VIRY.CZ

TDSSKiller:

2011/08/29 09:32:01.0375 3512 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 09:32:01.0484 3512 ================================================================================
2011/08/29 09:32:01.0484 3512 SystemInfo:
2011/08/29 09:32:01.0484 3512
2011/08/29 09:32:01.0484 3512 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/29 09:32:01.0484 3512 Product type: Workstation
2011/08/29 09:32:01.0484 3512 ComputerName: PC
2011/08/29 09:32:01.0484 3512 UserName: Martin
2011/08/29 09:32:01.0484 3512 Windows directory: C:\WINDOWS
2011/08/29 09:32:01.0484 3512 System windows directory: C:\WINDOWS
2011/08/29 09:32:01.0484 3512 Processor architecture: Intel x86
2011/08/29 09:32:01.0484 3512 Number of processors: 2
2011/08/29 09:32:01.0484 3512 Page size: 0x1000
2011/08/29 09:32:01.0484 3512 Boot type: Normal boot
2011/08/29 09:32:01.0484 3512 ================================================================================
2011/08/29 09:32:04.0171 3512 Initialize success
2011/08/29 09:32:34.0984 2816 ================================================================================
2011/08/29 09:32:34.0984 2816 Scan started
2011/08/29 09:32:34.0984 2816 Mode: Manual;
2011/08/29 09:32:34.0984 2816 ================================================================================
2011/08/29 09:32:35.0562 2816 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/29 09:32:35.0656 2816 acedrv11 (27f954120babb8a00f8745d8f5bc9b82) C:\WINDOWS\system32\drivers\acedrv11.sys
2011/08/29 09:32:35.0703 2816 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 09:32:35.0750 2816 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/29 09:32:35.0781 2816 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 09:32:35.0812 2816 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 09:32:35.0968 2816 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/29 09:32:35.0984 2816 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/29 09:32:36.0015 2816 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/29 09:32:36.0062 2816 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/29 09:32:36.0093 2816 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/29 09:32:36.0125 2816 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/29 09:32:36.0140 2816 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/29 09:32:36.0187 2816 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/29 09:32:36.0218 2816 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/29 09:32:36.0250 2816 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/29 09:32:36.0265 2816 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/29 09:32:36.0312 2816 Cardex (04e1c782cf14b7282ebc633b0fd3ed16) C:\WINDOWS\system32\drivers\TBPANEL.SYS
2011/08/29 09:32:36.0359 2816 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/29 09:32:36.0406 2816 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/29 09:32:36.0437 2816 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/29 09:32:36.0484 2816 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/29 09:32:36.0593 2816 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/29 09:32:36.0640 2816 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/29 09:32:36.0687 2816 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/29 09:32:36.0687 2816 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/29 09:32:36.0703 2816 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/29 09:32:36.0765 2816 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/29 09:32:36.0796 2816 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/29 09:32:36.0828 2816 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/29 09:32:36.0859 2816 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/29 09:32:36.0875 2816 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/29 09:32:36.0921 2816 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/29 09:32:36.0937 2816 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/29 09:32:36.0953 2816 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/29 09:32:36.0984 2816 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
2011/08/29 09:32:37.0843 2816 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/29 09:32:37.0921 2816 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/29 09:32:37.0984 2816 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/29 09:32:38.0062 2816 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/29 09:32:38.0109 2816 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/29 09:32:38.0125 2816 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/29 09:32:38.0187 2816 InCDfs (ae40e010d145aa371fe3a551c44f74f4) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/08/29 09:32:38.0203 2816 InCDPass (efc1883a3cfcdd72222c428ef0a38695) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/08/29 09:32:38.0203 2816 InCDrec (8413063a0e2b4da05d5d87075021fb75) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/08/29 09:32:38.0406 2816 IntcAzAudAddService (2feb5bf0312e1cb76cd2caa875cbaa5d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/29 09:32:38.0468 2816 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/29 09:32:38.0468 2816 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/29 09:32:38.0484 2816 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/29 09:32:38.0500 2816 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/29 09:32:38.0515 2816 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/29 09:32:38.0546 2816 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/29 09:32:38.0562 2816 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/29 09:32:38.0578 2816 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/29 09:32:38.0578 2816 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/29 09:32:38.0625 2816 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/29 09:32:38.0656 2816 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/29 09:32:38.0687 2816 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/29 09:32:38.0750 2816 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/29 09:32:38.0765 2816 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/29 09:32:38.0796 2816 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/29 09:32:38.0796 2816 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/29 09:32:38.0812 2816 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/29 09:32:38.0843 2816 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/29 09:32:38.0906 2816 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/29 09:32:38.0921 2816 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/29 