Trojský kůň

[Vendelin]

Ahoj, mám takový větší problém. AVG mi našlo v pc 2 trojský koňě na:
C:\WINDOWS\system32\msvmiode.exe (992) Trojský kůň Generic17.CJWV
C:\WINDOWS\cfdrive32.exe (1576) Trojský kůň Backdoor.Ircbot.MGE

U obou mi AVG hlásí že objekt je nedostupný, takže nejde ani přesunout do trezoru ani vymazat. Nezná někdo nějakej program na jejich odstranění, nebo co se s tím dá dělat? A navíc mi to ovlivnilo internet, takže je pomalý a nenačítají se mi ani stránky, když to chci rozjet, tak musím kliknout nejméně 10x na ikonu aby se mi to okno otevřelo, jinak jakoby zamrzne i pc a když kliknu na Start->Vypnout pc tak pc na to vůbec nereaguje, doufám že mi někdo poradí co s tím, děkuji za odpověď

Logfile of random's system information tool 1.08 (written by random/random)
Run by Mazurkovi at 2010-08-17 15:56:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (31%) free of 50 GB
Total RAM: 3068 MB (72% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2005-10-27 33792]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-18 2065760]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-29 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-23 18077696]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]
"Advanced DHTML Enable"=C:\Documents and Settings\Mazurkovi\Local Settings\Temp\1087.exe []
"MSODESNV7"=C:\WINDOWS\system32\msvmiode.exe [2010-08-16 157696]
"Microsoft Driver Setup"=C:\WINDOWS\cfdrive32.exe [2010-08-16 62464]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\cfdrive32.exe [2010-08-16 62464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"PC Suite Tray"=D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"RGSC"=D:\HRY\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
hp psc 1000 series.lnk - D:\tiskárna\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - D:\tiskárna\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\Mazurkovi\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-04-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-18 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\HRY\FarCry\Bin32\FarCry.exe"="D:\HRY\FarCry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\HRY\Snowboard\ShaunWhiteSnowboardingGame.exe"="D:\HRY\Snowboard\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"D:\HRY\Snowboard\ShaunWhiteSnowboarding.exe"="D:\HRY\Snowboard\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\HRY\Call of Duty\Modern Warfare 2\iw4mp.exe"="D:\HRY\Call of Duty\Modern Warfare 2\iw4mp.exe:*:Disabled:iw4mp"
"D:\HRY\Resident Evil 5\RE5DX9.EXE"="D:\HRY\Resident Evil 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)"
"D:\HRY\Resident Evil 5\RE5DX10.EXE"="D:\HRY\Resident Evil 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)"
"D:\HRY\wolfenstein\MP\Wolf2MP.exe"="D:\HRY\wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"D:\HRY\wolfenstein\MP\Wolf2MPLite.exe"="D:\HRY\wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.ini - open - notepad.exe %1
.js - edit -
.js - open - "C:\Program Files\IDM Computer Solutions\UltraEdit\uedit32.exe" "%1"
.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -
.txt - open - notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-17 15:56:09 ----D---- C:\Program Files\trend micro
2010-08-17 15:56:08 ----D---- C:\rsit
2010-08-17 14:34:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-08-17 14:34:17 ----D---- C:\Program Files\Trojan Remover
2010-08-16 10:48:02 ----D---- C:\WINDOWS\CSC
2010-08-16 10:47:56 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-16 07:28:27 ----RSH---- C:\WINDOWS\cfdrive32.exe
2010-08-16 07:28:09 ----A---- C:\WINDOWS\system32\msvmiode.exe
2010-08-15 20:58:14 ----RSH---- C:\Documents and Settings\Mazurkovi\Data aplikací\ltzqai.exe
2010-08-15 20:57:52 ----A---- C:\WINDOWS\system32\83.exe
2010-07-28 23:05:15 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-07-28 15:03:16 ----A---- C:\WINDOWS\game.ini
2010-07-28 14:03:41 ----RHD---- C:\Documents and Settings\Mazurkovi\Data aplikací\SecuROM
2010-07-22 10:38:32 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Opera
2010-07-18 15:57:05 ----A---- C:\WINDOWS\system32\avgrsstx.dll

