Problem se svchost.exe

[majkyyyy]

Dobrý den,
mám malý (velký) problém s procesem svchost.exe, při startu windowsů se zobrazi známá hláška typu neodesílat atd. V hlavičce generic host process for win32 services. Mam WIN XP SP2.

Označení chyby:
szAppName : svchost.exe szAppVer : 5.1.2600.2180 szModName : unknown
szModVer : 0.0.0.0 offset : 00193b41

Technické info o chybách:
C:\DOCUME~1\Michal\LOCALS~1\Temp\WER2bb9.dir00\svchost.exe.mdmp
C:\DOCUME~1\Michal\LOCALS~1\Temp\WER2bb9.dir00\appcompat.txt
Snažil jsem se vymazat temporary, ty sice zmizí, ale při restartu se tam opět objeví.

Jako antivir používám avast a ad-aware.
Četl jsem hodně o podobném problému, ale žádné řešení mi nepomohlo, nepadá mi internet ani zvuk.
Avšak když kliknu na neodesílat PC zcela zmrzne nefunguje vůbec nic a jediné co lze je tvrdý restart.
Když kliknu na ladění tabulka zmizí, vše funguje, ale počítač nelze normálně vypnout a opět jediné řešení tvrdý restart.

Přikládám info z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2010-08-04 16:39:06
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (6%) free of 75 GB
Total RAM: 1023 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:39:17, on 4.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\program files\powerstrip\pstrip.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Michal\Plocha\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toolbar.ask.com/toolbarv/askRedi ... oolbar=DVS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... &gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://localhost:3476/cgi-bin/ncgir.exe ... index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: Download with Rapget - C:\Documents and Settings\Michal\Dokumenty\rapget\rapget.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://portal.vozp.cz/obj/Signer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9401 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1417001333-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1417001333-725345543-1003UA.job
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
C:\WINDOWS\tasks\Symantec Drmc.job
C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\Uniblue SpyEraser.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-02-02 1100952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PowerStrip"=c:\program files\powerstrip\pstrip.exe [2007-12-20 798456]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-28 8531968]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NoAds"=C:\Program Files\NoAds\NoAds.exe [2005-12-18 126976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"ASUS SmartDoctor"=C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2005-12-27 1064960]
"Google Update"=C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2008-11-05 133104]
"PlayNC Launcher"= []
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-08-04 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Codec Update Service]
C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{9EF34FF2-3396-4527-9D27-04C8C1C67806}"=C:\Program Files\Microsoft AntiSpyware\shellextension.dll [2005-11-15 101080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Michal\Plocha\Strong dc++\StrongDC.exe"="C:\Documents and Settings\Michal\Plocha\Strong dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"D:\steam\Steam.exe"="D:\steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe"="C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:AC3 zvuk (ac3)"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Valve\Steam\SteamApps\majkyyyy\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\majkyyyy\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-04 16:39:06 ----D---- C:\rsit
2010-08-04 16:39:06 ----D---- C:\Program Files\trend micro
2010-08-04 16:25:36 ----A---- C:\WINDOWS\resetlog.txt
2010-08-04 15:59:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-04 15:11:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-08-04 13:52:49 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-08-04 13:52:47 ----D---- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
2010-08-04 13:52:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-08-04 13:52:38 ----D---- C:\Program Files\Spyware Terminator
2010-08-04 13:27:38 ----D---- C:\Program Files\RegistryFix8
2010-08-04 13:26:06 ----D---- C:\Program Files\Windows Cannot Find Fix Wizard
2010-08-04 13:26:06 ----A---- C:\WINDOWS\eSellerateEngine.dll
2010-08-04 13:26:06 ----A---- C:\WINDOWS\eSellerateControl350.dll
2010-08-04 13:05:35 ----D---- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
2010-08-04 13:05:31 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-04 13:05:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-04 13:05:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-04 13:05:29 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-04 12:05:13 ----D---- C:\Program Files\CCleaner
2010-08-03 21:22:10 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-08-03 13:34:02 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-08-03 13:33:40 ----D---- C:\Program Files\Lavasoft
2010-07-19 11:20:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-07-19 11:12:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard
2010-07-19 10:24:13 ----D---- C:\WINDOWS\D45EC2594A194656B588C2C360DD18EA.TMP