09:32:38.0953 2816 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/29 09:32:38.0968 2816 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/29 09:32:38.0984 2816 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/29 09:32:38.0984 2816 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/29 09:32:39.0000 2816 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/29 09:32:39.0046 2816 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/29 09:32:39.0109 2816 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/29 09:32:39.0125 2816 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/29 09:32:39.0125 2816 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/29 09:32:39.0171 2816 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/29 09:32:39.0187 2816 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/29 09:32:39.0187 2816 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/29 09:32:39.0234 2816 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/08/29 09:32:39.0281 2816 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/08/29 09:32:39.0281 2816 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/29 09:32:39.0359 2816 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/29 09:32:39.0406 2816 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/29 09:32:39.0625 2816 nv (406ddab2b05d94d4818e97ff050d1bc6) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/29 09:32:39.0859 2816 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/29 09:32:39.0859 2816 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/29 09:32:39.0890 2816 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/29 09:32:39.0906 2816 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/29 09:32:39.0953 2816 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/29 09:32:40.0000 2816 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/08/29 09:32:40.0015 2816 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/29 09:32:40.0046 2816 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/29 09:32:40.0062 2816 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/29 09:32:40.0187 2816 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/29 09:32:40.0203 2816 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/29 09:32:40.0218 2816 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/29 09:32:40.0234 2816 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/29 09:32:40.0312 2816 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/29 09:32:40.0328 2816 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/29 09:32:40.0375 2816 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/29 09:32:40.0390 2816 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/29 09:32:40.0406 2816 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/29 09:32:40.0406 2816 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/29 09:32:40.0468 2816 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/29 09:32:40.0500 2816 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/29 09:32:40.0531 2816 RTLE8023xp (839141088ad7ee90f5b441b2d1afd22c) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/29 09:32:40.0671 2816 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/29 09:32:40.0703 2816 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2011/08/29 09:32:40.0734 2816 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2011/08/29 09:32:40.0781 2816 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/29 09:32:40.0796 2816 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/29 09:32:40.0812 2816 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/29 09:32:40.0890 2816 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/29 09:32:40.0937 2816 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/29 09:32:40.0968 2816 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/29 09:32:41.0000 2816 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/29 09:32:41.0015 2816 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/29 09:32:41.0031 2816 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/29 09:32:41.0093 2816 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/29 09:32:41.0140 2816 TBPanel (04e1c782cf14b7282ebc633b0fd3ed16) C:\WINDOWS\system32\drivers\TBPanel.sys
2011/08/29 09:32:41.0171 2816 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/29 09:32:41.0203 2816 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/29 09:32:41.0218 2816 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/29 09:32:41.0234 2816 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/29 09:32:41.0265 2816 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/29 09:32:41.0312 2816 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/29 09:32:41.0359 2816 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/08/29 09:32:41.0375 2816 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/29 09:32:41.0390 2816 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/29 09:32:41.0406 2816 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/29 09:32:41.0421 2816 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/29 09:32:41.0437 2816 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/29 09:32:41.0468 2816 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/08/29 09:32:41.0500 2816 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/08/29 09:32:41.0500 2816 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/29 09:32:41.0531 2816 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/29 09:32:41.0531 2816 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/29 09:32:41.0562 2816 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/29 09:32:41.0578 2816 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/29 09:32:41.0609 2816 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/29 09:32:41.0656 2816 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/29 09:32:41.0718 2816 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/29 09:32:41.0750 2816 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/29 09:32:41.0781 2816 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/08/29 09:32:41.0875 2816 Boot (0x1200) (3acc6e071c66e5174261437e1efdfd01) \Device\Harddisk0\DR0\Partition0
2011/08/29 09:32:41.0875 2816 ================================================================================
2011/08/29 09:32:41.0875 2816 Scan finished
2011/08/29 09:32:41.0875 2816 ================================================================================
2011/08/29 09:32:41.0890 2892 Detected object count: 0
2011/08/29 09:32:41.0890 2892 Actual detected object count: 0