======List of files/folders modified in the last 1 months======

2010-08-17 15:56:09 ----RD---- C:\Program Files
2010-08-17 15:54:42 ----D---- C:\WINDOWS\system32
2010-08-17 15:54:42 ----D---- C:\WINDOWS\Prefetch
2010-08-17 14:16:49 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-17 12:51:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-17 11:46:09 ----D---- C:\WINDOWS\Temp
2010-08-16 18:00:41 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-16 10:58:05 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\ICQ
2010-08-16 10:48:02 ----D---- C:\WINDOWS
2010-08-16 09:56:05 ----SHD---- C:\WINDOWS\Installer
2010-08-15 20:57:57 ----SHD---- C:\RECYCLER
2010-08-14 11:27:27 ----D---- C:\rms
2010-08-14 00:25:02 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Skype
2010-08-13 23:11:48 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\skypePM
2010-08-13 21:52:58 ----D---- C:\WINDOWS\system32\DirectX
2010-08-13 21:52:56 ----HD---- C:\WINDOWS\inf
2010-08-13 21:52:39 ----RSD---- C:\WINDOWS\assembly
2010-08-13 21:52:14 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-13 21:51:56 ----D---- C:\Program Files\OpenAL
2010-08-13 17:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-13 11:20:16 ----D---- C:\Program Files\Adobe
2010-08-13 11:20:15 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-11 19:00:00 ----RSD---- C:\WINDOWS\Fonts
2010-08-10 21:13:16 ----A---- C:\WINDOWS\win.ini
2010-08-08 22:01:41 ----D---- C:\WINDOWS\system32\config
2010-08-08 14:08:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-07 17:04:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-07 16:50:57 ----D---- C:\Program Files\PSPad editor
2010-08-07 16:47:58 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-25 09:04:24 ----D---- C:\Program Files\Mozilla Firefox
2010-07-18 15:57:13 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-10-19 28207]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2005-09-14 20016]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-19 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-02-07 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-04-25 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-04-25 25888]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-04-07 4687872]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-19 95232]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-11-21 238736]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-28 40832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-23 4967424]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
S3 a8jtwato;a8jtwato; C:\WINDOWS\system32\drivers\a8jtwato.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-04-07 602112]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-01-27 106496]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-11 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-19 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-02-19 107832]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-12 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-12-21 74360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj pdfforge Toolbar


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

[Vendelin]

Teď mi při spuštění pc naběhne toto okno
http://img541.imageshack.us/img541/8986/chybax.jpg


ComboFix 10-08-17.03 - Administrator 18.08.2010 10:47:50.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3068.2479 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mazurkovi\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\system32\83.exe
D:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-18 do 2010-08-18 )))))))))))))))))))))))))))))))
.

2010-08-18 08:03 . 2010-08-18 08:03 -------- d-----w- c:\program files\CCleaner
2010-08-17 15:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-17 15:15 . 2010-08-17 15:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-17 15:15 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-17 13:56 . 2010-08-17 18:06 -------- d-----w- c:\program files\trend micro
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- C:\rsit
2010-07-28 21:05 . 2010-07-28 21:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 19:51 . 2010-02-10 15:04 -------- d-----w- c:\program files\OpenAL
2010-08-13 09:20 . 2010-03-29 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-07 15:04 . 2009-12-19 03:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-07 14:50 . 2010-03-21 19:11 -------- d-----w- c:\program files\PSPad editor
2010-07-18 13:57 . 2010-01-12 19:30 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-18 13:57 . 2010-07-18 13:57 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-18 13:56 . 2010-01-12 19:30 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-13 16:30 . 2010-07-13 16:30 -------- d-----w- c:\program files\Calibre2
2010-07-13 15:33 . 2010-07-13 15:30 -------- d-----w- c:\program files\PDFCreator
2010-07-12 09:45 . 2009-12-19 03:26 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-12 09:31 . 2010-07-12 09:31 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-06-27 17:50 . 2010-06-27 17:50 -------- d-----w- c:\program files\eTesty
2010-06-23 13:02 . 2010-06-19 12:50 -------- d-----w- c:\program files\ICQ6.5
2010-06-20 11:17 . 2010-06-20 11:17 -------- d-----w- c:\program files\Ultra Video Converter
2010-06-20 10:20 . 2010-06-20 10:20 -------- d-----w- c:\program files\Speed Video Converter
2010-06-07 18:30 . 2010-06-15 08:23 282928 ----a-w- c:\windows\system32\HMIPCore.dll
2010-06-02 15:06 . 2010-01-12 19:30 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"="c:\program files\Common Files\Ahead\Lib\NMFirstStart.exe" [2006-11-16 10752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2005-10-26 33792]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-18 2065760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-23 18077696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mazurkovi\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2010-1-29 1048576]
hp psc 1000 series.lnk - d:\tisk rna\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - d:\tisk rna\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-18 13:57 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\HRY\\Resident Evil 5\\RE5DX9.EXE"=
"d:\\HRY\\Resident Evil 5\\RE5DX10.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\HRY\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"d:\\HRY\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12.1.2010 21:30 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12.1.2010 21:30 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.7.2010 15:57 308136]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [19.12.2009 5:25 238736]
R3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 17:21 30720]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 17:04 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.3.2010 14:00 1684736]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.1.2010 21:20 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 15:04]