======List of files/folders modified in the last 1 months======

2010-08-04 16:39:11 ----D---- C:\WINDOWS\Prefetch
2010-08-04 16:39:06 ----D---- C:\Program Files
2010-08-04 16:37:25 ----A---- C:\WINDOWS\wincmd.ini
2010-08-04 16:33:40 ----D---- C:\WINDOWS\Temp
2010-08-04 16:25:38 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-04 16:25:36 ----AD---- C:\WINDOWS
2010-08-04 16:17:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-04 16:05:45 ----SD---- C:\Documents and Settings\Michal\Data aplikací\Microsoft
2010-08-04 16:01:28 ----D---- C:\WINDOWS\system32
2010-08-04 16:01:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-04 15:59:48 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-04 15:38:45 ----SHD---- C:\WINDOWS\Installer
2010-08-04 15:38:45 ----HD---- C:\Config.Msi
2010-08-04 15:35:53 ----RSD---- C:\WINDOWS\assembly
2010-08-04 15:35:46 ----D---- C:\WINDOWS\WinSxS
2010-08-04 15:35:34 ----D---- C:\Program Files\Common Files
2010-08-04 15:34:56 ----A---- C:\WINDOWS\win.ini
2010-08-04 15:03:20 ----HD---- C:\WINDOWS\inf
2010-08-04 13:52:54 ----D---- C:\WINDOWS\system32\drivers
2010-08-04 13:47:28 ----A---- C:\WINDOWS\system32\winsock.dll
2010-08-04 12:08:10 ----D---- C:\Program Files\Microsoft AntiSpyware
2010-08-04 12:08:10 ----D---- C:\Documents and Settings\Michal\Data aplikací\Media Player Classic
2010-08-04 12:07:25 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-04 12:07:25 ----D---- C:\WINDOWS\Debug
2010-08-04 12:07:24 ----D---- C:\WINDOWS\Minidump
2010-08-04 11:55:41 ----SD---- C:\WINDOWS\Tasks
2010-08-04 11:44:01 ----D---- C:\Temp
2010-08-04 11:35:31 ----D---- C:\WINDOWS\twain_32
2010-08-04 09:59:41 ----D---- C:\Program Files\Mozilla Firefox
2010-08-03 22:26:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-03 22:25:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-08-03 21:43:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-03 13:33:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-08-02 18:40:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-02 15:20:50 ----D---- C:\Documents and Settings\Michal\Data aplikací\Skype
2010-07-30 10:56:47 ----D---- C:\Program Files\World of Warcraft
2010-07-21 12:11:36 ----A---- C:\WINDOWS\system32\dxva_sig.txt
2010-07-21 10:17:48 ----D---- C:\Program Files\MobMapUpdater
2010-07-19 11:20:28 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-01-17 88576]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-12-07 68608]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 tffsport;M-Systems DiskOnChip 2000; C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 149376]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AsIO;AsIO; \??\C:\WINDOWS\system32\drivers\AsIO.sys []
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Norton SystemWorks\Norton Ghost\ghpciscan.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-01-22 5632]
R2 ACEDRV09;ACEDRV09; \??\C:\WINDOWS\system32\drivers\ACEDRV09.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-01-25 278984]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-31 18048]
R2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-08-15 94208]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-01-29 6841]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-24 25280]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVCap138;TV Card Capture Driver; C:\WINDOWS\system32\DRIVERS\tvcap.sys [2004-09-20 308736]
R3 lvtuner;Mercury TV Card WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\tvtuner.sys [2004-09-20 16512]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-28 7424992]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-12-16 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-12-16 12928]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-08-15 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-08-14 10368]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S0x02000000 OMSCAN;OMSCAN; \Sys []
S2 ASInsHelp;ASInsHelp; C:\WINDOWS\system32\drivers\ASInsHelp.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-21 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-22 241664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 GhostStartService;GhostStartService; C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe [2003-05-28 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-28 155716]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-08-04 488960]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2005-12-18 585728]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-14 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1228208]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer


Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[majkyyyy]

Jenom dodám, že to skenovalo asi 15min.

Tady ten log:

ComboFix 10-08-04.02 - Michal 04.08.2010 21:21:16.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.635 [GMT 2:00]
Spuštěný z: c:\documents and settings\Michal\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 100804-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Michal\Dokumenty\cc_20100804_120919.reg
c:\documents and settings\Michal\Dokumenty\cc_20100804_154053.reg

