SVCHOST - 100% CPU s procesem siszyd32.exe

Zpráva

#16 Příspěvek od **motji** » 15 pro 2009 12:05

At koukne i po rootkitech, máte tam pěkné mršky.
Pokud můžete, flešku rovnou zformátujte

prceksu · #17 Příspěvek od **prceksu** » 15 pro 2009 12:21

Ano.Před chvilkou jsem tak učinil, cvičně formát flash-ky 2x

#18 Příspěvek od **motji** » 15 pro 2009 12:24

Ale ted ji do pracovníhjo pc nedávejte, at si zas nezavirujete ten doma

prceksu · #19 Příspěvek od **prceksu** » 15 pro 2009 23:29

AVPTool jsem pustil už potřetí,nějak se mu nelíbily dokumenty k Oracle,asi dlouhá cesta s názvem souboru pdf a zůstal u něj viset,tak jsem to zkrátil co to šlo,teď už to projel,tak snad mi do rána celé PC otestuje.
Snad zítra budu mít výsledky testu,vše pak vložím.

Přeji dobrou noc.

#20 Příspěvek od **motji** » 15 pro 2009 23:34

Fajn.Jak to dopadlo v práci?

prceksu · #21 Příspěvek od **prceksu** » 16 pro 2009 18:02

Vpráci to pořeším v pondělí,teď budu až do pátku na školení.

Zde jelog z AVPTool:

Autoscan: stopped 9 hours ago (events: 2, objects: 10, time: 00:00:11)
Autoscan: stopped 7 hours ago (events: 4, objects: 798444, time: 01:40:56)
Autoscan: completed 3 hours ago (events: 106, objects: 1154478, time: 04:11:07)
16.12.2009 0:02:17 Task started
16.12.2009 0:56:12 Detected: Trojan.Win32.VB.jmf D:\WebDownload\TorrentFinish\ZC Video Converter.rar/ZC Video Converter/zcvideotox.exe/data0000.cab/ZCSOFT~1.EXE
16.12.2009 0:56:12 Untreated: Trojan.Win32.VB.jmf D:\WebDownload\TorrentFinish\ZC Video Converter.rar/ZC Video Converter/zcvideotox.exe/data0000.cab/ZCSOFT~1.EXE Write not supported
16.12.2009 1:03:21 Detected: Backdoor.Win32.Agent.yag D:\_BILEK_BACKUP\Jirka_PC\hry\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe
16.12.2009 1:03:22 Untreated: Backdoor.Win32.Agent.yag D:\_BILEK_BACKUP\Jirka_PC\hry\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe Write not supported
16.12.2009 1:20:43 Detected: Net-Worm.Win32.Kolabc.geh D:\_HRY_pro_Známé\Barbie_Oblékání\barbie_dressup.exe
16.12.2009 1:22:03 Deleted: Net-Worm.Win32.Kolabc.geh D:\_HRY_pro_Známé\Barbie_Oblékání\barbie_dressup.exe
16.12.2009 2:00:31 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/alchemy.deluxe.1.2.keygen-tsrh.zip/alchemy.deluxe.1.2.keygen-tsrh.exe/ExeStealth
16.12.2009 2:00:32 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/alchemy.deluxe.1.2.keygen-tsrh.zip/alchemy.deluxe.1.2.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:00:47 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/atomica.deluxe.2.52.keygen-tsrh.zip/atomica.deluxe.2.52.keygen-tsrh.exe/ExeStealth
16.12.2009 2:00:47 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/atomica.deluxe.2.52.keygen-tsrh.zip/atomica.deluxe.2.52.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:00:51 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/big.money.deluxe.1.22.keygen-tsrh.zip/big.money.deluxe.1.22.keygen-tsrh.exe/ExeStealth
16.12.2009 2:00:51 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/big.money.deluxe.1.22.keygen-tsrh.zip/big.money.deluxe.1.22.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:00:55 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/bookworm.deluxe.1.0.keygen-tsrh.zip/bookworm.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 2:00:55 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/bookworm.deluxe.1.0.keygen-tsrh.zip/bookworm.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:00 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/mummy.maze.deluxe.1.1.keygen-tsrh.zip/mummy.maze.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:00 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/mummy.maze.deluxe.1.1.keygen-tsrh.zip/mummy.maze.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:04 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/ningpo.mahjong.deluxe.1.04.keygen-tsrh.zip/ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:04 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/ningpo.mahjong.deluxe.1.04.keygen-tsrh.zip/ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:08 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/noahs.ark.deluxe.1.1.keygen-tsrh.zip/noah.s.ark.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:08 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/noahs.ark.deluxe.1.1.keygen-tsrh.zip/noah.s.ark.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:12 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/rocket.mania.deluxe.1.0.keygen-tsrh.zip/rocket.mania.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:12 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/rocket.mania.deluxe.1.0.keygen-tsrh.zip/rocket.mania.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:16 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/seven.seas.deluxe.1.13.keygen-tsrh.zip/seven.seas.deluxe.1.13.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:16 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/seven.seas.deluxe.1.13.keygen-tsrh.zip/seven.seas.deluxe.1.13.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:20 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/tiptop.deluxe.1.1.keygen-tsrh.zip/tiptop.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:20 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/tiptop.deluxe.1.1.keygen-tsrh.zip/tiptop.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:01:24 Detected: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/typer.shark.deluxe.1.0.keygen-tsrh.zip/typer.shark.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 2:01:24 Untreated: MultiPacked.Multi.Generic D:\_HRY_pro_Známé\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/typer.shark.deluxe.1.0.keygen-tsrh.zip/typer.shark.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 2:06:49 Detected: not-a-virus:AdWare.Win32.F1Organizer.h D:\_HRY_pro_Známé\WinHry_z_Webu_200712\wwiv_setup.exe/Stream/data0008/UPX
16.12.2009 2:06:49 Detected: not-a-virus:AdWare.Win32.WSearch.c D:\_HRY_pro_Známé\WinHry_zWebu\contra\contrasf26.exe/#/msetup.exe
16.12.2009 2:06:50 Detected: Backdoor.Win32.Agent.yag D:\_HRY_pro_Známé\HRY_Vše_instalacky\zuma+luxor+atlantis+crack\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe
16.12.2009 2:06:50 Untreated: Backdoor.Win32.Agent.yag D:\_HRY_pro_Známé\HRY_Vše_instalacky\zuma+luxor+atlantis+crack\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe Write not supported
16.12.2009 2:07:25 Deleted: not-a-virus:AdWare.Win32.F1Organizer.h D:\_HRY_pro_Známé\WinHry_z_Webu_200712\wwiv_setup.exe
