VIRY.CZ

Ahoj ,
prosim o radu při defragmentaci a při projíždění antivirem AVS ,spyware terminatorem , se my v 1/3 kontroly restartuje počitač.
Při kontrole AGV se nerestartuje ale ani nenašel žadnou nákazu.
Dekuji.

Logfile of random's system information tool 1.07 (written by random/random)
Run by Rostik at 2010-06-25 18:54:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (29%) free of 30 GB
Total RAM: 1407 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:54:59, on 25.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Rostik\Stahnute soubory\Stažené soubory\IrfanView\i_view32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\opera.exe
D:\Rostik\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Rostik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSoft.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ABUNINSTALL] C:\Documents and Settings\All Users\Data aplikací\AB Studio\ABUnInstall.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [VycistitPocitac] "C:\Program Files\Vyčistit Počítač\VycistitPocitac.exe" /SCHEDULED
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AbSoftMgr4 - AB Studio - C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 14256 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09e55ba0-f9c6-4b81-82df-46853f6f7b3f}]
Soft-Search Toolbar - C:\Program Files\Soft-Search\tbSoft.dll [2009-11-03 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-06-25 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll [2010-03-28 393144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-27 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - Soft-Search Toolbar - C:\Program Files\Soft-Search\tbSoft.dll [2009-11-03 2331672]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 278192]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-31 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-09 18063872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"DataMngr"=C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe [2010-03-28 797112]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"NPSStartup"= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-25 2065248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"ABUNINSTALL"=C:\Documents and Settings\All Users\Data aplikací\AB Studio\ABUnInstall.exe [2007-05-31 229376]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-11 39408]
"VycistitPocitac"=C:\Program Files\Vyčistit Počítač\VycistitPocitac.exe /SCHEDULED []
"OEXPRESS"= []
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-05-23 3037696]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-07 26211624]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\Documents and Settings\Rostik\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-06-24 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoLogoff"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWindowsUpdate"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"D:\Novy ENDOR\client.exe"="D:\Novy ENDOR\client.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-06-25 18:54:54 ----D---- C:\rsit
2010-06-25 18:54:54 ----D---- C:\Program Files\trend micro
2010-06-24 22:06:26 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-06-24 22:06:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-06-24 22:06:06 ----D---- C:\Program Files\AVG
2010-06-24 22:06:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-06-23 21:39:31 ----D---- C:\Program Files\NortonInstaller
2010-06-23 18:39:56 ----D---- C:\Documents and Settings\Rostik\Data aplikací\DivX
2010-06-23 18:39:47 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-06-23 18:39:47 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-06-23 18:39:47 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-06-23 18:39:47 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-06-23 18:39:46 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-06-23 18:39:46 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-06-22 20:39:09 ----A---- C:\WINDOWS\ModemLog_Standardní modem připojený pomocí technologie Bluetooth.txt
2010-06-21 19:47:09 ----A---- C:\WINDOWS\ModemLog_Standardní modem připojený pomocí technologie Bluetooth #3.txt
2010-06-21 17:16:56 ----A---- C:\WINDOWS\ModemLog_Standardní modem 300 bitů za sekundu.txt
2010-06-21 13:26:17 ----A---- C:\WINDOWS\ModemLog_SAMSUNG USB Mobile Modem.txt
2010-06-21 13:20:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-06-21 13:20:18 ----D---- C:\Documents and Settings\Rostik\Data aplikací\PC Suite
2010-06-21 13:19:30 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-06-21 13:19:07 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-06-21 13:19:07 ----D---- C:\Program Files\DIFX
2010-06-21 13:19:04 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-06-21 13:19:04 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-06-21 13:18:53 ----D---- C:\Documents and Settings\Rostik\Data aplikací\Samsung
2010-06-21 13:18:45 ----D---- C:\Program Files\MarkAny
2010-06-21 13:18:43 ----D---- C:\Program Files\PC Connectivity Solution
2010-06-21 13:18:20 ----D---- C:\Program Files\Samsung
2010-06-21 12:51:16 ----D---- C:\Program Files\T-Mobile
2010-06-21 12:48:21 ----RA---- C:\WINDOWS\system32\4GCleanup.exe
2010-06-11 20:34:16 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-06-04 17:10:28 ----D---- C:\Program Files\PokerStars
2010-05-31 20:49:10 ----A---- C:\WINDOWS\system32\tsccvid.dll
2010-05-30 21:44:18 ----D---- C:\WINDOWS\system32\xlive
2010-05-28 13:40:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-28 13:36:21 ----D---- C:\Documents and Settings\Rostik\Data aplikací\Nero
2010-05-28 13:22:52 ----D---- C:\Program Files\Nero
2010-05-28 13:22:33 ----D---- C:\Program Files\Common Files\Nero
2010-05-28 13:22:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-05-28 13:20:14 ----D---- C:\Program Files\Ask.com
2010-05-27 15:14:56 ----A---- C:\WINDOWS\vfwwdm32.dll
2010-05-27 15:08:37 ----D---- C:\Program Files\MSXML 4.0
2010-05-27 15:08:01 ----D---- C:\Program Files\DD PlayCam
2010-05-26 18:54:55 ----D---- C:\WINDOWS\WebCam
2010-05-26 18:54:55 ----A---- C:\WINDOWS\system32\M1000DIF.dll
2010-05-26 18:54:53 ----A---- C:\WINDOWS\M1000Twn.ini
2010-05-26 18:54:51 ----D---- C:\WINDOWS\M10Setup
2010-05-26 18:54:51 ----D---- C:\Program Files\Genius
2010-05-26 18:50:27 ----D---- C:\WINDOWS\Album