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-04 do 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-04 18:19 . 2010-08-04 18:19 -------- d-----w- c:\program files\Ask.com
2010-08-04 18:18 . 2010-08-04 18:26 -------- d-----w- c:\program files\Wise Registry Cleaner
2010-08-04 18:11 . 2010-08-04 18:11 -------- d-----w- c:\program files\Net Studio
2010-08-04 18:06 . 2010-08-04 18:16 -------- d-----w- c:\program files\RegCure
2010-08-04 14:39 . 2010-08-04 14:39 -------- d-----w- C:\rsit
2010-08-04 14:39 . 2010-08-04 14:39 -------- d-----w- c:\program files\trend micro
2010-08-04 13:59 . 2010-08-04 19:21 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-04 11:52 . 2010-08-04 11:52 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-04 11:52 . 2010-08-04 12:47 -------- d-----w- c:\program files\Spyware Terminator
2010-08-04 11:27 . 2010-08-04 12:47 -------- d-----w- c:\program files\RegistryFix8
2010-08-04 11:26 . 2010-08-04 11:26 -------- d-----w- c:\program files\Windows Cannot Find Fix Wizard
2010-08-04 11:26 . 2009-04-16 18:21 81920 ----a-w- c:\windows\eSellerateControl350.dll
2010-08-04 11:26 . 2009-04-16 18:21 356352 ----a-w- c:\windows\eSellerateEngine.dll
2010-08-04 11:05 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 11:05 . 2010-08-04 11:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 11:05 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-04 10:05 . 2010-08-04 10:05 -------- d-----w- c:\program files\CCleaner
2010-08-03 19:22 . 2010-02-04 15:52 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-08-03 11:33 . 2010-08-03 11:34 -------- d-----w- c:\program files\Lavasoft
2010-07-19 08:24 . 2010-07-19 08:24 -------- d-----w- c:\windows\D45EC2594A194656B588C2C360DD18EA.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 18:11 . 2005-12-17 17:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-04 11:47 . 2001-10-25 14:00 2864 ----a-w- c:\windows\system32\winsock.dll
2010-08-04 10:08 . 2005-12-18 10:25 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-08-03 20:26 . 2010-04-23 16:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-02 16:40 . 2001-10-25 14:00 90236 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 16:40 . 2001-10-25 14:00 455662 ----a-w- c:\windows\system32\perfh005.dat
2010-07-30 08:56 . 2009-02-07 12:31 -------- d-----w- c:\program files\World of Warcraft
2010-07-21 08:17 . 2009-02-07 19:17 -------- d-----w- c:\program files\MobMapUpdater
2010-07-19 09:20 . 2008-06-06 12:32 -------- d-----w- c:\program files\Google
2010-07-01 12:19 . 2005-12-18 08:58 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-26 13:04 . 2007-09-23 14:18 -------- d-----w- c:\program files\CDA Converter Plus
2010-06-12 14:12 . 2008-04-25 14:07 -------- d-----w- c:\program files\TmNationsForever
2009-01-04 13:24 . 2009-01-04 13:18 24 --sha-w- c:\windows\S5ABD63AD.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NoAds"="c:\program files\NoAds\NoAds.exe" [2005-12-18 126976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2005-12-27 1064960]
"Google Update"="c:\documents and settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-11-05 133104]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-08-04 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerStrip"="c:\program files\powerstrip\pstrip.exe" [2007-12-20 798456]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"USBFW"="c:\program files\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-28 8531968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-17 14:49 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Codec Update Service]
2007-04-08 16:44 303104 ----a-w- c:\program files\Essentials Codec Pack\update.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-10-28 14:52 8531968 ----a-w- c:\windows\system32\nvcpl.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Michal\\Plocha\\Strong dc++\\StrongDC.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\majkyyyy\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27015:TCP"= 27015:TCP:steam

R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [17.4.2010 22:08 149376]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [24.4.2010 8:39 114768]
R1 GhPciScan;GhostPciScanner;c:\program files\Norton SystemWorks\Norton Ghost\GhPciScan.sys [28.5.2003 20:01 5632]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.8.2010 13:52 142592]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [28.1.2008 17:02 120320]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2.7.2007 11:44 110304]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.4.2010 8:39 20560]
R2 PStrip;PSTRIP;c:\windows\system32\drivers\pstrip.sys [15.7.2007 4:37 27992]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [19.12.2005 17:38 6841]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 OMSCAN;OMSCAN;\Sysz --> \Sysz [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1228208]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [27.12.2007 19:17 13824]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 17:21 30720]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]

2010-07-30 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
- c:\program files\Norton SystemWorks\OBC.exe [2003-09-12 19:16]

2010-08-04 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]

2010-08-04 c:\windows\Tasks\RegCure Startup.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]

2010-08-04 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]

2010-08-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 13:23]

2010-07-31 c:\windows\Tasks\Symantec Drmc.job
- c:\program files\Common Files\Symantec Shared\SymDrmc.exe [2003-09-10 03:48]

2010-08-04 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-12-18 17:38]

2010-08-04 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-01 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q=seznam.cz&toolbar=DVS
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://localhost:3476/cgi-bin/ncgir.exe?menu/fwl_index.html
uInternet Settings,ProxyServer = http=127.0.0.1:6711
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=%s
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.vozp.cz/obj/Signer.cab
FF - ProfilePath - c:\documents and settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\3wqqrkt5.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-PlayNC Launcher - (no file)
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
AddRemove-Indeo® Software - c:\program files\Ligos\Indeo\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-04 21:31
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\OMSCAN]
"ImagePath"="\Sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-73586283-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{47F33B88-3F66-5D32-99A7-0438606BACB1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-73586283-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6525A2C9-B013-E605-E1BF-70CF7DC265F2}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oajhbeboijdlhbhcodeognoihddehj"=hex:61,69,70,64,67,61,64,62,6c,6f,6a,6c,65,65,
61,6d,6b,6e,65,69,6c,63,67,62,6e,6e,6b,66,62,6c,69,6b,6e,6e,6f,70,6e,70,67,\
"iamhdhibcielfahjjn"=hex:6b,61,61,65,68,67,63,63,64,6c,66,62,63,6c,61,6b,64,67,
62,63,66,6e,00,00
"hacijgfibmhgenka"=hex:6b,61,61,65,68,67,63,63,64,6c,66,62,63,6c,61,6b,64,67,
62,63,66,6e,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2732)
c:\program files\powerstrip\pshook.dll
c:\program files\NoAds\NoAds.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-08-04 21:37:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-04 19:37

