Preventivní kontrola + Zrychlení Výkonu PC

[ReZisten]

Zdravim, poslední dobou mam PC nějaké zasekané, skoušel jsem všelijaké programy které prý "zvýší" výkon počítače, ale podle mě, to jsou jen dobře graficky zpracované blbosti...
Odinstaloval jsem pár programů, smazal registry, a odstranil nepotřebné věci... Trošku je to lepší ale nic moc

Zde je log z RSITu:
----------------------------------------------------------------------------

Logfile of random's system information tool 1.07 (written by random/random)
Run by Radka at 2010-09-21 18:29:36
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (33%) free of 15 GB
Total RAM: 1015 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:05, on 21.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\COMODO\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Firebird\bin\fbguard.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
D:\Programy\COMODO\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\igfxsrvc.exe
D:\Programy\Advanced SystemCare 3\AWC.exe
C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Firebird\bin\fbserver.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Programy\QIP 2010\QIP Infium\infium.exe
D:\Programy\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
D:\Staženo\RSIT.exe
C:\Program Files\trend micro\Radka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Radka\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Radka\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Radka\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [MsgTranAgt] "C:\Program Files\ATK Hotkey\MsgTranAgt.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Programy\COMODO\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Programy\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - D:\Programy\QIP 2010\QIP Infium\infium.exe (HKCU)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/d ... .2.5.0.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2843863390
O17 - HKLM\System\CCS\Services\Tcpip\..\{34DAE7A0-17AC-4717-8461-29CF0002C457}: NameServer = 1.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ED2E5D7-6A00-438C-96AD-2CDF05ADEB53}: NameServer = 193.179.144.2,212.47.0.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Programy\COMODO\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbserver.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - Unknown owner - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (file missing)

--
End of file - 8575 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Radka\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-06-10 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Radka\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-08-09 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E9FAB13D-4600-49E1-90D1-EE961C859D39} - HopSurf toolbar - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll [2010-06-05 1331392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-11-28 229376]
"MsgTranAgt"=C:\Program Files\ATK Hotkey\MsgTranAgt.exe [2007-11-04 106496]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-11 16861184]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-13 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-13 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-08 137752]
"COMODO Internet Security"=D:\Programy\COMODO\COMODO\COMODO Internet Security\cfp.exe [2010-08-15 2039240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"=D:\Programy\Advanced SystemCare 3\AWC.exe [2010-05-17 2345680]
"QIP Internet Guardian"=C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe [2010-06-10 190416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe [2010-06-10 190416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-04-11 16861184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoNetworkConnections"=0x01000000
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=
"NoPopUpsOnBoot"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"D:\Programy\Pinnacle VideoSpin\Programs\RM.exe"="D:\Programy\Pinnacle VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Programy\Pinnacle VideoSpin\Programs\PMSRegisterFile.exe"="D:\Programy\Pinnacle VideoSpin\Programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"D:\Programy\Pinnacle VideoSpin\Programs\umi.exe"="D:\Programy\Pinnacle VideoSpin\Programs\umi.exe:*:Enabled:umi"
"D:\Programy\Pinnacle VideoSpin\Programs\VideoSpin.exe"="D:\Programy\Pinnacle VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.ini - open - notepad.exe %1
.js - edit -
.js - open -
.txt - open - notepad.exe %1

======List of files/folders created in the last 1 months======

2010-09-17 22:08:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-09 12:48:47 ----D---- C:\Documents and Settings\Radka\Data aplikací\Hamachi
2010-09-09 12:48:23 ----D---- C:\Program Files\Hamachi
2010-09-09 12:31:34 ----D---- C:\Sphere 0.56b
2010-09-09 12:03:26 ----D---- C:\Sphere
2010-08-31 18:05:28 ----D---- C:\Documents and Settings\Radka\Data aplikací\QipGuard
2010-08-23 15:18:19 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of files/folders modified in the last 1 months======