tak a program AVPTOOl mi nešel z daného odkazu z fóra stáhnout... Takže asi ho budu muset stáhnout z jiného webu.... tu v. 11

a k tomu ručnímu mazaní... programy nemažou to co je potřeba...že???

No u Vás mi prostě běžné nástroje nefungují, nechápu proč

. Bud děláte něco špatně Vy, nebo to něco blokuje

aha.. tak mě napadla jedna věc.. neni to třeba tím, že můj účet neni uveden jako pravý administrátor...

a měl bych to provádět v chodu nouzového režimu.....

Nwm... to jen jen moje úvaha... a nebo to tam blokuje pozůstatky virů, či sám systém....

jinak jestli jsem si to nezhoršil sám, že jsem začal normálně využivát PC.. jako třeba youtube.. atd...

To by byl teda pech

Můžete zkusit ten poslední skript na combofix v nouzovém režimu.

dobrá.. uvidíme jestli to konečně udělá to co má

tak ComboFix mazal.. a hodně

. Tak doufám, že mazal to co se mělo....

zde je log:

ComboFix 11-08-22.04 - Martin . 08. 2011 14:43:58.5.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.2046.1652 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin.MŮJ\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin.MŮJ\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
FILE ::
"c:\documents and settings\All Users.WINDOWS\Data aplikací\regid.1986-12.com.adobe"
"c:\windows\System32\ezsidmv.dat"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
"c:\windows\Temp\rtdrvmon.exe"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\System32\ezsidmv.dat
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\windows\Temp\rtdrvmon.exe
c:\windows\ufa
c:\windows\unrar.exe
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0-lnk\svchost.exe
c:\windows\update.tray-3-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-30 )))))))))))))))))))))))))))))))
.
.
2011-08-25 07:30 . 2008-04-02 14:33 -------- d-----w- c:\program files\MX vs ATV Unleashed
2011-08-24 20:35 . 2011-08-24 20:35 -------- d-----w- C:\_OTL
2011-08-24 14:26 . 2011-08-24 14:27 -------- d-----w- c:\documents and settings\Táta\Local Settings\Data aplikací\AskToolbar
2011-08-24 09:31 . 2011-08-24 09:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NFS Underground
2011-08-22 19:45 . 2011-08-27 15:36 -------- d-----w- C:\## aswSnx private storage
2011-08-22 08:23 . 2011-08-22 08:23 -------- d-----w- c:\documents and settings\Martin.MŮJ\Data aplikací\Malwarebytes
2011-08-22 08:23 . 2011-08-22 08:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2011-08-22 08:23 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 08:23 . 2011-08-22 10:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-22 08:23 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 08:21 . 2011-08-22 08:21 -------- d-----w- C:\RK_Quarantine
2011-08-20 11:42 . 2011-08-20 12:56 -------- d-----w- c:\program files\trend micro
2011-08-20 11:42 . 2011-08-20 11:47 -------- d-----w- C:\rsit
2011-08-20 10:02 . 2011-08-20 10:04 -------- d-----w- c:\documents and settings\Jája.MŮJ\Local Settings\Data aplikací\AskToolbar
2011-08-19 18:10 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-19 18:10 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-19 17:07 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-19 17:06 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-19 17:06 . 2011-08-19 17:06 -------- d-----w- c:\program files\AVAST Software
2011-08-19 17:06 . 2011-08-19 17:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2011-08-19 13:58 . 2011-08-19 13:58 -------- d-----r- c:\documents and settings\LocalService.NT AUTHORITY\Oblíbené položky
2011-08-19 13:57 . 2011-08-19 13:57 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY\IETldCache
2011-08-18 16:09 . 2011-08-19 17:09 -------- d-----w- c:\program files\Alwil Software
2011-08-18 15:40 . 2011-08-18 15:40 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Nabídka Start
2011-08-12 08:22 . 2011-08-12 13:10 -------- d-----w- c:\documents and settings\Martin.MŮJ\Local Settings\Data aplikací\AskToolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-30 12:38 . 2009-08-31 07:20 17488 ----a-w- c:\windows\gdrv.sys
2011-08-25 11:20 . 2010-07-30 10:54 22328 -c--a-w- c:\documents and settings\Martin.MŮJ\Data aplikací\PnkBstrK.sys
2011-08-25 11:20 . 2009-10-08 15:29 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-25 11:20 . 2009-10-08 15:29 107832 -c--a-w- c:\windows\system32\PnkBstrB.exe