Před spuštěním: 4 878 479 360
Po spuštění: 4 735 311 872

Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 17BBD04E954BEEC52F5DF6CE4FC1A7FD

[motji]

Znáte tohle?
uInternet Connection Wizard,ShellNext = hxxp://localhost:3476/cgi-bin/ncgir.exe ... index.html
uInternet Settings,ProxyServer = http=127.0.0.1:6711


Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

File::
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
c:\windows\Tasks\Symantec NetDetect.job
c:\windows\Tasks\Symantec Drmc.job

Folder::
c:\program files\Ask.com
c:\program files\Norton System
c:\program files\Common Files\Symantec Shared\
c:\program files\Symantec

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

driver::
OMSCAN

DDS::
uStart Page = hxxp://toolbar.ask.com/toolbarv/askRedi ... oolbar=DVS
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s

Firefox::
FF - ProfilePath - c:\documents and settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\3wqqrkt5.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=

Regnull::
[HKEY_USERS\S-1-5-21-73586283-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{47F33B88-3F66-5D32-99A7-0438606BACB1}*]
[HKEY_USERS\S-1-5-21-73586283-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6525A2C9-B013-E605-E1BF-70CF7DC265F2}*]

FixCSet::

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[majkyyyy]

Dnes celý den jsem se to snažil nějak opravit, projížděl jsem PC všema scanama co snad vůbec jsou. Všechny čističe registrů apod. Teď jsem provedl ten combofix a po restartu PC je problém snad asi pryč popř. zatím se nic neobjevilo. Tak se radši ptám ten soubor uvedený Vámi nahoře neznám (nejsem odborník), ale mám ten postup provádět, ikdyž je problém zdánlivě pryč?
Edit:
Po pokusu o vypnutí se počítáč sekl a zase tvrdý restart, jdu na Vaši radu

[motji]

Ono stačí když se budete řídit mými radami, snad to spolu vyřešíme

[majkyyyy]

Tak, provedeno podle rady

Zde je log:

ComboFix 10-08-04.04 - Michal 04.08.2010 22:41:11.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.650 [GMT 2:00]
Spuštěný z: c:\documents and settings\Michal\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Michal\Plocha\cfscript.txt
AV: avast! antivirus 4.8.1356 [VPS 100804-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\Tasks\Norton SystemWorks One Button Checkup.job"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
"c:\windows\Tasks\Symantec Drmc.job"
"c:\windows\Tasks\Symantec NetDetect.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Symantec Shared\
c:\program files\Common Files\Symantec Shared\\ActRes.DLL
c:\program files\Common Files\Symantec Shared\\CCPD-LC\symlceng.dll
c:\program files\Common Files\Symantec Shared\\CCPD-LC\symlcnet.dll
c:\program files\Common Files\Symantec Shared\\CCPD-LC\symlcsvc.exe
c:\program files\Common Files\Symantec Shared\\CCPD-LC\symlcsys.dll
c:\program files\Common Files\Symantec Shared\\CfgWiz.exe
c:\program files\Common Files\Symantec Shared\\CfgWiz.tlb
c:\program files\Common Files\Symantec Shared\\CSFFCom.dll
c:\program files\Common Files\Symantec Shared\\DrmAlert.dll
c:\program files\Common Files\Symantec Shared\\drWebWnd.dll
c:\program files\Common Files\Symantec Shared\\Help\ADP_OPTS.chm
c:\program files\Common Files\Symantec Shared\\Help\basics.dll
c:\program files\Common Files\Symantec Shared\\Help\basics.chm
c:\program files\Common Files\Symantec Shared\\Help\CLEAN.chm
c:\program files\Common Files\Symantec Shared\\Help\CLEAN_FAQ.chm
c:\program files\Common Files\Symantec Shared\\Help\CPDDRM00.chm
c:\program files\Common Files\Symantec Shared\\Help\CPDDRM00.chw
c:\program files\Common Files\Symantec Shared\\Help\CPDDRM01.chm
c:\program files\Common Files\Symantec Shared\\Help\CPDDRM01.chw
c:\program files\Common Files\Symantec Shared\\Help\disable.dll
c:\program files\Common Files\Symantec Shared\\Help\disable.chm
c:\program files\Common Files\Symantec Shared\\Help\edisk.dll
c:\program files\Common Files\Symantec Shared\\Help\edisk.chm
c:\program files\Common Files\Symantec Shared\\Help\emerg.dll
c:\program files\Common Files\Symantec Shared\\Help\emerg.chm
c:\program files\Common Files\Symantec Shared\\Help\faq.dll
c:\program files\Common Files\Symantec Shared\\Help\FAQ.chm
c:\program files\Common Files\Symantec Shared\\Help\feat_sum.dll
c:\program files\Common Files\Symantec Shared\\Help\feat_sum.chm
c:\program files\Common Files\Symantec Shared\\Help\FileComp.chm
c:\program files\Common Files\Symantec Shared\\Help\GB_feat.chm
c:\program files\Common Files\Symantec Shared\\Help\getstart.dll
c:\program files\Common Files\Symantec Shared\\Help\getstart.chm
c:\program files\Common Files\Symantec Shared\\Help\Ghost.chm
c:\program files\Common Files\Symantec Shared\\Help\GHOST_QS.chm
c:\program files\Common Files\Symantec Shared\\Help\GHST_fea.chm
c:\program files\Common Files\Symantec Shared\\Help\GHST_TSK.chm
c:\program files\Common Files\Symantec Shared\\Help\image.chm
c:\program files\Common Files\Symantec Shared\\Help\LU_PC.dll
c:\program files\Common Files\Symantec Shared\\Help\LU_PC.chm
c:\program files\Common Files\Symantec Shared\\Help\LU_Sub.dll
c:\program files\Common Files\Symantec Shared\\Help\LU_sub.chm
c:\program files\Common Files\Symantec Shared\\Help\monitor.dll
c:\program files\Common Files\Symantec Shared\\Help\monitor.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_acc.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_dis.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_emrg.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_FAQ.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_feat.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_GB.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_opts.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_pvnt.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_task.chm
c:\program files\Common Files\Symantec Shared\\Help\NSW_unin.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_DISKEDIT.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_FAQ.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_NDD.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_perf.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_rep.chm
c:\program files\Common Files\Symantec Shared\\Help\NU_Sysinfo.chm
c:\program files\Common Files\Symantec Shared\\Help\options.dll
c:\program files\Common Files\Symantec Shared\\Help\options.chm
c:\program files\Common Files\Symantec Shared\\Help\PER_TEST.chm
c:\program files\Common Files\Symantec Shared\\Help\REGISTRY.chm
c:\program files\Common Files\Symantec Shared\\Help\Supt_CPD.dll
c:\program files\Common Files\Symantec Shared\\Help\Supt_CPD.chm
c:\program files\Common Files\Symantec Shared\\Help\symhelp.dll
c:\program files\Common Files\Symantec Shared\\Help\SymHelp.chm
c:\program files\Common Files\Symantec Shared\\Help\SYSDOC.chm
c:\program files\Common Files\Symantec Shared\\Help\SYSDOC_FAQ.chm
c:\program files\Common Files\Symantec Shared\\Help\unerase.chm
c:\program files\Common Files\Symantec Shared\\Help\unin.dll
c:\program files\Common Files\Symantec Shared\\Help\unin.chm
c:\program files\Common Files\Symantec Shared\\Help\wipeinfo.chm
c:\program files\Common Files\Symantec Shared\\IraLsClt.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\Catalog.LiveSubscribe
c:\program files\Common Files\Symantec Shared\\LiveReg\Defaults.liveReg
c:\program files\Common Files\Symantec Shared\\LiveReg\iraDefA2.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\IraLrShl.exe
c:\program files\Common Files\Symantec Shared\\LiveReg\iraLSCl2.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\iraLSUI.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\IraVcLc3.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\IraVcObj.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LRCtrl.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LRRes.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LrResEN.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LRWebWnd.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LSCtrl.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\LSPlugin.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\symcsub.exe
c:\program files\Common Files\Symantec Shared\\LiveReg\VcCleanUp.exe
c:\program files\Common Files\Symantec Shared\\LiveReg\VcResEN.dll
c:\program files\Common Files\Symantec Shared\\LiveReg\VcSetup.exe
c:\program files\Common Files\Symantec Shared\\LiveReg\Watermrk.gif
c:\program files\Common Files\Symantec Shared\\LRSend.exe
c:\program files\Common Files\Symantec Shared\\NavPreC.dll
c:\program files\Common Files\Symantec Shared\\Ncomcat.dll
c:\program files\Common Files\Symantec Shared\\NMain.exe
c:\program files\Common Files\Symantec Shared\\NSWSess.tpl
c:\program files\Common Files\Symantec Shared\\NWDENG.DLL
c:\program files\Common Files\Symantec Shared\\SEVINST.EXE
c:\program files\Common Files\Symantec Shared\\SymDrmc.exe
c:\program files\Common Files\Symantec Shared\\SymLCUI.dll
c:\program files\Common Files\Symantec Shared\\SymLTCOM.dll
c:\program files\Common Files\Symantec Shared\\SymLTCHK.dll
c:\program files\Common Files\Symantec Shared\\SymSetup\{B9807C3D-B3DD-41b7-8321-53DDB3A3A888}.exe
c:\program files\Common Files\Symantec Shared\\SymUIAx.ocx
c:\program files\Common Files\Symantec Shared\\SymUIHlp.dll
c:\program files\Common Files\Symantec Shared\\WDScnrLK.dll
c:\program files\Symantec
c:\program files\Symantec\LiveUpdate\1.Settings.Default.LiveUpdate
c:\program files\Symantec\LiveUpdate\ALUNOTIFY.EXE
c:\program files\Symantec\LiveUpdate\AUPDATE.EXE
c:\program files\Symantec\LiveUpdate\h323log.txt
c:\program files\Symantec\LiveUpdate\LSETUP.EXE
c:\program files\Symantec\LiveUpdate\LuAll.cnt
c:\program files\Symantec\LiveUpdate\LUALL.EXE
c:\program files\Symantec\LiveUpdate\LUALL.HLP
c:\program files\Symantec\LiveUpdate\LuComServer.EXE
c:\program files\Symantec\LiveUpdate\LuComServerPS.DLL
c:\program files\Symantec\LiveUpdate\ludirloc.dat
c:\program files\Symantec\LiveUpdate\LUINFO.INF
c:\program files\Symantec\LiveUpdate\LUInit.exe
c:\program files\Symantec\LiveUpdate\LUInit.ini
c:\program files\Symantec\LiveUpdate\LUINSDLL.DLL
c:\program files\Symantec\LiveUpdate\LuPreCon.DLL
c:\program files\Symantec\LiveUpdate\LuResult.txt
c:\program files\Symantec\LiveUpdate\NDETECT.EXE
c:\program files\Symantec\LiveUpdate\NetDetectController.DLL
c:\program files\Symantec\LiveUpdate\ProductRegCom.DLL
c:\program files\Symantec\LiveUpdate\ProductRegComPS.DLL
c:\program files\Symantec\LiveUpdate\README.TXT
c:\program files\Symantec\LiveUpdate\S32LIVE1.DLL
c:\program files\Symantec\LiveUpdate\S32LUCP1.CPL
c:\program files\Symantec\LiveUpdate\S32LUIS1.DLL
c:\program files\Symantec\LiveUpdate\S32LUWI1.DLL
c:\program files\Symantec\LiveUpdate\SymantecRootInstaller.exe
c:\program files\Symantec\S32EVNT1.DLL
c:\program files\Symantec\SYMEVENT.CAT
c:\program files\Symantec\SYMEVENT.INF
c:\program files\Symantec\SYMEVENT.SYS
c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
c:\windows\Tasks\Symantec Drmc.job
c:\windows\Tasks\Symantec NetDetect.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OMSCAN
-------\Service_OMSCAN