16.12.2009 2:08:01 Detected: Trojan.Win32.Inject.anh D:\_HRY_pro_Známé\WinHry_zWebu\contra\contrasf26.exe/#
16.12.2009 2:08:02 Deleted: Trojan.Win32.Inject.anh D:\_HRY_pro_Známé\WinHry_zWebu\contra\contrasf26.exe
16.12.2009 2:18:22 Detected: Backdoor.Win32.Hupigon.dccn D:\_Roztridit_Vypalit\Winprog\Spyware Doctor\tools\eg.dat
16.12.2009 2:20:30 Deleted: Backdoor.Win32.Hupigon.dccn D:\_Roztridit_Vypalit\Winprog\Spyware Doctor\tools\eg.dat
16.12.2009 2:27:10 Detected: not-a-virus:AdWare.Win32.SaveNow.z D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0015.BIN/data0001.cab/VVSN.exe
16.12.2009 2:33:37 Detected: Trojan-Dropper.Win32.Agent.amde D:\_VYPALIT\DVD_DATA_001\Winprog\DUMeter v3.07 Build 200\DUMeter v3.07 Build 200.zip/DUMeter v3.07 Build 200/DUMeter-Install.exe/data0003/data0000.cab/454.exe
16.12.2009 2:35:03 Detected: not-a-virus:AdWare.Win32.NavExcel.d D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0016.BIN/NHInstall.exe
16.12.2009 2:39:24 Detected: not-a-virus:AdWare.Win32.NavExcel.i D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0017.BIN
16.12.2009 2:39:24 Detected: not-a-virus:AdWare.Win32.SaveNow.z D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0018.BIN/data0001.cab/VVSN.exe
16.12.2009 2:39:24 Detected: not-a-virus:AdWare.Win32.NavExcel.d D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0016.BIN/NHInstall.exe
16.12.2009 2:39:25 Detected: not-a-virus:AdWare.Win32.BargainBuddy.ae D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0019.BIN/data0002
16.12.2009 2:39:26 Detected: not-a-virus:AdWare.Win32.BargainBuddy.e D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0019.BIN/data0003
16.12.2009 2:39:27 Detected: not-a-virus:AdWare.Win32.BargainBuddy.h D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0019.BIN/data0005
16.12.2009 2:39:27 Detected: not-a-virus:AdWare.Win32.EZula.bm D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe/WISE0020.BIN
16.12.2009 2:39:28 Deleted: Trojan-Dropper.Win32.Agent.amde D:\_VYPALIT\DVD_DATA_001\Winprog\DUMeter v3.07 Build 200\DUMeter v3.07 Build 200.zip/DUMeter v3.07 Build 200/DUMeter-Install.exe
16.12.2009 2:39:29 Deleted: not-a-virus:AdWare.Win32.EZula.bm D:\_VYPALIT\DVD_DATA_001\Winprog\MP3_Programs\setupmp3towav.exe
16.12.2009 2:39:34 Detected: not-a-virus:AdWare.Win32.BargainBuddy.ae D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0017.BIN/data0002
16.12.2009 2:39:51 Detected: not-a-virus:AdWare.Win32.BargainBuddy.e D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0017.BIN/data0003
16.12.2009 2:40:09 Detected: not-a-virus:AdWare.Win32.BargainBuddy.h D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0017.BIN/data0005
16.12.2009 2:40:26 Detected: not-a-virus:AdWare.Win32.EZula.bm D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe/WISE0018.BIN
16.12.2009 2:40:27 Deleted: not-a-virus:AdWare.Win32.EZula.bm D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/CD to WAV MP3 ripper/setupcdripper.exe
16.12.2009 2:40:42 Detected: not-a-virus:AdWare.Win32.Excite.a D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/freeripmp3.exe/data0012
16.12.2009 2:40:54 Detected: not-a-virus:AdWare.Win32.MyWay.f D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/freeripmp3.exe/data0012
16.12.2009 2:41:07 Detected: not-a-virus:AdWare.Win32.Excite.a D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/freeripmp3.exe/data0012/#
16.12.2009 2:41:20 Detected: not-a-virus:AdWare.Win32.MyWay.f D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/freeripmp3.exe/data0012/#
16.12.2009 2:41:20 Deleted: not-a-virus:AdWare.Win32.MyWay.f D:\_Roztridit_Vypalit\FLASH_20070506_Prace\MyPC_20051020.zip/MyPC_20051020/CD_Vypalit/Vypalit/MP3_Programs/freeripmp3.exe
16.12.2009 3:10:28 Detected: HEUR:Trojan.Win32.Generic D:\_VYPALIT\DVD_GAMES_054\Neighbours from hell 1\Neighbours from hell 1.iso/Demos/ig2_setup_demo offline.exe/IG2_DEMO.EXE
16.12.2009 3:10:29 Untreated: HEUR:Trojan.Win32.Generic D:\_VYPALIT\DVD_GAMES_054\Neighbours from hell 1\Neighbours from hell 1.iso/Demos/ig2_setup_demo offline.exe/IG2_DEMO.EXE Write not supported
16.12.2009 3:14:01 Detected: Trojan.Win32.Inject.alxl D:\_VYPALIT\DVD_GAMES_054\Transport.Giant.Gold.Edition.READNFO-iTWINS\itw-tgge.iso/setup1.cab/TARGETDIRtransportgiant.exe
16.12.2009 3:14:02 Untreated: Trojan.Win32.Inject.alxl D:\_VYPALIT\DVD_GAMES_054\Transport.Giant.Gold.Edition.READNFO-iTWINS\itw-tgge.iso/setup1.cab/TARGETDIRtransportgiant.exe Write not supported
16.12.2009 3:16:16 Detected: Net-Worm.Win32.Kolabc.geh D:\__Sdilet\HRY\Barbie_Oblékání\barbie_dressup.exe
16.12.2009 3:17:42 Deleted: Net-Worm.Win32.Kolabc.geh D:\__Sdilet\HRY\Barbie_Oblékání\barbie_dressup.exe