2011-08-25 11:19 . 2010-07-30 10:54 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2011-08-25 11:19 . 2009-10-08 15:29 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43 . 2010-04-01 07:57 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2010-04-01 07:57 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-04-01 07:57 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2010-04-01 07:57 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2010-04-01 07:57 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2010-04-01 07:57 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-04-01 07:57 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2010-04-01 07:57 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-03 07:38 . 2009-08-24 09:24 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-03 07:38 . 2009-08-24 09:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-06-24 14:10 . 2009-08-18 13:52 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2009-05-12 2181672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^KODAK Software Updater.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^LUMIX Simple Viewer.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\LUMIX Simple Viewer.lnk
backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Software Kodak EasyShare.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Software Kodak EasyShare.lnk
backup=c:\windows\pss\Software Kodak EasyShare.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-04-29 17:55 3338240 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2004-09-07 15:25 1400944 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 07:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 07:53 570664 -c--a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 09:53 1483264 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"AVG Anti-Spyware Guard"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Opera 10 Preview\\opera.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"c:\\Program Files\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"c:\\Program Files\\Landwirtschafts Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19. 8. 2011 19:07 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1. 4. 2010 9:57 309848]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12. 10. 2009 21:24 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12. 10. 2009 21:24 74480]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30. 7. 2008 7:51 277736]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1. 4. 2010 9:57 19544]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [18. 8. 2009 19:09 68136]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28. 12. 2009 12:18 135664]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18. 8. 2009 19:47 222968]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [28. 12. 2009 12:18 135664]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12. 10. 2009 21:24 7408]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19. 2. 2010 13:37 517096]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 10:18]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 10:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\program files\Microsoft Office\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\program files\Microsoft Office\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.100.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
AddRemove-eIMAGE Recovery DEMO - c:\program files\EIMAGE~1\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-30 14:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2000478354-515967899-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e4,0e,30,b7,65,aa,e3,7d,29,c6,55,00,a8,2d,c4,be,05,b6,57,d9,6c,7a,43,
37,4d,65,07,46,af,5e,85,7f,79,85,44,02,f7,71,0f,0d,f4,ce,f6,cd,f6,a3,71,3b,\
"??"=hex:b3,d8,4d,f1,ec,7a,c1,c7,17,32,2c,0c,f4,d3,e7,46
.
[HKEY_USERS\S-1-5-21-2000478354-515967899-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:16,f1,3b,c5,de,12,7e,0b,69,45,f2,3a,48,d0,11,b6,48,59,f6,d7,60,
4a,d4,33,5b,1e,17,13,5e,f4,cf,7c,eb,0a,a5,2c,52,b2,b9,66,d0,10,b2,cd,fd,7b,\
"rkeysecu"=hex:9d,69,eb,62,fa,69,eb,a3,b2,12,b8,24,ba,9b,80,e6
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(228)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
- - - - - - - > 'explorer.exe'(1488)
c:\program files\Windows Media Player\wmpband.dll
.
Celkový čas: 2011-08-30 14:53:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-30 12:53
ComboFix2.txt 2011-08-27 15:42
ComboFix3.txt 2011-08-23 19:41
ComboFix4.txt 2011-08-23 13:35
ComboFix5.txt 2011-08-30 12:43
.
Před spuštěním: Volných bajtů: 115 373 785 088
Po spuštění: Volných bajtů: 115 373 084 672
.
- - End Of File - - D7F6830D10BBEEA4850E200113939787