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-04 do 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-04 14:39 . 2010-08-04 14:39 -------- d-----w- C:\rsit
2010-08-04 14:39 . 2010-08-04 14:39 -------- d-----w- c:\program files\trend micro
2010-08-04 13:59 . 2010-08-04 20:51 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-04 11:52 . 2010-08-04 11:52 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-04 11:52 . 2010-08-04 12:47 -------- d-----w- c:\program files\Spyware Terminator
2010-08-04 11:27 . 2010-08-04 19:44 -------- d-----w- c:\program files\RegistryFix8
2010-08-04 10:05 . 2010-08-04 10:05 -------- d-----w- c:\program files\CCleaner
2010-08-03 19:22 . 2010-02-04 15:52 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-08-03 11:33 . 2010-08-04 19:41 -------- d-----w- c:\program files\Lavasoft
2010-07-19 08:24 . 2010-07-19 08:24 -------- d-----w- c:\windows\D45EC2594A194656B588C2C360DD18EA.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 18:11 . 2005-12-17 17:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-04 11:47 . 2001-10-25 14:00 2864 ----a-w- c:\windows\system32\winsock.dll
2010-08-04 10:08 . 2005-12-18 10:25 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-08-03 20:26 . 2010-04-23 16:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-02 16:40 . 2001-10-25 14:00 90236 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 16:40 . 2001-10-25 14:00 455662 ----a-w- c:\windows\system32\perfh005.dat
2010-07-30 08:56 . 2009-02-07 12:31 -------- d-----w- c:\program files\World of Warcraft
2010-07-21 08:17 . 2009-02-07 19:17 -------- d-----w- c:\program files\MobMapUpdater
2010-07-19 09:20 . 2008-06-06 12:32 -------- d-----w- c:\program files\Google
2010-07-01 12:19 . 2005-12-18 08:58 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-26 13:04 . 2007-09-23 14:18 -------- d-----w- c:\program files\CDA Converter Plus
2010-06-12 14:12 . 2008-04-25 14:07 -------- d-----w- c:\program files\TmNationsForever
2009-01-04 13:24 . 2009-01-04 13:18 24 --sha-w- c:\windows\S5ABD63AD.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NoAds"="c:\program files\NoAds\NoAds.exe" [2005-12-18 126976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2005-12-27 1064960]
"Google Update"="c:\documents and settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-11-05 133104]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-08-04 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerStrip"="c:\program files\powerstrip\pstrip.exe" [2007-12-20 798456]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-28 8531968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-17 14:49 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Codec Update Service]
2007-04-08 16:44 303104 ----a-w- c:\program files\Essentials Codec Pack\update.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-10-28 14:52 8531968 ----a-w- c:\windows\system32\nvcpl.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Michal\\Plocha\\Strong dc++\\StrongDC.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\majkyyyy\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27015:TCP"= 27015:TCP:steam