16.12.2009 3:22:33 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/alchemy.deluxe.1.2.keygen-tsrh.zip/alchemy.deluxe.1.2.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:33 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/alchemy.deluxe.1.2.keygen-tsrh.zip/alchemy.deluxe.1.2.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:22:42 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/atomica.deluxe.2.52.keygen-tsrh.zip/atomica.deluxe.2.52.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:42 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/atomica.deluxe.2.52.keygen-tsrh.zip/atomica.deluxe.2.52.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:22:46 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/big.money.deluxe.1.22.keygen-tsrh.zip/big.money.deluxe.1.22.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:46 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/big.money.deluxe.1.22.keygen-tsrh.zip/big.money.deluxe.1.22.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:22:50 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/bookworm.deluxe.1.0.keygen-tsrh.zip/bookworm.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:50 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/bookworm.deluxe.1.0.keygen-tsrh.zip/bookworm.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:22:54 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/mummy.maze.deluxe.1.1.keygen-tsrh.zip/mummy.maze.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:54 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/mummy.maze.deluxe.1.1.keygen-tsrh.zip/mummy.maze.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:22:58 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/ningpo.mahjong.deluxe.1.04.keygen-tsrh.zip/ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe/ExeStealth
16.12.2009 3:22:58 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/ningpo.mahjong.deluxe.1.04.keygen-tsrh.zip/ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:23:02 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/noahs.ark.deluxe.1.1.keygen-tsrh.zip/noah.s.ark.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 3:23:02 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/noahs.ark.deluxe.1.1.keygen-tsrh.zip/noah.s.ark.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:23:06 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/rocket.mania.deluxe.1.0.keygen-tsrh.zip/rocket.mania.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 3:23:06 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/rocket.mania.deluxe.1.0.keygen-tsrh.zip/rocket.mania.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:23:10 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/seven.seas.deluxe.1.13.keygen-tsrh.zip/seven.seas.deluxe.1.13.keygen-tsrh.exe/ExeStealth
16.12.2009 3:23:10 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/seven.seas.deluxe.1.13.keygen-tsrh.zip/seven.seas.deluxe.1.13.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:23:13 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/tiptop.deluxe.1.1.keygen-tsrh.zip/tiptop.deluxe.1.1.keygen-tsrh.exe/ExeStealth
16.12.2009 3:23:14 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/tiptop.deluxe.1.1.keygen-tsrh.zip/tiptop.deluxe.1.1.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:23:17 Detected: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/typer.shark.deluxe.1.0.keygen-tsrh.zip/typer.shark.deluxe.1.0.keygen-tsrh.exe/ExeStealth
16.12.2009 3:23:17 Untreated: MultiPacked.Multi.Generic D:\__Sdilet\HRY\HRY_Vše_instalacky\15 Pop Cap games and Keygens\15 Pop Cap games and Keygens.rar/15 Pop Cap games and Keys/Keygens/typer.shark.deluxe.1.0.keygen-tsrh.zip/typer.shark.deluxe.1.0.keygen-tsrh.exe/ExeStealth Write not supported
16.12.2009 3:26:57 Detected: not-a-virus:AdWare.Win32.WSearch.c D:\__Sdilet\HRY\WinHry_zWebu\contra\contrasf26.exe/#/msetup.exe
16.12.2009 3:26:59 Detected: not-a-virus:AdWare.Win32.F1Organizer.h D:\__Sdilet\HRY\WinHry_z_Webu_200712\wwiv_setup.exe/Stream/data0008/UPX
16.12.2009 3:27:00 Detected: Backdoor.Win32.Agent.yag D:\__Sdilet\HRY\HRY_Vše_instalacky\zuma+luxor+atlantis+crack\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe
16.12.2009 3:27:00 Untreated: Backdoor.Win32.Agent.yag D:\__Sdilet\HRY\HRY_Vše_instalacky\zuma+luxor+atlantis+crack\Zuma_deluxe+Luxor_amun_rising+atlantis+crack.rar/Zuma_Deluxe+Working_Crack.rar/yahoo_zuma_tm1-1.exe/files/Zuma Deluxe/Zuma.exe Write not supported
16.12.2009 3:27:51 Detected: Trojan.Win32.Inject.anh D:\__Sdilet\HRY\WinHry_zWebu\contra\contrasf26.exe/#
16.12.2009 3:27:51 Deleted: Trojan.Win32.Inject.anh D:\__Sdilet\HRY\WinHry_zWebu\contra\contrasf26.exe
16.12.2009 3:27:56 Deleted: not-a-virus:AdWare.Win32.F1Organizer.h D:\__Sdilet\HRY\WinHry_z_Webu_200712\wwiv_setup.exe
16.12.2009 3:51:27 Detected: not-a-virus:AdWare.Win32.NavExcel.d H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0016.BIN/NHInstall.exe
16.12.2009 3:53:03 Detected: not-a-virus:AdWare.Win32.NavExcel.i H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0017.BIN
16.12.2009 3:53:03 Detected: not-a-virus:AdWare.Win32.SaveNow.z H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0018.BIN/data0001.cab/VVSN.exe
16.12.2009 3:53:03 Detected: not-a-virus:AdWare.Win32.BargainBuddy.ae H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0019.BIN/data0002
16.12.2009 3:53:04 Detected: not-a-virus:AdWare.Win32.BargainBuddy.e H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0019.BIN/data0003
16.12.2009 3:53:04 Detected: not-a-virus:AdWare.Win32.BargainBuddy.h H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0019.BIN/data0005
16.12.2009 3:53:04 Detected: not-a-virus:AdWare.Win32.EZula.bm H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe/WISE0020.BIN
16.12.2009 3:53:05 Deleted: not-a-virus:AdWare.Win32.EZula.bm H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107891.exe
16.12.2009 4:02:32 Detected: Trojan.Win32.Chifrax.d H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107909.exe
16.12.2009 4:04:43 Deleted: Trojan.Win32.Chifrax.d H:\System Volume Information\_restore{841FEB43-38B2-4682-91C6-B1FDE597F0A8}\RP352\A0107909.exe
16.12.2009 4:13:24 Task completed