2010-09-21 18:29:59 ----D---- C:\TEMP
2010-09-21 18:29:59 ----D---- C:\Program Files\trend micro
2010-09-21 18:29:34 ----D---- C:\Documents and Settings\Radka\Data aplikací\Skype
2010-09-21 18:24:39 ----D---- C:\Program Files\Mozilla Firefox
2010-09-21 18:24:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-21 16:09:13 ----D---- C:\Documents and Settings\Radka\Data aplikací\skypePM
2010-09-21 15:41:57 ----D---- C:\WINDOWS
2010-09-20 19:42:18 ----D---- C:\WINDOWS\Prefetch
2010-09-19 22:54:22 ----SHD---- C:\WINDOWS\Installer
2010-09-09 12:48:27 ----D---- C:\WINDOWS\temp
2010-09-09 12:48:27 ----D---- C:\WINDOWS\system32\drivers
2010-09-09 12:48:23 ----AD---- C:\Program Files
2010-08-26 20:20:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-23 15:19:38 ----D---- C:\Documents and Settings\Radka\Data aplikací\Ventrilo
2010-08-23 15:18:19 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2010-08-15 15464]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-08-15 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-08-15 25240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-10-25 549184]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-09 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-18 4707328]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-06-27 10368]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-10-14 32000]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 a51jrwvx;a51jrwvx; C:\WINDOWS\system32\drivers\a51jrwvx.sys []
S3 catchme;catchme; \??\C:\Temp\catchme.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Temp\EZC3D.tmp []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 NE2000;NE2000 Compatible PCMCIA; C:\WINDOWS\system32\DRIVERS\ne2000.sys [2001-08-17 15872]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 XDva349;XDva349; \??\C:\WINDOWS\system32\XDva349.sys []
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Programy\COMODO\COMODO\COMODO Internet Security\cmdagent.exe [2010-08-15 1778480]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [2007-12-12 65536]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-05-11 1619272]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe EXEC /i C:\ComboFix\REGT.cfxxe /S C:\ComboFix\CregB.dat []
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe []
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JaRon]

ahoj
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
PEVSystemStart
GarenaPEngine
XDva349

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[ReZisten]

Zde je log z ComboFixu:

-----------------------------------------------------------------------------
ComboFix 10-09-21.03 - Radka 22.09.2010 17:20:50.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.561 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Radka\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Radka\Plocha\CFScript.txt
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GARENAPENGINE
-------\Legacy_XDVA349
-------\Service_GarenaPEngine
-------\Service_XDva349


((((((((((((((((((((((((( Soubory vytvořené od 2010-08-22 do 2010-09-22 )))))))))))))))))))))))))))))))
.

2010-09-09 10:48:23 . 2010-09-09 10:48:47 -------- d-----w- C:\Program Files\Hamachi
2010-09-09 10:31:34 . 2010-09-09 10:42:28 -------- d-----w- C:\Sphere 0.56b
2010-09-09 10:03:26 . 2010-09-09 11:42:44 -------- d-----w- C:\Sphere
2010-08-26 18:20:17 . 2008-04-13 22:15:14 60032 -c--a-w- C:\WINDOWS\system32\dllcache\usbaudio.sys
2010-08-26 18:20:17 . 2008-04-13 22:15:14 60032 ----a-w- C:\WINDOWS\system32\drivers\USBAUDIO.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-21 16:29:59 . 2010-06-06 11:55:24 -------- d-----w- C:\Program Files\trend micro
2010-09-09 10:48:23 . 2010-03-31 21:41:00 25280 ----a-w- C:\WINDOWS\system32\drivers\hamachi.sys
2010-08-23 13:18:19 . 2010-08-23 13:18:19 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-20 07:48:35 . 2010-08-20 07:48:35 48 ---ha-w- C:\WINDOWS\system32\ezsidmv.dat
2010-08-20 07:42:08 . 2010-08-20 07:41:19 -------- d-----r- C:\Program Files\Skype
2010-08-20 07:41:23 . 2010-08-20 07:41:23 -------- d-----w- C:\Program Files\Common Files\Skype
2010-08-18 18:01:16 . 2010-08-18 17:58:18 -------- d-----w- C:\Program Files\Spybot - Search & Destroy
2010-08-18 17:03:42 . 2008-06-26 16:13:02 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2010-08-16 17:48:32 . 2010-08-16 17:48:32 -------- d-----w- C:\Program Files\OO Software
2010-08-15 20:48:48 . 2010-04-08 23:26:12 278288 ----a-w- C:\WINDOWS\system32\guard32.dll
2010-08-15 20:48:35 . 2010-04-08 23:25:48 87824 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys
2010-08-15 20:48:31 . 2010-04-08 23:25:46 25240 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys
2010-08-15 20:48:29 . 2010-04-08 23:25:44 15464 ----a-w- C:\WINDOWS\system32\drivers\cmderd.sys
2010-08-15 20:48:27 . 2010-04-08 23:25:46 229312 ----a-w- C:\WINDOWS\system32\drivers\cmdGuard.sys
2010-08-15 12:50:45 . 2010-08-15 12:50:49 95024 ----a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys
2010-08-13 19:55:14 . 2006-03-02 12:00:00 90530 ----a-w- C:\WINDOWS\system32\perfc005.dat
2010-08-13 19:55:14 . 2006-03-02 12:00:00 472488 ----a-w- C:\WINDOWS\system32\perfh005.dat
2010-08-13 19:42:00 . 2010-08-13 19:42:00 -------- d-----w- C:\Program Files\Google
2010-08-13 19:07:08 . 2010-02-28 13:51:26 -------- d-----w- C:\Program Files\DivX
2010-08-13 19:05:04 . 2009-12-01 14:09:43 -------- d-----w- C:\Program Files\Common Files\ACD Systems
2010-08-13 17:53:50 . 2010-08-13 17:53:50 -------- d-----w- C:\Program Files\Pinnacle
2010-08-13 17:53:50 . 2010-08-13 17:53:50 -------- d-----w- C:\Program Files\Common Files\Yahoo!
2010-08-10 15:12:29 . 2009-05-20 20:15:44 -------- d-----w- C:\Program Files\Defraggler
2010-06-30 12:24:54 . 2006-03-02 12:00:00 149504 ----a-w- C:\WINDOWS\system32\schannel.dll
.