2010-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 15:04]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.gooofullsearch.com/
TCP: {16B163DB-7DF8-43EC-A8D9-F0341742CFAF} = 1.1.1.1,1.1.1.17
FF - ProfilePath -

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
.txt=UltraEdit.txt
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-VPN Anonymizer - c:\program files\VPN Anonymizer\uninst.exe
AddRemove-{F4851D03-553C-4ACE-ADBD-CA6BE8451072} - c:\program files\Singles 2\Uninstall.exe
AddRemove-Čeština do Hide IP Platinum 3.21 - c:\program files\Hide IP Platinum\Odinstalovat.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 10:51
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1292428093-1202660629-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1292428093-1202660629-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:e3,9f,38,78,7e,b5,b5,20,40,ca,b8,93,49,90,15,1c,5e,a8,19,41,50,
7b,0a,fc,91,d6,e8,38,24,e7,41,5a,d3,21,40,7d,80,37,96,38,60,af,5e,95,b1,3b,\
"rkeysecu"=hex:cb,12,06,c4,ea,c6,fb,ee,8f,af,f8,11,15,8f,42,af
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1040)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-08-18 10:52:28
ComboFix-quarantined-files.txt 2010-08-18 08:52

Před spuštěním: Volných bajtů: 22 316 224 512
Po spuštění: Volných bajtů: 22 282 235 904

- - End Of File - - 09B588E03796CC0A0C573EE9E35B5F58

[Roli]

Tu hlášku dořešíme pak, nejdříve se zbavíme těch šmejdů.

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
C:\WINDOWS\cfdrive32.exe

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=-

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[Vendelin]

ComboFix 10-08-17.04 - Mazurkovi 18.08.2010 18:58:28.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3068.2048 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mazurkovi\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mazurkovi\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\cfdrive32.exe"
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-18 do 2010-08-18 )))))))))))))))))))))))))))))))
.