R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [17.4.2010 22:08 149376]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [24.4.2010 8:39 114768]
R1 GhPciScan;GhostPciScanner;c:\program files\Norton SystemWorks\Norton Ghost\GhPciScan.sys [28.5.2003 20:01 5632]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.8.2010 13:52 142592]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [28.1.2008 17:02 120320]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2.7.2007 11:44 110304]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.4.2010 8:39 20560]
R2 PStrip;PSTRIP;c:\windows\system32\drivers\pstrip.sys [15.7.2007 4:37 27992]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [19.12.2005 17:38 6841]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1228208]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [27.12.2007 19:17 13824]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 17:21 30720]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]

2010-08-04 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-01 20:18]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://localhost:3476/cgi-bin/ncgir.exe?menu/fwl_index.html
uInternet Settings,ProxyServer = http=127.0.0.1:6711
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=%s
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.vozp.cz/obj/Signer.cab
FF - ProfilePath - c:\documents and settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\3wqqrkt5.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-LiveReg - c:\program files\Common Files\Symantec Shared\LiveReg\VcSetup.exe
AddRemove-LiveUpdate - c:\program files\Symantec\LiveUpdate\LSETUP.EXE
AddRemove-SymSetup.{B9807C3D-B3DD-41b7-8321-53DDB3A3A888} - c:\program files\Common Files\Symantec Shared\SymSetup\{B9807C3D-B3DD-41b7-8321-53DDB3A3A888}.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-04 22:54
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(924)
c:\program files\powerstrip\pshook.dll
c:\program files\NoAds\NoAds.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-08-04 22:59:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-04 20:59
ComboFix2.txt 2010-08-04 19:37

Před spuštěním: 4 588 224 512
Po spuštění: 4 552 818 688

- - End Of File - - 27DA524C6C81803FF8E64BFD7EB93E25

[motji]

Fajn, ted ten počítač otestujte a pak napište, jestli se ještě seká a podobně

[majkyyyy]

Děkuji za rady, ZATÍM nic, ale dnes, už sem si tolikrát myslel, že OK a pak....

[motji]

Odzkoušejte pořádně a pak se ozvěte, ještě uklidíme

[majkyyyy]

No vše funguje normálně, žádná chybová hláška, nic a já si pomalu začínám myslet, že to něco co sem udělal (fakt vůbec netuším) zabralo , jedem uklízet?

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[majkyyyy]

Zatím vše OK!

Tak tady to je:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2010-08-04 23:37:35
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (16%) free of 75 GB
Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:47, on 4.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\program files\powerstrip\pstrip.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Michal\Plocha\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... &gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://localhost:3476/cgi-bin/ncgir.exe ... index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://portal.vozp.cz/obj/Signer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

--
End of file - 8616 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PowerStrip"=c:\program files\powerstrip\pstrip.exe [2007-12-20 798456]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-28 8531968]
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NoAds"=C:\Program Files\NoAds\NoAds.exe [2005-12-18 126976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"ASUS SmartDoctor"=C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2005-12-27 1064960]
"Google Update"=C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2008-11-05 133104]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-10-28 8531968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{9EF34FF2-3396-4527-9D27-04C8C1C67806}"=C:\Program Files\Microsoft AntiSpyware\shellextension.dll [2005-11-15 101080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Michal\Plocha\Strong dc++\StrongDC.exe"="C:\Documents and Settings\Michal\Plocha\Strong dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:AC3 zvuk (ac3)"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Valve\Steam\SteamApps\majkyyyy\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\majkyyyy\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-04 23:37:35 ----D---- C:\rsit
2010-08-04 23:28:46 ----SHD---- C:\RECYCLER
2010-08-04 20:42:40 ----A---- C:\Boot.bak
2010-08-04 20:42:35 ----RASHD---- C:\cmdcons
2010-08-04 20:18:13 ----A---- C:\WINDOWS\MyDrivers.ini
2010-08-04 20:09:06 ----D---- C:\Documents and Settings\Michal\Data aplikací\ChemTable Software
2010-08-04 19:48:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\RegCure
2010-08-04 16:39:06 ----D---- C:\Program Files\trend micro
2010-08-04 15:59:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-04 15:11:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-08-04 13:27:38 ----D---- C:\Program Files\RegistryFix8
2010-08-04 13:05:35 ----D---- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
2010-08-04 13:05:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-04 12:05:13 ----D---- C:\Program Files\CCleaner
2010-08-03 21:22:10 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-08-03 13:34:02 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-08-03 13:33:40 ----D---- C:\Program Files\Lavasoft
2010-07-19 11:20:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-07-19 11:12:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard
2010-07-19 10:24:13 ----D---- C:\WINDOWS\D45EC2594A194656B588C2C360DD18EA.TMP