Heuréka

Otestujte na www.virustotal.com
c:\windows\system32\userinit.exe
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

tak se to povedko....

tak tady je ten odkaz.. http://www.virustotal.com/file-scan/rep ... 1314774421 doufám že jsem to udělal správně.... :DDD

dneska odjíždím na intr.. Takže budu k dispozici až v pátek na večer

Paráda, takže by to mělo být už ok

.

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

to jsem rád

tak programy jsem použil, smazaly to co měli, takže žádnej program který jsme používaly je pryč...
a CCleaner znám a používa ho. Je to moc šikovný prográmek...

tak a tady je LOG z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2011-09-02 14:06:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 108 GB (35%) free of 305 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:06:50, on 2. 9. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Martin.MŮJ\Plocha\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Martin.MŮJ\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Martin.MŮJ\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7206 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Martin.MŮJ\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-05-12 2181672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^KODAK Software Updater.lnk]
C:\Program Files\Kodak\KODAKS~1\7288971\Program\KODAKS~1.EXE [2004-02-13 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^LUMIX Simple Viewer.lnk]
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-09-29 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Software Kodak EasyShare.lnk]
C:\Program Files\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2006-06-02 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"AVG Anti-Spyware Guard"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Opera 10 Preview\opera.exe"="C:\Program Files\Opera 10 Preview\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Codemasters\GRID\GRID.exe"="C:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
"C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Landwirtschafts Simulator 2011\game.exe"="C:\Program Files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2011-09-02 14:06:45 ----D---- C:\rsit
2011-08-30 14:59:44 ----SHD---- C:\RECYCLER
2011-08-30 14:55:16 ----ASH---- C:\hiberfil.sys
2011-08-30 14:53:18 ----D---- C:\WINDOWS\temp
2011-08-25 09:30:58 ----D---- C:\Program Files\MX vs ATV Unleashed
2011-08-24 11:31:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NFS Underground
2011-08-22 21:53:19 ----A---- C:\Boot.bak
2011-08-22 21:53:14 ----RASHD---- C:\cmdcons
2011-08-22 10:23:19 ----D---- C:\Documents and Settings\Martin.MŮJ\Data aplikací\Malwarebytes
2011-08-22 10:23:13 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2011-08-22 10:23:13 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-22 10:23:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-22 10:23:10 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-20 15:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-20 13:42:43 ----D---- C:\Program Files\trend micro
2011-08-19 20:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-19 20:12:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-19 20:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-08-19 20:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-19 20:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-08-19 20:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-08-19 20:11:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-19 19:07:00 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-19 19:06:44 ----A---- C:\WINDOWS\avastSS.scr
2011-08-19 19:06:37 ----D---- C:\Program Files\AVAST Software
2011-08-19 19:06:22 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
2011-08-18 18:09:48 ----D---- C:\Program Files\Alwil Software