2010-08-18 10:16 . 2010-08-18 10:16 -------- d-----w- c:\windows\LastGood
2010-08-18 08:03 . 2010-08-18 08:03 -------- d-----w- c:\program files\CCleaner
2010-08-17 15:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-17 15:15 . 2010-08-17 15:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-17 15:15 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-17 13:56 . 2010-08-17 18:06 -------- d-----w- c:\program files\trend micro
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- C:\rsit
2010-07-28 21:05 . 2010-07-28 21:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 19:51 . 2010-02-10 15:04 -------- d-----w- c:\program files\OpenAL
2010-08-13 09:20 . 2010-03-29 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-07 15:04 . 2009-12-19 03:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-07 14:50 . 2010-03-21 19:11 -------- d-----w- c:\program files\PSPad editor
2010-07-18 13:57 . 2010-01-12 19:30 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-18 13:57 . 2010-07-18 13:57 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-18 13:56 . 2010-01-12 19:30 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-13 16:30 . 2010-07-13 16:30 -------- d-----w- c:\program files\Calibre2
2010-07-13 15:33 . 2010-07-13 15:30 -------- d-----w- c:\program files\PDFCreator
2010-07-12 09:45 . 2009-12-19 03:26 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-12 09:31 . 2010-07-12 09:31 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-06-27 17:50 . 2010-06-27 17:50 -------- d-----w- c:\program files\eTesty
2010-06-23 13:02 . 2010-06-19 12:50 -------- d-----w- c:\program files\ICQ6.5
2010-06-20 11:17 . 2010-06-20 11:17 -------- d-----w- c:\program files\Ultra Video Converter
2010-06-20 10:20 . 2010-06-20 10:20 -------- d-----w- c:\program files\Speed Video Converter
2010-06-07 18:30 . 2010-06-15 08:23 282928 ----a-w- c:\windows\system32\HMIPCore.dll
2010-06-02 15:06 . 2010-01-12 19:30 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-08-18_08.51.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-18 08:59 . 2010-08-18 08:59 16384 c:\windows\Temp\Perflib_Perfdata_3dc.dat
+ 2009-08-06 17:24 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2009-12-19 02:32 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2010-08-18 10:16 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-12-19 02:32 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2008-04-14 06:51 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 06:51 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2010-08-18 10:16 . 2008-04-14 06:52 32256 c:\windows\LastGood\system32\wups.dll
+ 2010-08-18 10:16 . 2008-04-14 06:51 66560 c:\windows\LastGood\system32\cdm.dll
+ 2009-12-19 02:32 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2009-12-19 02:32 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2009-12-19 02:32 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2009-12-19 02:32 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2010-08-18 10:16 . 2008-04-14 06:52 112640 c:\windows\LastGood\system32\wucltui.dll
+ 2010-08-18 10:16 . 2008-04-14 06:52 111104 c:\windows\LastGood\system32\wuauclt.exe
+ 2010-08-18 10:16 . 2008-04-14 06:52 431104 c:\windows\LastGood\system32\wuapi.dll
+ 2009-12-19 02:32 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2009-12-19 02:32 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2010-08-18 10:16 . 2008-04-14 06:52 1135616 c:\windows\LastGood\system32\wuaueng.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"PC Suite Tray"="d:\programy\PC suite\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2005-10-26 33792]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-18 2065760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-23 18077696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mazurkovi\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2010-1-29 1048576]
hp psc 1000 series.lnk - d:\tisk rna\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - d:\tisk rna\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-18 13:57 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\HRY\\Resident Evil 5\\RE5DX9.EXE"=
"d:\\HRY\\Resident Evil 5\\RE5DX10.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\HRY\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"d:\\HRY\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12.1.2010 21:30 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12.1.2010 21:30 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.7.2010 15:57 308136]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [19.12.2009 5:25 238736]
R3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 17:21 30720]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 17:04 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.3.2010 14:00 1684736]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.1.2010 21:20 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 15:04]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 15:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
mStart Page = hxxp://www.gooofullsearch.com/
uInternet Connection Wizard,ShellNext = hxxp://www.bumptop.com/pro?discount_code=8ea39 ... fcea0ecb9-
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {16B163DB-7DF8-43EC-A8D9-F0341742CFAF} = 1.1.1.1,1.1.1.17
FF - ProfilePath - c:\documents and settings\Mazurkovi\Data aplikací\Mozilla\Firefox\Profiles\yvjhki4y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=
FF - component: c:\documents and settings\Mazurkovi\Data aplikací\Mozilla\Firefox\Profiles\yvjhki4y.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Mazurkovi\Data aplikací\Mozilla\Firefox\Profiles\yvjhki4y.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Mazurkovi\Data aplikací\Mozilla\Firefox\Profiles\yvjhki4y.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-RGSC - d:\hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 19:00
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1292428093-1202660629-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1292428093-1202660629-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:e3,9f,38,78,7e,b5,b5,20,40,ca,b8,93,49,90,15,1c,5e,a8,19,41,50,
7b,0a,fc,91,d6,e8,38,24,e7,41,5a,d3,21,40,7d,80,37,96,38,60,af,5e,95,b1,3b,\
"rkeysecu"=hex:cb,12,06,c4,ea,c6,fb,ee,8f,af,f8,11,15,8f,42,af
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1032)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll

- - - - - - - > 'explorer.exe'(980)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-08-18 19:02:01
ComboFix-quarantined-files.txt 2010-08-18 17:01
ComboFix2.txt 2010-08-18 08:52

Před spuštěním: Volných bajtů: 21 569 081 344
Po spuštění: Volných bajtů: 21 561 815 040

- - End Of File - - EC2283C8C284E471BDFCFC6E9FC287F6

[Roli]

Bezva, jaký je stav PC ?