======List of files/folders modified in the last 1 months======

2010-06-25 18:54:58 ----D---- C:\WINDOWS\Prefetch
2010-06-25 18:54:54 ----RD---- C:\Program Files
2010-06-25 18:30:18 ----D---- C:\Program Files\Vyčistit Počítač
2010-06-25 18:30:16 ----D---- C:\WINDOWS\system32
2010-06-25 18:29:36 ----D---- C:\Program Files\Norton Security Scan
2010-06-25 18:29:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-06-25 18:29:35 ----SD---- C:\WINDOWS\Tasks
2010-06-25 18:28:29 ----D---- C:\Program Files\Google
2010-06-25 18:25:31 ----D---- C:\Program Files\Spyware Terminator
2010-06-25 18:25:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-25 18:20:29 ----D---- C:\Documents and Settings\Rostik\Data aplikací\Skype
2010-06-25 18:08:37 ----D---- C:\Documents and Settings\Rostik\Data aplikací\Spyware Terminator
2010-06-25 18:02:56 ----D---- C:\WINDOWS\Temp
2010-06-25 17:58:37 ----D---- C:\WINDOWS
2010-06-25 17:58:36 ----D---- C:\WINDOWS\Minidump
2010-06-25 17:30:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-25 08:09:08 ----D---- C:\WINDOWS\system32\drivers
2010-06-24 22:08:09 ----D---- C:\Program Files\Mozilla Firefox
2010-06-24 22:06:02 ----SHD---- C:\WINDOWS\Installer
2010-06-24 22:05:29 ----SD---- C:\Documents and Settings\Rostik\Data aplikací\Microsoft
2010-06-24 21:53:54 ----A---- C:\WINDOWS\lexstat.ini
2010-06-24 21:44:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-06-24 19:55:04 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-23 18:48:47 ----D---- C:\WINDOWS\system32\NtmsData
2010-06-23 18:41:14 ----D---- C:\WINDOWS\WinSxS
2010-06-23 18:41:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-06-23 18:40:05 ----D---- C:\Program Files\DivX
2010-06-23 18:40:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-06-23 18:38:21 ----D---- C:\Program Files\ICQ6.5
2010-06-23 18:37:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-21 17:12:01 ----HD---- C:\WINDOWS\inf
2010-06-21 17:00:50 ----D---- C:\WINDOWS\Help
2010-06-21 13:51:58 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-21 13:19:30 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-21 13:12:05 ----D---- C:\Program Files\Common Files\Adobe
2010-06-10 14:13:46 ----D---- C:\Documents and Settings\Rostik\Data aplikací\ICQ
2010-06-10 08:13:11 ----D---- C:\Documents and Settings\Rostik\Data aplikací\skypePM
2010-06-06 15:41:38 ----D---- C:\Program Files\Lexmark X1100 Series
2010-05-31 15:19:28 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-05-30 21:44:23 ----D---- C:\WINDOWS\system32\DirectX
2010-05-30 21:44:02 ----RSD---- C:\WINDOWS\assembly
2010-05-30 21:38:37 ----D---- C:\Documents and Settings
2010-05-28 16:31:59 ----A---- C:\WINDOWS\win.ini
2010-05-28 13:22:33 ----D---- C:\Program Files\Common Files
2010-05-27 15:15:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-27 15:14:57 ----D---- C:\WINDOWS\system
2010-05-27 15:14:56 ----D---- C:\WINDOWS\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-06-24 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-25 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-25 242896]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2007-08-01 16376]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-11 4959232]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-27 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 a37a5du1;a37a5du1; C:\WINDOWS\system32\drivers\a37a5du1.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eusk3usb;SmartKey 3 USB; C:\WINDOWS\System32\Drivers\eusk3usb.sys [2004-11-18 45534]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-01 276930]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-06-24 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-24 308064]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2008-04-24 2562048]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-05-23 488960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S3 AbSoftMgr4;AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [2008-06-16 630784]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-11-04 85096]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-11 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSoft.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSoft.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