======List of files/folders modified in the last 1 month======

2011-09-02 14:06:48 ----D---- C:\WINDOWS\Prefetch
2011-09-02 14:03:13 ----SHD---- C:\System Volume Information
2011-09-02 14:03:13 ----D---- C:\WINDOWS\system32\Restore
2011-09-02 14:00:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-02 13:53:28 ----D---- C:\WINDOWS
2011-09-02 13:46:31 ----D---- C:\WINDOWS\system32\drivers
2011-08-30 14:54:16 ----RASH---- C:\boot.ini
2011-08-30 14:54:16 ----A---- C:\WINDOWS\win.ini
2011-08-30 14:54:16 ----A---- C:\WINDOWS\system.ini
2011-08-30 14:48:49 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-30 14:45:37 ----SD---- C:\WINDOWS\Tasks
2011-08-30 14:45:37 ----D---- C:\WINDOWS\system32
2011-08-30 14:43:37 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-30 10:16:19 ----RD---- C:\Program Files
2011-08-28 10:40:05 ----A---- C:\WINDOWS\NeroDigital.ini
2011-08-27 17:28:59 ----D---- C:\WINDOWS\AppPatch
2011-08-27 17:28:56 ----D---- C:\Program Files\Common Files
2011-08-25 13:20:04 ----AC---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-25 13:19:56 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-08-25 13:19:56 ----A---- C:\WINDOWS\system32\pbsvc.exe
2011-08-25 13:19:55 ----SHD---- C:\WINDOWS\Installer
2011-08-25 13:19:55 ----D---- C:\Config.Msi
2011-08-25 13:19:40 ----D---- C:\WINDOWS\system32\DirectX
2011-08-25 13:19:39 ----HD---- C:\WINDOWS\inf
2011-08-25 13:19:29 ----RSD---- C:\WINDOWS\assembly
2011-08-25 13:09:53 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-25 09:31:59 ----RD---- C:\programy
2011-08-24 12:59:51 ----D---- C:\Program Files\EA GAMES
2011-08-22 16:43:29 ----RD---- C:\lokomotivy, vagóny, budovy atd.... TRS 04
2011-08-22 12:10:05 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-21 16:12:13 ----D---- C:\Documents and Settings\Martin.MŮJ\Data aplikací\Skype
2011-08-21 16:09:54 ----RD---- C:\Program Files\Skype
2011-08-21 16:09:48 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype
2011-08-21 09:44:23 ----D---- C:\WINDOWS\Debug
2011-08-20 15:26:38 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-20 15:26:22 ----D---- C:\WINDOWS\WinSxS
2011-08-20 15:20:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-20 15:20:07 ----D---- C:\Program Files\Internet Explorer
2011-08-20 15:19:56 ----D---- C:\WINDOWS\ie8updates
2011-08-20 15:19:52 ----D---- C:\WINDOWS\$hf_mig$
2011-08-20 13:33:01 ----D---- C:\Program Files\Microsoft Office
2011-08-20 11:21:32 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype Extras
2011-08-20 11:11:32 ----D---- C:\Documents and Settings\Martin.MŮJ\Data aplikací\skypePM
2011-08-20 09:24:52 ----D---- C:\Program Files\Opera
2011-08-18 17:58:50 ----D---- C:\Program Files\SUPERAntiSpyware
2011-08-15 09:55:56 ----D---- C:\Program Files\DsNET Corp
2011-08-14 10:32:47 ----RD---- C:\PHOTOfunSTUDIO
2011-08-08 15:09:18 ----A---- C:\WINDOWS\lexstat.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-07-14 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-05-21 8055584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S1 WINFLASH;WINFLASH; \??\D:\WinFlash\WinFlash.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-08-25 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-08-25 107832]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

a těd k tomu chováni PC.. vše funguje jako dříve.. youtube mi jde, facebook taky, PC se tak neseká jak při chodu systému tak při mé mylované hře Trainz 2004

Takže děkuju tedy za pomoc a trpělivost

z mé strany monitoru je to ,,asi" tedy vše

Děkuji

spusťte přejmenované HJT C:\Program Files\trend micro\Martin.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Martin.MŮJ\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc

Ještě doinstalujte firewall, třeba Zone alarm. A pokud nejsou problémy, je to vše

dobrá doporučení jsem využil a pokyny jsem taky splnil...

A problémy nejsou, takže je to vše

takže ještě jednou děkuju za vše

Není zač, hezký víkend

VIRY.CZ

další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...

Re: další Facebok vir...