A zde je RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by prcek at 2009-12-16 17:58:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (22%) free of 67 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:58:53, on 16.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
D:\__Sdilet\RSIT.exe
C:\Program Files\trend micro\prcek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_setup_9.0.0.722_15.12.2009_02-38.exe.lnk = C:\Documents and Settings\prcek\Local Settings\temp\_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

--
End of file - 5374 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2009-10-11 2582288]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-16 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
C:\WINDOWS\zHotkey.exe [2003-07-29 515584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C42 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-02-19 74240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-10-11 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32]
C:\WINDOWS\system32\regedit.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-10-28 72736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowWnd]
C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2
"Nero BackItUp Scheduler 4.0"=2
"ABBYY.Licensing.FineReader.Professional.9.0"=2
"RichVideo"=2
"ose"=3
"odserv"=3
"Microsoft Office Groove Audit Service"=3
"ServiceLayer"=3
"SQLWriter"=3
"MSSQL$SQLEXPRESS"=2
"idsvc"=3
"iPod Service"=3

C:\Documents and Settings\prcek\Nabídka Start\Programy\Po spuštění
_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.lnk - C:\Documents and Settings\prcek\Local Settings\temp\_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\HRY\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\HRY\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\HRY\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\HRY\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\HRY\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\HRY\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\HRY\Unreal Tournament 3\Binaries\UT3.exe"="C:\Program Files\HRY\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\HRY\Soldier of Fortune Payback\sof3.exe"="C:\Program Files\HRY\Soldier of Fortune Payback\sof3.exe:*:Disabled:sof3"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\obchodnisystem\apache2\bin\Apache.exe"="C:\obchodnisystem\apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-12-15 09:25:44 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-15 09:25:43 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-15 09:25:43 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-15 01:15:00 ----D---- C:\Program Files\CCleaner
2009-12-14 23:26:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-12-14 23:16:50 ----D---- C:\Avenger
2009-12-14 23:16:50 ----A---- C:\avenger.txt
2009-12-14 15:49:30 ----D---- C:\Documents and Settings\prcek\Data aplikací\Malwarebytes
2009-12-14 15:49:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-14 15:49:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-13 22:56:57 ----D---- C:\rsit
2009-12-13 22:56:57 ----D---- C:\Program Files\trend micro
2009-12-06 14:28:52 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2009-12-06 14:27:12 ----D---- C:\Program Files\Common Files\PCSuite
2009-12-06 14:26:56 ----D---- C:\Program Files\PC Connectivity Solution
2009-12-06 14:26:51 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-12-06 14:26:51 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-12-05 17:10:53 ----A---- C:\WINDOWS\system32\EBAPI2.dll
2009-12-05 17:10:52 ----D---- C:\Program Files\Common Files\EPSON
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-12-05 17:10:32 ----D---- C:\Documents and Settings\prcek\Data aplikací\InstallShield
2009-12-05 17:08:41 ----D---- C:\Program Files\EPSON
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\EBPMON2.DLL
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-12-05 17:08:31 ----D---- C:\EPSON
2009-12-02 12:06:25 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-02 12:06:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-12-02 12:06:10 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-02 12:06:03 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-12-02 12:05:31 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-12-02 12:05:14 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-02 12:05:08 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-12-02 12:04:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2009-11-30 22:59:57 ----SHD---- C:\Config.Msi
2009-11-30 00:04:56 ----A---- C:\ComboFix.txt
2009-11-29 23:42:00 ----D---- C:\WINDOWS\temp
2009-11-29 23:19:15 ----A---- C:\WINDOWS\zip.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\SWSC.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\SWREG.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\sed.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\PEV.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\NIRCMD.exe
2009-11-29 23:19:15 ----A---- C:\WINDOWS\grep.exe
2009-11-29 23:18:43 ----D---- C:\WINDOWS\ERDNT
2009-11-29 23:17:33 ----D---- C:\Qoobox
2009-11-29 22:06:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-11-29 22:06:36 ----A---- C:\WINDOWS\system32\wups2.dll
2009-11-29 22:06:35 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-11-29 22:06:35 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-11-29 22:06:33 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-11-29 20:51:28 ----RASHD---- C:\cmdcons
2009-11-29 20:50:32 ----A---- C:\WINDOWS\MBR.exe
2009-11-29 15:43:36 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-11-28 11:20:01 ----D---- C:\WINDOWS\Temporary Internet Files
2009-11-28 11:20:01 ----D---- C:\WINDOWS\History
2009-11-28 11:20:01 ----D---- C:\WINDOWS\Cookies
2009-11-28 11:20:01 ----D---- C:\KPCMS
2009-11-28 11:20:01 ----A---- C:\WINDOWS\system32\pcdlib32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\system32\MSVCRT10.DLL
2009-11-28 11:20:01 ----A---- C:\WINDOWS\sprof32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\pfpick.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\kpsys32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\kpcp32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\KPCMS.INI
2009-11-28 11:20:01 ----A---- C:\WINDOWS\icccodes.dll
2009-11-28 11:19:48 ----D---- C:\WINDOWS\system32\COLOR
2009-11-28 11:18:55 ----A---- C:\WINDOWS\unin0405.exe
2009-11-22 00:04:59 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe
2009-11-20 19:25:29 ----D---- C:\Documents and Settings\prcek\Data aplikací\Creative
2009-11-19 23:36:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-11-19 23:29:13 ----D---- C:\Program Files\Any Flv Player
2009-11-19 23:29:13 ----D---- C:\Documents and Settings\prcek\Data aplikací\Video Converter for Any Flv Player
2009-11-19 22:38:01 ----D---- C:\Program Files\Realtek AC97
2009-11-17 22:44:53 ----D---- C:\Documents and Settings\prcek\Data aplikací\Help
2009-11-17 22:15:50 ----A---- C:\WINDOWS\cdplayer.ini
2009-11-17 21:48:56 ----D---- C:\Program Files\audiograbber
2009-11-17 17:35:00 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-11-17 17:33:57 ----D---- C:\Program Files\Hewlett-Packard