HJT najdeš zde :

C:\Program Files\trend micro\Rostik.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj :

ICQ6Toolbar

Ask.com

BearShare Applications

Soft-Search

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Nero BackItUp Scheduler 4.0

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !

Nakonec použij Mbam z mého podpisu.

waw dekuju ,to jsou ale fofry jdu na to

Jasně, až to budeš mít nezapomeň mi sem dát ten log z Mbam.

Tak jeste jednou diky a tady je protokol.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4240

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

25.6.2010 22:16:07
mbam-log-2010-06-25 (22-16-07).txt

Typ skenu: Rychlý sken
Skenované objekty: 135780
Uplynulý čas: 7 minuta(y), 13 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Rostik\Data aplikací\pggfcyeu.714 (Trojan.Dropper) -> No action taken.

To co Mbam našel nech smazat.

Nyní použijeme větší kalibr tak že pozorně číst, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

Promin Roli ale
Asi nekde chyba .
1,Combo jsem neuložil na plochu ale do slozky na D: vadi to?
2.po skenu a po restartu se my vihodi hlaška
http://img.fotoalba.centrum.cz/img16/69 ... 6944_4.jpg>
3. C:/Combofix.txt na Cku nemam jen Combofix složku a v ni vše co mam na C

Ta hláške je proto, že ti ComboFix stopnul virtuálku od Daemona, to pak napravíme.

ComboFix musí být na ploše, tak že ho z Déčka nebo kde ho máš přesuň na plochu a spusť znovu,

jen se ještě nejdříve podívej zda někde v PC ten log přeci jen není.

Tak hledam log a ani pruvodce hledanni nic nenachazí nasel jsem jenm toto:
http://img.fotoalba.centrum.cz/img9/335 ... 3cpzo0.jpg

combo mam na ploše a spustil jsem ho znovu a porad nemuzu najit ten log.

Hm tak jinak, přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak znovu stáhni ComboFix, ulož na plochu a použij.

Tak jsem si zas udelal cas a skusil jsem to znova a asi mam ten log konecne.Tentokrat ten combofix probihal nejak jinak a asi spravne.Tak tady to maš

ComboFix 10-06-27.02 - Rostik 07.07.2010 20:10:27.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1407.846 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Rostik\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-07 do 2010-07-07 )))))))))))))))))))))))))))))))
.