[Vendelin]

Super, všechno už funguje, akorát mi furt nabíhá ta tabulka s Daemonem

[motji]

Hezké dopoledne, záskok za kolegu

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[Vendelin]

Jinak vše funguje a ta hláška s Daemonem už nevyskakuje děkuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by Mazurkovi at 2010-08-20 12:52:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 35 GB (70%) free of 50 GB
Total RAM: 3068 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:52:18, on 20.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
D:\tiskárna\Digital Imaging\bin\hpohmr08.exe
D:\tiskárna\Digital Imaging\bin\hpotdd01.exe
D:\tiskárna\Digital Imaging\bin\hpoevm08.exe
D:\tiskárna\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Mazurkovi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mazurkovi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gooofullsearch.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.bumptop.com/pro?discount_cod ... fcea0ecb9-
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2632178952
O17 - HKLM\System\CCS\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10108 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2005-10-27 33792]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-18 2065760]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-29 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-23 18077696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"PC Suite Tray"=D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
hp psc 1000 series.lnk - D:\tiskárna\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - D:\tiskárna\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\Mazurkovi\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-04-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-18 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\HRY\Resident Evil 5\RE5DX9.EXE"="D:\HRY\Resident Evil 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)"
"D:\HRY\Resident Evil 5\RE5DX10.EXE"="D:\HRY\Resident Evil 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.ini - open - notepad.exe %1
.js - edit -
.js - open -
.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -
.txt - open - notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-20 12:52:07 ----D---- C:\rsit
2010-08-20 11:19:14 ----D---- C:\WINDOWS\LastGood
2010-08-20 11:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-08-20 11:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-08-20 11:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-08-20 11:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-08-20 11:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-20 11:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-08-20 11:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-20 11:14:53 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-08-20 11:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-08-20 11:14:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-08-20 11:14:42 ----D---- C:\WINDOWS\system32\KB905474
2010-08-20 11:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-20 11:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-20 11:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-08-20 11:14:19 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-08-20 11:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-08-20 11:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-08-20 11:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-08-20 11:09:48 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-20 11:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-08-20 11:06:28 ----SHD---- C:\Config.Msi
2010-08-20 11:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-08-20 11:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-08-20 11:05:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-08-20 11:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-20 11:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-08-20 11:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-08-20 11:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-08-20 11:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-08-20 11:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-08-20 11:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-08-20 11:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-08-20 11:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-08-20 11:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-20 11:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-20 11:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-08-20 11:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-08-20 11:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-20 11:03:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-08-20 11:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-20 11:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-08-20 11:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-08-20 11:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-20 11:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-08-20 10:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-08-20 10:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-20 10:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-08-20 10:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-08-20 10:59:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-08-20 10:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-08-19 14:19:17 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Media Player Classic
2010-08-19 14:15:50 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-08-19 11:28:00 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-19 11:28:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-08-19 11:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-08-19 11:27:58 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-18 21:16:15 ----SHD---- C:\RECYCLER
2010-08-18 12:16:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-08-18 10:34:05 ----D---- C:\WINDOWS\Minidump
2010-08-18 10:29:27 ----A---- C:\Boot.bak
2010-08-18 10:29:23 ----RASHD---- C:\cmdcons
2010-08-18 10:03:55 ----D---- C:\Program Files\CCleaner
2010-08-17 17:16:06 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Malwarebytes
2010-08-17 17:16:00 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-17 17:15:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-17 17:15:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-17 17:15:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-17 15:56:09 ----D---- C:\Program Files\trend micro
2010-08-17 14:34:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-08-16 10:48:02 ----D---- C:\WINDOWS\CSC
2010-07-28 23:05:15 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-07-28 15:03:16 ----A---- C:\WINDOWS\game.ini
2010-07-28 14:03:41 ----RHD---- C:\Documents and Settings\Mazurkovi\Data aplikací\SecuROM
2010-07-22 10:38:32 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Opera

