified in the last 1 months======

2010-12-10 22:34:04 ----D---- C:\WINDOWS\Temp
2010-12-10 22:31:36 ----A---- C:\WINDOWS\system32\bscs.ini
2010-12-10 22:28:38 ----A---- C:\WINDOWS\wincmd.ini
2010-12-10 22:25:03 ----D---- C:\WINDOWS
2010-12-10 22:06:36 ----HD---- C:\WINDOWS\inf
2010-12-10 22:06:15 ----D---- C:\WINDOWS\system32\drivers
2010-12-10 22:06:13 ----D---- C:\WINDOWS\system32
2010-12-10 22:06:10 ----D---- C:\Program Files
2010-12-10 22:05:58 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-10 21:34:47 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-10 21:15:41 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\Uniblue
2010-12-10 21:15:38 ----SHD---- C:\WINDOWS\Installer
2010-12-10 21:07:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-10 20:27:14 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-10 20:26:00 ----D---- C:\WINDOWS\system32\config
2010-12-10 18:34:55 ----D---- C:\Program Files\Mozilla Firefox
2010-12-10 18:25:02 ----A---- C:\WINDOWS\cdplayer.ini
2010-12-10 18:10:48 ----A---- C:\WINDOWS\tcburner.ini
2010-12-10 17:45:29 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\vlc
2010-12-08 19:25:40 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\ICQ
2010-12-08 00:52:16 ----A---- C:\WINDOWS\system.ini
2010-12-08 00:51:59 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-08 00:35:50 ----D---- C:\WINDOWS\AppPatch
2010-12-08 00:35:47 ----D---- C:\Program Files\Common Files
2010-12-07 19:27:05 ----D---- C:\Lipíček
2010-12-07 18:23:31 ----SD---- C:\WINDOWS\Tasks
2010-12-07 17:57:21 ----RASH---- C:\boot.ini
2010-12-07 17:52:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-07 01:15:57 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2010-12-06 19:32:49 ----A---- C:\WINDOWS\system32\REMOTEDEVICE.INI
2010-12-06 18:54:56 ----D---- C:\Program Files\rajce
2010-12-06 17:30:54 ----A---- C:\WINDOWS\system32\LOCALDEVICE.INI
2010-12-05 12:33:17 ----A---- C:\WINDOWS\win.ini
2010-12-05 12:33:16 ----D---- C:\WINDOWS\pss
2010-12-04 23:46:29 ----RSD---- C:\WINDOWS\assembly
2010-12-04 23:46:13 ----D---- C:\WINDOWS\WinSxS
2010-12-04 23:45:49 ----D---- C:\Program Files\ATI Technologies
2010-12-04 18:48:23 ----A---- C:\moduleName.txt
2010-12-04 18:28:07 ----D---- C:\Program Files\Zrychleni Pocitace
2010-12-04 18:12:46 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\Macromedia
2010-12-04 18:11:50 ----D---- C:\WINDOWS\system32\Macromed
2010-12-04 16:38:18 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\Adobe
2010-12-04 12:28:52 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\Spyware Terminator
2010-12-04 11:54:20 ----D---- C:\WINDOWS\system32\wbem
2010-12-04 11:54:19 ----D---- C:\WINDOWS\Registration
2010-12-04 08:16:13 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-04 07:33:57 ----D---- C:\Program Files\Freecorder
2010-12-03 22:32:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-26 08:22:32 ----D---- C:\Program Files\Leawo
2010-11-24 21:04:17 ----D---- C:\WINDOWS\Debug
2010-11-23 04:27:52 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\Skype
2010-11-23 00:03:05 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\skypePM
2010-11-13 21:13:00 ----D---- C:\Documents and Settings\Lipickovi\Data aplikací\dvdcss
2010-11-13 14:59:16 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-12 18:53:48 ----D---- C:\Program Files\DVDVideoSoft
2010-11-12 18:45:10 ----D---- C:\Program Files\Common Files\DVDVideoSoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2010-03-19 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2010-04-14 196048]
R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-28 691696]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-04-14 102736]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-04-14 297552]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/26 15:43:41]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\CyberLink\PlayMovie\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R2 cpuz134;cpuz134; \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-14 15440]
R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2010-12-10 2831232]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2003-02-26 9728]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-27 2303488]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2006-12-14 11984]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-09-18 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-02-24 10368]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-20 104320]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 aogp66vy;aogp66vy; C:\WINDOWS\system32\drivers\aogp66vy.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-11-25 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2008-11-25 27528]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-12-07 14088]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2008-12-15 39304]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2008-07-02 29960]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-27 483328]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-04-14 119200]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-07-09 775168]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-12-15 143467]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221257]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-05-11 110663]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-10-23 241734]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-09-07 488960]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [2008-10-23 364635]
R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [2008-10-23 172121]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-12-15 98407]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Je to už ok. Dávejte si pozor na to, co instalujete.
Hezký víkend