2010-06-27 19:45:06 . 2010-06-27 19:45:06 -------- d-----w- C:\$AVG
2010-06-26 13:04:15 . 2010-05-06 20:39:23 46672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-06-26 13:04:15 . 2010-05-06 20:39:00 164048 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-06-26 13:04:15 . 2010-05-06 20:34:27 23376 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-06-26 13:04:15 . 2010-05-06 20:33:47 19024 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-06-26 13:04:14 . 2010-05-06 20:33:59 100432 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-06-26 13:04:14 . 2010-05-06 20:33:55 94800 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-06-26 13:04:14 . 2010-05-06 20:33:29 28880 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-06-26 13:04:02 . 2010-05-06 20:59:57 38848 ----a-w- C:\WINDOWS\system32\avastSS.scr
2010-06-26 13:04:02 . 2010-05-06 20:59:36 165032 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2010-06-25 20:05:08 . 2010-04-29 13:39:38 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-06-25 20:05:07 . 2010-04-29 13:39:26 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2010-06-25 16:54:54 . 2010-06-27 19:53:17 -------- d-----w- C:\Program Files\trend micro
2010-06-24 20:06:06 . 2010-06-24 20:06:06 -------- d-----w- C:\Program Files\AVG
2010-06-23 16:39:47 . 2010-04-27 18:40:40 126448 ------w- C:\WINDOWS\system32\pxinsi64.exe
2010-06-23 16:39:47 . 2010-04-27 18:40:40 123888 ------w- C:\WINDOWS\system32\pxcpyi64.exe
2010-06-23 16:39:46 . 2010-04-27 18:40:40 133616 ------w- C:\WINDOWS\system32\pxafs.dll
2010-06-21 11:18:45 . 2010-06-21 11:18:45 -------- d-----w- C:\Program Files\MarkAny
2010-06-21 11:18:43 . 2010-06-21 11:19:23 -------- d-----w- C:\Program Files\PC Connectivity Solution
2010-06-21 11:18:20 . 2010-06-21 11:19:29 -------- d-----w- C:\Program Files\Samsung
2010-06-21 10:51:16 . 2010-06-21 10:51:16 -------- d-----w- C:\Program Files\T-Mobile
2010-06-21 10:48:21 . 2008-03-19 15:41:39 101616 ----a-r- C:\WINDOWS\system32\4GCleanup.exe
2010-06-21 10:48:20 . 2010-06-21 10:48:20 -------- d-----w- C:\WINDOWS\system32\drivers\x86
2010-06-21 10:48:19 . 2007-08-01 20:30:40 16376 ----a-r- C:\WINDOWS\system32\drivers\ethpdrv.sys
2010-06-11 18:34:16 . 2010-06-11 18:34:16 -------- d--h--w- C:\WINDOWS\system32\GroupPolicy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-06 18:14:59 . 2010-06-04 15:10:28 -------- d-----w- C:\Program Files\PokerStars
2010-07-04 11:27:45 . 2001-10-25 16:00:00 77850 ----a-w- C:\WINDOWS\system32\perfc005.dat
2010-07-04 11:27:45 . 2001-10-25 16:00:00 428744 ----a-w- C:\WINDOWS\system32\perfh005.dat
2010-07-03 08:14:25 . 2010-05-28 11:22:33 -------- d-----w- C:\Program Files\Common Files\Nero
2010-07-03 07:20:06 . 2009-11-03 20:11:39 -------- d-----w- C:\Program Files\Opera
2010-06-28 18:18:45 . 2010-04-23 08:22:16 -------- d-----w- C:\Program Files\BearShare Applications
2010-06-26 11:40:18 . 2010-05-23 14:18:32 -------- d-----w- C:\Program Files\Spyware Terminator
2010-06-25 16:30:18 . 2010-05-23 09:05:28 -------- d-----w- C:\Program Files\Vyčistit Počítač
2010-06-25 16:29:36 . 2010-05-16 16:02:05 -------- d-----w- C:\Program Files\Norton Security Scan
2010-06-25 16:28:29 . 2009-11-03 19:36:00 -------- d-----w- C:\Program Files\Google
2010-06-24 19:44:42 . 2009-11-04 09:45:27 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2010-06-23 16:40:05 . 2010-03-27 17:17:10 -------- d-----w- C:\Program Files\DivX
2010-06-23 16:38:21 . 2009-11-04 08:31:35 -------- d-----w- C:\Program Files\ICQ6.5