======List of files/folders modified in the last 1 months======

2010-08-20 12:02:17 ----D---- C:\WINDOWS\Temp
2010-08-20 12:02:17 ----D---- C:\WINDOWS\Debug
2010-08-20 12:02:17 ----D---- C:\WINDOWS
2010-08-20 11:59:00 ----D---- C:\WINDOWS\Prefetch
2010-08-20 11:47:55 ----HD---- C:\WINDOWS\inf
2010-08-20 11:45:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-20 11:17:25 ----D---- C:\WINDOWS\system32
2010-08-20 11:17:01 ----D---- C:\WINDOWS\system32\wbem
2010-08-20 11:17:01 ----D---- C:\WINDOWS\AppPatch
2010-08-20 11:15:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-20 11:15:43 ----RSD---- C:\WINDOWS\assembly
2010-08-20 11:15:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-20 11:15:21 ----D---- C:\WINDOWS\system32\drivers
2010-08-20 11:15:18 ----D---- C:\Program Files\Messenger
2010-08-20 11:15:01 ----D---- C:\WINDOWS\WinSxS
2010-08-20 11:14:42 ----SD---- C:\WINDOWS\Tasks
2010-08-20 11:14:32 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-20 11:14:18 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-20 11:14:11 ----SHD---- C:\WINDOWS\Installer
2010-08-20 11:13:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-20 11:04:17 ----D---- C:\Program Files\Outlook Express
2010-08-20 11:03:45 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-20 11:03:37 ----D---- C:\Program Files\Movie Maker
2010-08-19 14:57:52 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-18 19:01:01 ----A---- C:\WINDOWS\system.ini
2010-08-18 18:59:56 ----D---- C:\Program Files\Common Files
2010-08-18 12:16:32 ----D---- C:\WINDOWS\SoftwareDistribution
2010-08-18 12:16:27 ----D---- C:\WINDOWS\Help
2010-08-18 11:26:35 ----D---- C:\rms
2010-08-18 11:12:28 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\ICQ
2010-08-18 10:32:10 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-18 10:29:27 ----RASH---- C:\boot.ini
2010-08-18 10:09:41 ----D---- C:\Documents and Settings
2010-08-18 10:03:55 ----RD---- C:\Program Files
2010-08-17 19:24:14 ----D---- C:\WINDOWS\system32\config
2010-08-17 19:03:33 ----D---- C:\WINDOWS\mui
2010-08-17 18:10:30 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2010-08-14 00:25:02 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Skype
2010-08-13 23:11:48 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\skypePM
2010-08-13 21:52:58 ----D---- C:\WINDOWS\system32\DirectX
2010-08-13 21:51:56 ----D---- C:\Program Files\OpenAL
2010-08-13 17:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-13 11:20:16 ----D---- C:\Program Files\Adobe
2010-08-13 11:20:15 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-11 19:00:00 ----RSD---- C:\WINDOWS\Fonts
2010-08-10 21:13:16 ----A---- C:\WINDOWS\win.ini
2010-08-07 17:04:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-07 16:50:57 ----D---- C:\Program Files\PSPad editor
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 09:04:24 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-10-19 28207]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2005-09-14 20016]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-02-07 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-04-25 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-04-25 25888]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-04-07 4687872]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-19 95232]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-11-21 238736]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-28 40832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-23 4967424]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-19 691696]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-04-07 602112]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-01-27 106496]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-11 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-19 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-02-19 107832]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-12 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-12-21 74360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

spusťte přejmenované HJT C:\Program Files\trend micro\Mazurkovi.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gooofullsearch.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.bumptop.com/pro?discount_cod ... fcea0ecb9-
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc


Odinstalujte Daemon tols toolbar

tohle znáte?
O17 - HKLM\System\CCS\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17

[Vendelin]

tohle znáte?
O17 - HKLM\System\CCS\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17