------- Sigcheck -------

[-] 2010-02-28 18:05:55 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\system32\appmgmts.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="D:\Programy\Advanced SystemCare 3\AWC.exe" [2010-05-17 11:14:12 2345680]
"QIP Internet Guardian"="C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe" [2010-06-10 13:07:50 190416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="C:\Program Files\ATK Hotkey\Hcontrol.exe" [2007-11-28 15:39:36 229376]
"MsgTranAgt"="C:\Program Files\ATK Hotkey\MsgTranAgt.exe" [2007-11-04 17:48:06 106496]
"ATKOSD2"="C:\Program Files\ATKOSD2\ATKOSD2.exe" [2007-10-17 17:04:00 7737344]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 12:02:04 786521]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 16:01:06 90112]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 23:52:00 16861184]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 20:13:52 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 20:13:38 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 20:13:54 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 20:13:54 455168]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-11-08 13:56:42 141848]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-11-08 07:56:12 166424]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-11-08 07:56:20 137752]
"COMODO Internet Security"="D:\Programy\COMODO\COMODO\COMODO Internet Security\cfp.exe" [2010-08-15 20:45:00 2039240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoNetworkConnections"= 01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52:18 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-06-10 13:07:50 190416 ----a-w- C:\Documents and Settings\Radka\Data aplikací\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-04-10 23:52:00 16861184 ----a-w- C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12:40 26192168 ----a-r- C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-11-21 01:15:00 1826816 ----a-w- C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 03:19:17 148888 ----a-w- C:\Program Files\Java\jre6\bin\jusched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Programy\\Pinnacle VideoSpin\\Programs\\RM.exe"=
"D:\\Programy\\Pinnacle VideoSpin\\Programs\\PMSRegisterFile.exe"=
"D:\\Programy\\Pinnacle VideoSpin\\Programs\\umi.exe"=
"D:\\Programy\\Pinnacle VideoSpin\\Programs\\VideoSpin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19887:TCP"= 19887:TCP:BitComet 19887 TCP
"19887:UDP"= 19887:UDP:BitComet 19887 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 cmderd;COMODO Internet Security Eradication Driver;C:\WINDOWS\system32\drivers\cmderd.sys [9.4.2010 1:25:44 15464]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\system32\drivers\cmdGuard.sys [9.4.2010 1:25:46 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\WINDOWS\system32\drivers\cmdhlp.sys [9.4.2010 1:25:46 25240]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\Comodo\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00:24 148744]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;C:\Program Files\Firebird\bin\fbguard.exe -s --> C:\Program Files\Firebird\bin\fbguard.exe -s [?]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [15.4.2010 20:20:00 233472]
R2 OODefragAgent;O&O Defrag Agent;C:\Program Files\OO Software\Defrag\oodag.exe [11.5.2010 22:36:10 1619272]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\bin\fbserver.exe -s --> C:\Program Files\Firebird\bin\fbserver.exe -s [?]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [15.4.2010 20:20:00 36608]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe" --> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [?]
S3 NE2000;NE2000 Compatible PCMCIA;C:\WINDOWS\system32\drivers\ne2000.sys [23.10.2009 18:12:02 15872]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [15.4.2010 20:21:04 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [15.4.2010 20:21:04 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [15.4.2010 20:21:04 121856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys --> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [?]
S4 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [16.1.2010 17:37:50 691696]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 10:47:34 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {34DAE7A0-17AC-4717-8461-29CF0002C457} = 1.1.1.1
TCP: {8ED2E5D7-6A00-438C-96AD-2CDF05ADEB53} = 193.179.144.2,212.47.0.4
FF - ProfilePath - C:\Documents and Settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\m8you27d.default\
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: C:\Documents and Settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\m8you27d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: D:\Programy\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-SMSERIAL - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

[JaRon]

je to lepsie

[ReZisten]

No trochu.. Ale furt to neni to co bych si představoval

[JaRon]

odinstaluj C:\Program Files\Spybot - Search & Destroy a prescanuj PC s AVPTool