2010-06-21 11:51:58 . 2009-11-03 19:18:11 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2010-06-21 11:19:07 . 2010-06-21 11:19:07 -------- d-----w- C:\Program Files\DIFX
2010-06-21 11:12:05 . 2009-11-03 19:32:36 -------- d-----w- C:\Program Files\Common Files\Adobe
2010-06-09 05:02:51 . 2009-11-16 18:15:42 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat
2010-06-06 13:41:38 . 2009-11-10 14:16:21 -------- d-----w- C:\Program Files\Lexmark X1100 Series
2010-05-28 11:34:12 . 2010-05-28 11:22:52 -------- d-----w- C:\Program Files\Nero
2010-05-27 13:08:37 . 2010-05-27 13:08:37 -------- d-----w- C:\Program Files\MSXML 4.0
2010-05-27 13:08:01 . 2010-05-27 13:08:01 -------- d-----w- C:\Program Files\DD PlayCam
2010-05-26 16:54:51 . 2010-05-26 16:54:51 -------- d-----w- C:\Program Files\Genius
2010-05-23 14:18:50 . 2010-05-23 14:18:38 -------- d-----w- C:\Program Files\Crawler
2010-05-23 14:18:35 . 2010-05-23 14:18:35 142592 ----a-w- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-05-23 12:25:42 . 2009-11-03 19:38:47 -------- d-----w- C:\Program Files\ESET
2010-05-23 12:17:45 . 2009-12-06 09:10:26 -------- d-----w- C:\Program Files\Alwil Software
2010-05-23 09:36:43 . 2010-01-30 19:00:16 -------- d-----w- C:\Program Files\ROZ
2010-05-23 09:36:35 . 2010-03-28 16:10:33 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2010-05-23 09:30:02 . 2010-01-02 19:58:49 -------- d-----w- C:\Program Files\Marias
2010-05-22 16:59:54 . 2010-05-22 16:59:39 -------- d-----w- C:\Program Files\QuickTime
2010-05-20 13:02:21 . 2009-11-13 07:17:54 -------- d-----w- C:\Program Files\Aplikace MB
2010-05-19 19:57:33 . 2010-05-19 19:57:33 56 ---ha-w- C:\WINDOWS\system32\ezsidmv.dat
2010-05-19 19:47:25 . 2010-05-19 19:47:09 -------- d-----r- C:\Program Files\Skype
2010-05-19 19:47:11 . 2010-05-19 19:47:11 -------- d-----w- C:\Program Files\Common Files\Skype
2010-04-27 18:40:40 . 2009-11-03 19:36:12 9200 ------w- C:\WINDOWS\system32\drivers\cdralw2k.sys
2010-04-27 18:40:40 . 2009-11-03 19:36:12 9072 ------w- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2010-04-27 18:40:40 . 2008-11-20 19:19:06 45648 ------w- C:\WINDOWS\system32\drivers\PxHelp20.sys
2009-11-04 09:45:00 . 2009-11-04 09:45:00 1336832 ----a-w- C:\Program Files\ventrilo-2.1.4.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-04-17 07:44:54 398776 ----a-w- C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 09:39:48 486856]
"ABUNINSTALL"="C:\Documents and Settings\All Users\Data aplikací\AB Studio\ABUnInstall.exe" [2007-05-31 07:32:46 229376]
"SpywareTerminatorUpdate"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-05-23 14:18:36 3037696]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2010-05-07 08:13:10 26211624]
"T-Mobile Communication Centre"="C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" [2010-03-02 18:29:46 1347496]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-11 19:40:03 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 06:35:00 7634944]
"nwiz"="nwiz.exe" [2006-10-31 06:35:00 1622016]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-31 06:35:00 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-09 06:23:58 18063872]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 14:36:22 57344]
"TO2SSM_McciTrayApp"="C:\Program Files\TO2SSM\McciTrayApp.exe" [2008-08-15 16:33:08 1473536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 08:52:56 110592]
"avast5"="C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 20:59:42 2815192]