======List of files/folders modified in the last 1 months======

2009-12-16 17:53:54 ----D---- C:\Program Files\Mozilla Firefox
2009-12-16 17:52:06 ----A---- C:\WINDOWS\wincmd.ini
2009-12-16 17:51:12 ----D---- C:\WINDOWS\Prefetch
2009-12-16 15:00:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-16 13:14:34 ----D---- C:\WINDOWS
2009-12-16 07:57:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-16 07:57:10 ----D---- C:\WINDOWS\system32\drivers
2009-12-15 22:30:35 ----D---- C:\Documents and Settings\prcek\Data aplikací\Skype
2009-12-15 22:17:44 ----HD---- C:\WINDOWS\inf
2009-12-15 21:45:59 ----D---- C:\Documents and Settings\prcek\Data aplikací\skypePM
2009-12-15 18:57:31 ----D---- C:\WINDOWS\security
2009-12-15 09:26:57 ----D---- C:\WINDOWS\system32
2009-12-15 09:26:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-15 09:25:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-15 01:23:25 ----SHD---- C:\System Volume Information
2009-12-15 01:17:56 ----D---- C:\WINDOWS\Debug
2009-12-15 01:15:00 ----D---- C:\Program Files
2009-12-13 23:44:42 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-13 20:53:06 ----A---- C:\WINDOWS\win.ini
2009-12-13 20:53:06 ----A---- C:\WINDOWS\system.ini
2009-12-13 20:53:06 ----A---- C:\Boot.ini
2009-12-13 20:46:11 ----D---- C:\Documents and Settings
2009-12-13 20:34:53 ----D---- C:\WINDOWS\system32\Restore
2009-12-12 15:10:10 ----D---- C:\Documents and Settings\prcek\Data aplikací\uTorrent
2009-12-06 15:16:32 ----D---- C:\NOKIA_BACKUPS
2009-12-06 14:29:06 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-06 14:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2009-12-06 14:27:22 ----SHD---- C:\WINDOWS\Installer
2009-12-06 14:27:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-06 14:27:12 ----D---- C:\Program Files\Common Files
2009-12-06 14:27:09 ----D---- C:\Program Files\Nokia
2009-12-06 14:27:09 ----D---- C:\Program Files\Common Files\Nokia
2009-12-03 13:58:14 ----D---- C:\WINDOWS\system32\config
2009-12-02 12:06:10 ----D---- C:\Program Files\Windows Media Player
2009-12-02 12:06:08 ----D---- C:\WINDOWS\Help
2009-11-30 23:03:22 ----D---- C:\Program Files\MagicISO
2009-11-30 23:02:55 ----SD---- C:\WINDOWS\Tasks
2009-11-30 23:02:02 ----D---- C:\Program Files\Common Files\Apple
2009-11-29 23:59:39 ----D---- C:\WINDOWS\AppPatch
2009-11-29 22:15:57 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-29 22:14:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-29 20:51:33 ----RASH---- C:\boot_none.ini
2009-11-29 01:39:50 ----N---- C:\WINDOWS\Sof2.INI
2009-11-29 01:39:22 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-29 01:37:04 ----AD---- C:\osagrobet
2009-11-29 00:22:02 ----D---- C:\Documents and Settings\prcek\Data aplikací\ICQ
2009-11-28 11:20:01 ----D---- C:\Program Files\Common Files\Adobe
2009-11-28 11:19:43 ----D---- C:\Program Files\Adobe
2009-11-27 20:46:08 ----D---- C:\Documents and Settings\prcek\Data aplikací\MySQL
2009-11-23 21:51:07 ----AD---- C:\obchodnisystem
2009-11-22 21:10:14 ----D---- C:\Documents and Settings\prcek\Data aplikací\TeamViewer
2009-11-22 17:42:16 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-20 00:23:24 ----D---- C:\WINDOWS\WinSxS
2009-11-20 00:22:41 ----D---- C:\WINDOWS\system32\DirectX
2009-11-20 00:22:15 ----RSD---- C:\WINDOWS\assembly
2009-11-20 00:16:01 ----D---- C:\Program Files\HRY
2009-11-19 22:38:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-19 22:38:03 ----D---- C:\Program Files\AvRack
2009-11-19 22:26:30 ----D---- C:\Program Files\AGEIA Technologies
2009-11-19 22:23:21 ----D---- C:\Program Files\uTorrent
2009-11-19 21:16:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 08477081;08477081; C:\WINDOWS\system32\DRIVERS\08477081.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 56108]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-15 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-15 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [1980-01-01 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 V0260VID;Live! Cam Vista IM; C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
S3 atirage;atirage; C:\WINDOWS\system32\DRIVERS\atiragem.sys [2001-10-24 70528]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2009-10-11 1382672]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S4 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-10-15 243056]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]
S4 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]

-----------------EOF-----------------

#22 Příspěvek od **motji** » 16 pro 2009 20:42

Tohle znáte?
C:\Documents and Settings\prcek\Nabídka Start\Programy\Po spuštění
_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.lnk - C:\Documents and Settings\prcek\Local Settings\temp\_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.bat

Jak to ted vypadá s počítačem?

prceksu · #23 Příspěvek od **prceksu** » 16 pro 2009 21:14

C:\Documents and Settings\prcek\Nabídka Start\Programy\Po spuštění
_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.lnk - C:\Documents and Settings\prcek\Local Settings\temp\_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.bat

To bude AVPZTools, protože to má instalačku setup_9.0.0.722_15.12.2009_02-38.exe.
Ono to po odinstalaci vždycky chtělo restart PC. Tuto operaci jsem prováděl asi 3x.

Počítač reaguje rychle, jako když jsou WinXP instalovány "čerstvě".
Takže myslím,že OK.

#24 Příspěvek od **motji** » 16 pro 2009 21:28

:arrow:smažte
C:\Documents and Settings\prcek\Nabídka Start\Programy\Po spuštění
_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.lnk - C:\Documents and Settings\prcek\Local Settings\temp\_uninst_setup_9.0.0.722_15.12.2009_02-38.exe.bat

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)

Z mého podpisu stahněte Ccleaner
-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy

udělat zálohu registrů - nemusíte
-kliknete opravit všechny problémy

ok

zavřít

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

A ještě jednou poprosím o log ze Rsitu

prceksu · #25 Příspěvek od **prceksu** » 16 pro 2009 21:52

Tak jsem provedl vše jak jste popisovala.
Ccleaner našel 16 zbytečných odkazů v registru.

Log z RSITu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by prcek at 2009-12-16 21:46:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (23%) free of 67 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:19, on 16.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\__Sdilet\RSIT.exe
C:\Program Files\trend micro\prcek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