Ne-e neznám

[motji]

Pokud je nemáte ani ve smlouvě s providerem, tak je fixněte v HJt

[Vendelin]

Kód: Vybrat vše

O17 - HKLM\System\CCS\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17

-> Tohle jsem tam radši nechal

Logfile of random's system information tool 1.08 (written by random/random)
Run by Mazurkovi at 2010-08-20 18:11:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (69%) free of 50 GB
Total RAM: 3068 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:20, on 20.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
D:\tiskárna\Digital Imaging\bin\hpohmr08.exe
D:\tiskárna\Digital Imaging\bin\hpotdd01.exe
D:\tiskárna\Digital Imaging\bin\hpoevm08.exe
D:\tiskárna\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Mazurkovi\Plocha\RSIT.exe
C:\Program Files\trend micro\Mazurkovi.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2632178952
O17 - HKLM\System\CCS\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{16B163DB-7DF8-43EC-A8D9-F0341742CFAF}: NameServer = 1.1.1.1,1.1.1.17
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9603 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-11 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2005-10-27 33792]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-18 2065760]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-29 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-23 18077696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"PC Suite Tray"=D:\Programy\PC suite\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
hp psc 1000 series.lnk - D:\tiskárna\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - D:\tiskárna\Digital Imaging\bin\hpotdd01.exe

C:\Documents and Settings\Mazurkovi\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-04-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-18 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\HRY\Resident Evil 5\RE5DX9.EXE"="D:\HRY\Resident Evil 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)"
"D:\HRY\Resident Evil 5\RE5DX10.EXE"="D:\HRY\Resident Evil 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\HRY\S.T.A.L.K.E.R\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.ini - open - notepad.exe %1
.js - edit -
.js - open -
.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -
.txt - open - notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-20 12:52:07 ----D---- C:\rsit
2010-08-20 11:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-08-20 11:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-08-20 11:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-08-20 11:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-08-20 11:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-20 11:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-08-20 11:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-20 11:14:53 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-08-20 11:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-08-20 11:14:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-08-20 11:14:42 ----D---- C:\WINDOWS\system32\KB905474
2010-08-20 11:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-20 11:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-20 11:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-08-20 11:14:19 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-08-20 11:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-08-20 11:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-08-20 11:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-08-20 11:09:48 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-20 11:07:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-08-20 11:06:28 ----SHD---- C:\Config.Msi
2010-08-20 11:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-08-20 11:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-08-20 11:05:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-08-20 11:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-20 11:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-08-20 11:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-08-20 11:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-08-20 11:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-08-20 11:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-08-20 11:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-08-20 11:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-08-20 11:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-08-20 11:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-20 11:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-20 11:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-08-20 11:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-08-20 11:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-20 11:03:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-08-20 11:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-20 11:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-08-20 11:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-08-20 11:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-20 11:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-08-20 10:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-08-20 10:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-20 10:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-08-20 10:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-08-20 10:59:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-08-20 10:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-08-19 14:19:17 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Media Player Classic
2010-08-19 14:15:50 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-08-19 11:28:00 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-19 11:28:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-08-19 11:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-08-19 11:27:58 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-18 21:16:15 ----SHD---- C:\RECYCLER
2010-08-18 12:16:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-08-18 10:34:05 ----D---- C:\WINDOWS\Minidump
2010-08-18 10:29:27 ----A---- C:\Boot.bak
2010-08-18 10:29:23 ----RASHD---- C:\cmdcons
2010-08-18 10:03:55 ----D---- C:\Program Files\CCleaner
2010-08-17 17:16:06 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Malwarebytes
2010-08-17 17:16:00 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-17 17:15:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-17 17:15:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-17 17:15:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-17 15:56:09 ----D---- C:\Program Files\trend micro
2010-08-17 14:34:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-08-16 10:48:02 ----D---- C:\WINDOWS\CSC
2010-07-28 23:05:15 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-07-28 15:03:16 ----A---- C:\WINDOWS\game.ini
2010-07-28 14:03:41 ----RHD---- C:\Documents and Settings\Mazurkovi\Data aplikací\SecuROM
2010-07-22 10:38:32 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Opera