C:\Documents and Settings\Filip\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2009-9-16 384512]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\Opera\\opera.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"D:\\Novy ENDOR\\client.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"D:\\Rostik\\Stažené soubory\\BearShare.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM

R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [26.6.2010 15:04:15 164048]
R1 eusk2par;EUTRON SmartKey Parallel Driver;C:\WINDOWS\system32\drivers\eusk2par.sys [9.1.2010 17:32:50 24786]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [23.5.2010 16:18:35 142592]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2.3.2010 12:13:57 67312]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [26.6.2010 15:04:15 19024]
R2 Ethpdrv;Ethernet Packet Driver;C:\WINDOWS\system32\drivers\ethpdrv.sys [21.6.2010 12:48:19 16376]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [21.6.2010 13:19:04 233472]
R2 hasplms;HASP License Manager;C:\WINDOWS\system32\hasplms.exe -run --> C:\WINDOWS\system32\hasplms.exe -run [?]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [21.6.2010 13:19:04 36608]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [5.2.2010 14:09:05 135664]
S3 AbSoftMgr4;AbSoftMgr4;C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [4.11.2009 21:59:31 630784]
S3 eusk3usb;SmartKey 3 USB;C:\WINDOWS\system32\drivers\eusk3usb.sys [9.1.2010 17:32:50 45534]
S3 M1000Srv;M5603C USB2.0 Camera Driver;C:\WINDOWS\system32\drivers\M1000KNT.sys [26.5.2010 18:54:55 276930]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [21.6.2010 13:19:14 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [21.6.2010 13:19:14 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [21.6.2010 13:19:14 121856]
S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [3.11.2009 21:33:26 717296]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK
.
Obsah adresáře 'Naplánované úlohy'

2010-07-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]

2010-07-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 12:09:05 . 2010-02-05 12:09:04]

2010-07-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 12:09:05 . 2010-02-05 12:09:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.bearshare.com/
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - C:\Documents and Settings\Rostik\Data aplikací\Mozilla\Firefox\Profiles\c3vfco6q.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=101916&l=dis
FF - component: C:\Program Files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - component: C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJava11.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJava12.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJava13.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJava14.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJava32.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPJPI142_04.dll
FF - plugin: C:\Program Files\Opera\program\plugins\NPOJI610.dll

---- NASTAVENÍ FIREFOXU ----
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-OEXPRESS - (no file)
HKLM-Run-NPSStartup - (no file)

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File:: 
C:\WINDOWS\system32\pxinsi64.exe
C:\WINDOWS\system32\pxcpyi64.exe
C:\WINDOWS\system32\pxafs.dll 

Folder::
C:\$AVG
C:\Program Files\AVG
C:\Program Files\BearShare Applications
C:\Program Files\ESET

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Rostik\\Stažené soubory\\BearShare.exe"=-

FireFox::
FF - ProfilePath - C:\Documents and Settings\Rostik\Data aplikací\Mozilla\Firefox\Profiles\c3vfco6q.default\
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=101916&l=dis

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

No tak jsem to udelal všechno jak jsi napsal.
K restartu nedošlo.log my nevypadl ale zato my smizel comofix .exe s plochy anikde jsem o nenasel.

Jinak dekuju,za pomoc.

Tak ComboFix stáhni znovu a prověď tu akci s tím skriptem ještě jednou, protože potřebuji vidět zda se vše smazalo.

Nebo se podívej přes Start >> Tento počítač >> Místní disk C zda tam ten log ve tvaru Combofix.txt není.

VIRY.CZ

nechteny restart pc - log

nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log

Re: nechteny restart pc - log