--
End of file - 5154 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2009-10-11 2582288]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-16 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
C:\WINDOWS\zHotkey.exe [2003-07-29 515584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CamTray.exe [2005-10-27 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C42 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-02-19 74240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-10-11 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32]
C:\WINDOWS\system32\regedit.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-10-28 72736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowWnd]
C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2
"Nero BackItUp Scheduler 4.0"=2
"ABBYY.Licensing.FineReader.Professional.9.0"=2
"RichVideo"=2
"ose"=3
"odserv"=3
"Microsoft Office Groove Audit Service"=3
"ServiceLayer"=3
"SQLWriter"=3
"MSSQL$SQLEXPRESS"=2
"idsvc"=3
"iPod Service"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\HRY\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\HRY\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\HRY\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\HRY\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\HRY\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\HRY\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\HRY\Unreal Tournament 3\Binaries\UT3.exe"="C:\Program Files\HRY\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\HRY\Soldier of Fortune Payback\sof3.exe"="C:\Program Files\HRY\Soldier of Fortune Payback\sof3.exe:*:Disabled:sof3"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\obchodnisystem\apache2\bin\Apache.exe"="C:\obchodnisystem\apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-12-16 21:46:16 ----D---- C:\rsit
2009-12-15 09:25:44 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-15 09:25:43 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-15 09:25:43 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-15 01:15:00 ----D---- C:\Program Files\CCleaner
2009-12-14 23:26:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-12-14 15:49:30 ----D---- C:\Documents and Settings\prcek\Data aplikací\Malwarebytes
2009-12-14 15:49:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-14 15:49:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-13 22:56:57 ----D---- C:\Program Files\trend micro
2009-12-06 14:28:52 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2009-12-06 14:27:12 ----D---- C:\Program Files\Common Files\PCSuite
2009-12-06 14:26:56 ----D---- C:\Program Files\PC Connectivity Solution
2009-12-06 14:26:51 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-12-06 14:26:51 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-12-05 17:10:53 ----A---- C:\WINDOWS\system32\EBAPI2.dll
2009-12-05 17:10:52 ----D---- C:\Program Files\Common Files\EPSON
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-12-05 17:10:36 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-12-05 17:10:32 ----D---- C:\Documents and Settings\prcek\Data aplikací\InstallShield
2009-12-05 17:08:41 ----D---- C:\Program Files\EPSON
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\EBPMON2.DLL
2009-12-05 17:08:41 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-12-05 17:08:31 ----D---- C:\EPSON
2009-12-02 12:06:25 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-02 12:06:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-12-02 12:06:10 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-02 12:06:03 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-12-02 12:05:31 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-12-02 12:05:14 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-02 12:05:08 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-12-02 12:04:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2009-11-30 22:59:57 ----SHD---- C:\Config.Msi
2009-11-29 23:42:00 ----D---- C:\WINDOWS\temp
2009-11-29 22:06:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-11-29 22:06:36 ----A---- C:\WINDOWS\system32\wups2.dll
2009-11-29 22:06:35 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-11-29 22:06:35 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-11-29 22:06:33 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-11-29 20:51:28 ----RASHD---- C:\cmdcons
2009-11-29 20:50:32 ----A---- C:\WINDOWS\MBR.exe
2009-11-29 15:43:36 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-11-28 11:20:01 ----D---- C:\WINDOWS\Temporary Internet Files
2009-11-28 11:20:01 ----D---- C:\WINDOWS\History
2009-11-28 11:20:01 ----D---- C:\WINDOWS\Cookies
2009-11-28 11:20:01 ----D---- C:\KPCMS
2009-11-28 11:20:01 ----A---- C:\WINDOWS\system32\pcdlib32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\system32\MSVCRT10.DLL
2009-11-28 11:20:01 ----A---- C:\WINDOWS\sprof32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\pfpick.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\kpsys32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\kpcp32.dll
2009-11-28 11:20:01 ----A---- C:\WINDOWS\KPCMS.INI
2009-11-28 11:20:01 ----A---- C:\WINDOWS\icccodes.dll
2009-11-28 11:19:48 ----D---- C:\WINDOWS\system32\COLOR
2009-11-28 11:18:55 ----A---- C:\WINDOWS\unin0405.exe
2009-11-22 00:04:59 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe
2009-11-20 19:25:29 ----D---- C:\Documents and Settings\prcek\Data aplikací\Creative
2009-11-19 23:36:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-11-19 23:29:13 ----D---- C:\Program Files\Any Flv Player
2009-11-19 23:29:13 ----D---- C:\Documents and Settings\prcek\Data aplikací\Video Converter for Any Flv Player
2009-11-19 22:38:01 ----D---- C:\Program Files\Realtek AC97
2009-11-17 22:44:53 ----D---- C:\Documents and Settings\prcek\Data aplikací\Help
2009-11-17 22:15:50 ----A---- C:\WINDOWS\cdplayer.ini
2009-11-17 21:48:56 ----D---- C:\Program Files\audiograbber
2009-11-17 17:35:00 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-11-17 17:33:57 ----D---- C:\Program Files\Hewlett-Packard