======List of files/folders modified in the last 1 months======

2010-08-20 18:10:40 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-08-20 18:06:32 ----D---- C:\WINDOWS\Temp
2010-08-20 18:04:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-20 17:45:55 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-20 17:32:40 ----D---- C:\WINDOWS\Prefetch
2010-08-20 15:39:01 ----D---- C:\WINDOWS
2010-08-20 14:40:05 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\ICQ
2010-08-20 14:09:15 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-20 13:33:20 ----RSD---- C:\WINDOWS\assembly
2010-08-20 13:03:49 ----D---- C:\Program Files\PSPad editor
2010-08-20 12:46:03 ----D---- C:\Program Files\Roni Music
2010-08-20 12:02:17 ----D---- C:\WINDOWS\Debug
2010-08-20 11:47:55 ----HD---- C:\WINDOWS\inf
2010-08-20 11:17:25 ----D---- C:\WINDOWS\system32
2010-08-20 11:17:01 ----D---- C:\WINDOWS\system32\wbem
2010-08-20 11:17:01 ----D---- C:\WINDOWS\AppPatch
2010-08-20 11:15:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-20 11:15:21 ----D---- C:\WINDOWS\system32\drivers
2010-08-20 11:15:18 ----D---- C:\Program Files\Messenger
2010-08-20 11:15:01 ----D---- C:\WINDOWS\WinSxS
2010-08-20 11:14:42 ----SD---- C:\WINDOWS\Tasks
2010-08-20 11:14:32 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-20 11:14:11 ----SHD---- C:\WINDOWS\Installer
2010-08-20 11:13:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-20 11:04:17 ----D---- C:\Program Files\Outlook Express
2010-08-20 11:03:45 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-20 11:03:37 ----D---- C:\Program Files\Movie Maker
2010-08-19 14:57:52 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-18 19:01:01 ----A---- C:\WINDOWS\system.ini
2010-08-18 18:59:56 ----D---- C:\Program Files\Common Files
2010-08-18 12:16:32 ----D---- C:\WINDOWS\SoftwareDistribution
2010-08-18 12:16:27 ----D---- C:\WINDOWS\Help
2010-08-18 11:26:35 ----D---- C:\rms
2010-08-18 10:32:10 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-18 10:29:27 ----RASH---- C:\boot.ini
2010-08-18 10:09:41 ----D---- C:\Documents and Settings
2010-08-18 10:03:55 ----RD---- C:\Program Files
2010-08-17 19:24:14 ----D---- C:\WINDOWS\system32\config
2010-08-17 19:03:33 ----D---- C:\WINDOWS\mui
2010-08-17 18:10:30 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2010-08-14 00:25:02 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\Skype
2010-08-13 23:11:48 ----D---- C:\Documents and Settings\Mazurkovi\Data aplikací\skypePM
2010-08-13 21:52:58 ----D---- C:\WINDOWS\system32\DirectX
2010-08-13 21:51:56 ----D---- C:\Program Files\OpenAL
2010-08-13 17:58:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-13 11:20:16 ----D---- C:\Program Files\Adobe
2010-08-13 11:20:15 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-11 19:00:00 ----RSD---- C:\WINDOWS\Fonts
2010-08-10 21:13:16 ----A---- C:\WINDOWS\win.ini
2010-08-07 17:04:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 09:04:24 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-10-19 28207]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2005-09-14 20016]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-19 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-02-07 82380]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-04-25 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-04-25 25888]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-04-07 4687872]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-19 95232]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-11-21 238736]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-28 40832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-23 4967424]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
S3 a9ccxi0c;a9ccxi0c; C:\WINDOWS\system32\drivers\a9ccxi0c.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-04-07 602112]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-01-27 106496]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-11 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-19 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-02-19 107832]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-12 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-12-21 74360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Tuto složku znáte?
C:\rms

Pokud nejsou problémy, je to vše

[Vendelin]

Tuto složku znáte?
C:\rms

Pokud nejsou problémy, je to vše

jj tuto složku znám, tak děkuji moc, všechno funguje a doufám že od virů už budu mít nějakou dobu pokoj, děkuji strašně moc za pomoc děkuji