======List of files/folders modified in the last 1 months======

2010-08-04 23:37:43 ----D---- C:\WINDOWS\Prefetch
2010-08-04 23:35:10 ----D---- C:\WINDOWS\Temp
2010-08-04 23:34:47 ----AD---- C:\WINDOWS
2010-08-04 23:32:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-04 23:32:00 ----D---- C:\Program Files\Seznam.cz
2010-08-04 23:26:59 ----SHD---- C:\System Volume Information
2010-08-04 23:22:02 ----D---- C:\Program Files
2010-08-04 23:21:58 ----D---- C:\WINDOWS\system32\drivers
2010-08-04 22:53:41 ----A---- C:\WINDOWS\system.ini
2010-08-04 22:53:16 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-04 22:53:15 ----D---- C:\Program Files\Common Files
2010-08-04 22:49:22 ----D---- C:\WINDOWS\system32\config
2010-08-04 22:48:17 ----SD---- C:\WINDOWS\Tasks
2010-08-04 22:45:46 ----D---- C:\WINDOWS\system32
2010-08-04 22:45:46 ----D---- C:\WINDOWS\AppPatch
2010-08-04 21:42:58 ----SHD---- C:\WINDOWS\Installer
2010-08-04 21:42:58 ----D---- C:\Config.Msi
2010-08-04 21:40:17 ----A---- C:\WINDOWS\wincmd.ini
2010-08-04 20:42:40 ----RASH---- C:\boot.ini
2010-08-04 20:11:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-04 16:05:45 ----SD---- C:\Documents and Settings\Michal\Data aplikací\Microsoft
2010-08-04 16:01:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-04 15:59:48 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-04 15:35:53 ----RSD---- C:\WINDOWS\assembly
2010-08-04 15:35:46 ----D---- C:\WINDOWS\WinSxS
2010-08-04 15:34:56 ----A---- C:\WINDOWS\win.ini
2010-08-04 15:03:20 ----HD---- C:\WINDOWS\inf
2010-08-04 13:47:28 ----A---- C:\WINDOWS\system32\winsock.dll
2010-08-04 12:08:10 ----D---- C:\Program Files\Microsoft AntiSpyware
2010-08-04 12:08:10 ----D---- C:\Documents and Settings\Michal\Data aplikací\Media Player Classic
2010-08-04 12:07:25 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-04 12:07:25 ----D---- C:\WINDOWS\Debug
2010-08-04 12:07:24 ----D---- C:\WINDOWS\Minidump
2010-08-04 11:44:01 ----D---- C:\Temp
2010-08-04 11:35:31 ----D---- C:\WINDOWS\twain_32
2010-08-04 09:59:41 ----D---- C:\Program Files\Mozilla Firefox
2010-08-03 22:26:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-03 22:25:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-08-03 21:43:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-03 13:33:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-08-02 18:40:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-02 15:20:50 ----D---- C:\Documents and Settings\Michal\Data aplikací\Skype
2010-07-30 10:56:47 ----D---- C:\Program Files\World of Warcraft
2010-07-21 12:11:36 ----A---- C:\WINDOWS\system32\dxva_sig.txt
2010-07-21 10:17:48 ----D---- C:\Program Files\MobMapUpdater
2010-07-19 11:20:28 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-01-17 88576]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-12-07 68608]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 tffsport;M-Systems DiskOnChip 2000; C:\WINDOWS\system32\DRIVERS\tffsport.sys [2004-08-03 149376]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AsIO;AsIO; \??\C:\WINDOWS\system32\drivers\AsIO.sys []
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Norton SystemWorks\Norton Ghost\ghpciscan.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-01-22 5632]
R2 ACEDRV09;ACEDRV09; \??\C:\WINDOWS\system32\drivers\ACEDRV09.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-01-25 278984]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-31 18048]
R2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-08-15 94208]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-01-29 6841]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-24 25280]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVCap138;TV Card Capture Driver; C:\WINDOWS\system32\DRIVERS\tvcap.sys [2004-09-20 308736]
R3 lvtuner;Mercury TV Card WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\tvtuner.sys [2004-09-20 16512]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-28 7424992]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-12-16 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-12-16 12928]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-08-15 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-08-14 10368]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S2 ASInsHelp;ASInsHelp; C:\WINDOWS\system32\drivers\ASInsHelp.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-21 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-22 241664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 GhostStartService;GhostStartService; C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe [2003-05-28 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-28 155716]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-14 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1228208]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

spusťte přejmenované HJT C:\Program Files\trend micro\Michal.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://localhost:3476/cgi-bin/ncgir.exe ... index.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc


Asi jsem Vám pomazala nějaké složky od Symantecu, ted se dívám, že máte Norton Ghost. Myslela jsme, že jsou to jen pozůstatky . Když tak program přeinstalujte, omlouvám se .

Nemáte sp3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100
Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980


Pokud již nejsou problémy, je to vše .

[majkyyyy]

Takže 1) Jako firewall jsem si dal ZoneAlarm tak snad bude fungovat
2) Toho Nortona si nějak udělám to teď není důležité
3) Ten SP3 bych radši nedával, instaloval jsem automatické aktualizace, takže bych snad měl mít vše a nerad
bych se pouštěl do něčeho čemu moc nerozumím a jak jsem si o tom četl nic snadného to nebude
4) Problémy, které jsem měl jsou pryč, avšak při vypínání PC se to občas sekne, typické windowsácké vypínání modrá
obrazovka a zmrznutí