======List of files/folders modified in the last 1 months======

2009-12-16 21:46:17 ----D---- C:\WINDOWS\Prefetch
2009-12-16 21:46:08 ----A---- C:\WINDOWS\wincmd.ini
2009-12-16 21:45:17 ----D---- C:\Program Files\Mozilla Firefox
2009-12-16 21:43:31 ----D---- C:\WINDOWS
2009-12-16 21:40:04 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-16 21:39:46 ----D---- C:\WINDOWS\system32
2009-12-16 07:57:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-16 07:57:10 ----D---- C:\WINDOWS\system32\drivers
2009-12-15 22:30:35 ----D---- C:\Documents and Settings\prcek\Data aplikací\Skype
2009-12-15 22:17:44 ----HD---- C:\WINDOWS\inf
2009-12-15 21:45:59 ----D---- C:\Documents and Settings\prcek\Data aplikací\skypePM
2009-12-15 18:57:31 ----D---- C:\WINDOWS\security
2009-12-15 09:26:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-15 09:25:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-15 01:23:25 ----SHD---- C:\System Volume Information
2009-12-15 01:17:56 ----D---- C:\WINDOWS\Debug
2009-12-15 01:15:00 ----D---- C:\Program Files
2009-12-13 23:44:42 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-13 20:53:06 ----A---- C:\WINDOWS\win.ini
2009-12-13 20:53:06 ----A---- C:\WINDOWS\system.ini
2009-12-13 20:53:06 ----A---- C:\Boot.ini
2009-12-13 20:46:11 ----D---- C:\Documents and Settings
2009-12-13 20:34:53 ----D---- C:\WINDOWS\system32\Restore
2009-12-12 15:10:10 ----D---- C:\Documents and Settings\prcek\Data aplikací\uTorrent
2009-12-06 15:16:32 ----D---- C:\NOKIA_BACKUPS
2009-12-06 14:29:06 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-06 14:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2009-12-06 14:27:22 ----SHD---- C:\WINDOWS\Installer
2009-12-06 14:27:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-06 14:27:12 ----D---- C:\Program Files\Common Files
2009-12-06 14:27:09 ----D---- C:\Program Files\Nokia
2009-12-06 14:27:09 ----D---- C:\Program Files\Common Files\Nokia
2009-12-03 13:58:14 ----D---- C:\WINDOWS\system32\config
2009-12-02 12:06:10 ----D---- C:\Program Files\Windows Media Player
2009-12-02 12:06:08 ----D---- C:\WINDOWS\Help
2009-11-30 23:03:22 ----D---- C:\Program Files\MagicISO
2009-11-30 23:02:55 ----SD---- C:\WINDOWS\Tasks
2009-11-30 23:02:02 ----D---- C:\Program Files\Common Files\Apple
2009-11-29 23:59:39 ----D---- C:\WINDOWS\AppPatch
2009-11-29 22:15:57 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-29 22:14:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-29 20:51:33 ----RASH---- C:\boot_none.ini
2009-11-29 01:39:50 ----N---- C:\WINDOWS\Sof2.INI
2009-11-29 01:39:22 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-29 01:37:04 ----AD---- C:\osagrobet
2009-11-29 00:22:02 ----D---- C:\Documents and Settings\prcek\Data aplikací\ICQ
2009-11-28 11:20:01 ----D---- C:\Program Files\Common Files\Adobe
2009-11-28 11:19:43 ----D---- C:\Program Files\Adobe
2009-11-27 20:46:08 ----D---- C:\Documents and Settings\prcek\Data aplikací\MySQL
2009-11-23 21:51:07 ----AD---- C:\obchodnisystem
2009-11-22 21:10:14 ----D---- C:\Documents and Settings\prcek\Data aplikací\TeamViewer
2009-11-22 17:42:16 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-20 00:23:24 ----D---- C:\WINDOWS\WinSxS
2009-11-20 00:22:41 ----D---- C:\WINDOWS\system32\DirectX
2009-11-20 00:22:15 ----RSD---- C:\WINDOWS\assembly
2009-11-20 00:16:01 ----D---- C:\Program Files\HRY
2009-11-19 22:38:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-19 22:38:03 ----D---- C:\Program Files\AvRack
2009-11-19 22:26:30 ----D---- C:\Program Files\AGEIA Technologies
2009-11-19 22:23:21 ----D---- C:\Program Files\uTorrent
2009-11-19 21:16:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 08477081;08477081; C:\WINDOWS\system32\DRIVERS\08477081.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 56108]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-15 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-15 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [1980-01-01 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 V0260VID;Live! Cam Vista IM; C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
S3 atirage;atirage; C:\WINDOWS\system32\DRIVERS\atiragem.sys [2001-10-24 70528]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2009-10-11 1382672]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2001-10-25 90112]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S4 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-10-15 243056]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]
S4 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]

-----------------EOF-----------------

#26 Příspěvek od **motji** » 16 pro 2009 22:04

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\regedit.exe
C:\WINDOWS\MBR.exe

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=-

:commands
[Reboot]

-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

tuhle složku znáte?
C:\osagrobet

Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980

prceksu · #27 Příspěvek od **prceksu** » 16 pro 2009 22:19

1) OTM Log:

========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP396.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP488.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD.tmp folder moved successfully.
C:\WINDOWS\system32\Com\COM3EE.tmp moved successfully.
File/Folder C:\WINDOWS\system32\regedit.exe not found.
C:\WINDOWS\MBR.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BluetoothAuthenticationAgent deleted successfully.
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.2.2 log created on 12162009_220847

2) Složka C:/osagrobet obsahuje moji aplikaci s instalací Apache+PHP+MySQL.

3) Nemám firewall, po těchto zkušenostech, pročtu,nainstaluji,pravděpodobně Kerio.
Mám již teď?

#28 Příspěvek od **motji** » 16 pro 2009 22:28

:arrow:Otevřete znovu Otm a klikněte na tlačítko CleanUp,potvrďte ok

Kerio je dobrý firewall, akorát spomaluje starší počítače. Já používám Zone alarm, ale je v angličtině.

Pokud nejsou problémy, je to vše

prceksu · #29 Příspěvek od **prceksu** » 16 pro 2009 22:57

OTM hotovo.
S tím firewall to dořeším hned zítra, po těchto zkušenostech to už nebudu riskovat.

Moc moc děkuji za pomoc a přeji hezký večer.

PetrK

#30 Příspěvek od **motji** » 16 pro 2009 22:59

Kdyby se objevili problémy, ozvěte se

Není zač

VIRY.CZ

SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe

Re: SVCHOST - 100% CPU s procesem siszyd32.exe