VIRY.CZ

Dobrý den,

již jsem sem psal ale moje založené téma zmizelo, nevím proč... Zakládam tedy nové..
Pokračuju ve fázi kdy po logu z HijackThis mi bylo doporuceno projet PC Combofixem a na to do textaku zkopirovat nejaky text, ktery jsem pak hodil na ikonu Combofixu, nasledne probehla "rehabilitace"...

posilam zatim posledni log: (z 18.10.)

ComboFix 10-10-16.03 - Philliboy 18.10.2010 21:22:17.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2603 [GMT 2:00]
Spuštěný z: c:\documents and settings\Philliboy\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Philliboy\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira Firewall *disabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FILE ::
"c:\windows\nod32restoretemdono.reg"
"c:\windows\system32\Default\winlogon.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\nod32restoretemdono.reg

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EKRN
-------\Service_ekrn
-------\Service_EhttpSrv


((((((((((((((((((((((((( Soubory vytvořené od 2010-09-18 do 2010-10-18 )))))))))))))))))))))))))))))))
.

2010-10-16 20:55 . 2010-10-16 20:55 -------- d-----w- c:\program files\Common Files\Java
2010-10-16 20:23 . 2010-10-16 20:23 40344 ----a-w- c:\documents and settings\Philliboy\Data aplikací\FbxU.exe
2010-10-16 01:55 . 2010-09-14 23:01 718296 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2010-10-16 01:55 . 2010-09-14 23:01 14808 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2010-10-13 13:09 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 13:09 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 13:09 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-09-27 17:36 . 2009-07-14 15:14 150768 ----a-w- c:\documents and settings\Philliboy\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((( SnapShot@2010-10-17_09.58.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-18 19:28 . 2010-10-18 19:28 16384 c:\windows\temp\Perflib_Perfdata_42c.dat
+ 2010-01-24 08:58 . 2010-10-17 17:11 530436 c:\windows\system32\Restore\rstrlog.dat
+ 2010-10-17 16:54 . 2010-10-17 16:54 3376640 c:\windows\Installer\58538.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-10-18 2735200]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 19:07 2735200 ----a-w- c:\program files\Vuze_Remote\tbVuz1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-10-18 2735200]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz1.dll" [2010-10-18 2735200]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"="c:\program files\PrtScr\PrtScr.exe" [2008-03-19 1375744]
"Centrum.cz Notifikátor"="c:\program files\NetCentrum\Notifikator\Notifikator.exe" [2010-05-18 606720]
"Google Update"="c:\documents and settings\Philliboy\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-11-02 133104]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 14477312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="nwiz.exe" [2009-01-15 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"mouseElf"="c:\progra~1\GAMING~1\MouseElf.EXE" [2005-07-15 208896]
"HD Tune"="c:\progra~1\HDTUNE~1\HDTune.exe" [2005-09-12 405504]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-27 185896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 2500552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Philliboy\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ATnotes.lnk - c:\program files\ATnotes\ATnotes.exe [2003-11-10 1069056]

c:\documents and settings\Philliboy\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ATnotes.lnk - c:\program files\ATnotes\ATnotes.exe [2003-11-10 1069056]

c:\documents and settings\Philliboy\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ATnotes.lnk - c:\program files\ATnotes\ATnotes.exe [2003-11-10 1069056]

c:\documents and settings\Philliboy\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ATnotes.lnk - c:\program files\ATnotes\ATnotes.exe [2003-11-10 1069056]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Philliboy^Nabídka Start^Programy^Po spuštění^TimeLeft.lnk]
path=c:\documents and settings\Philliboy\Nabídka Start\Programy\Po spuštění\TimeLeft.lnk
backup=c:\windows\pss\TimeLeft.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 10:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Centrum.cz Notifikátor]
2010-05-18 11:49 606720 ----a-w- c:\program files\NetCentrum\Notifikator\Notifikator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 ----a-w- c:\windows\system32\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 00:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\supertintin_skype]
2009-12-06 20:46 1043456 ----a-w- c:\program files\Supertintin for Skype\supertintin_skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-01-27 14:59 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Drive Manager]
2009-06-26 14:56 450560 ----a-w- c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\~ el Philloydo ~\\Programs\\DC++\\DCPlusPlus.exe"=
"d:\\~ el Philloydo ~\\Programs\\DC++ strong\\StrongDC.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [10.9.2010 23:40 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [10.9.2010 23:40 25240]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [26.6.2009 16:56 102400]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys --> c:\windows\system32\DRIVERS\avfwim.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [18.4.2010 10:56 7808]
S3 gHidUsbF;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidUsbF.sys [18.4.2010 10:56 12800]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.3.2010 21:56 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-10-18 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2010-03-08 15:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
FF - ProfilePath - c:\documents and settings\Philliboy\Data aplikací\Mozilla\Firefox\Profiles\qm1l15m6.profil\
FF - prefs.js: browser.startup.homepage - www.centrum.cz
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\DivXplayer\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: c:\program files\DivXplayer\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="AFF91DBDD2393E54F331286DA8031DA89FAEB0C66DC396C96D49B05E597FA1BA88C760E16347A00F829E82A9993CDA0208B50BD1431FC1996F49896FD6F48B5D974D6C4B3DBA1C2312EC1230E7A3BC5BA193284936F0A10104065A942350C8090F8F58DBD4CF9D6FA23BA0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA9C6AECB7A5D1407C038D530D6EB3452D2B699138BC585C758410BD59E2C5D4C0855DA5C4D56B8B45777553F6E6D19F4F01459E33A7BB008B706CFA6D85999C1D469ACD472E79CF0D04200F0D720134CC9EC1A4FB66C49372BE4407D665881CF025CE77B388AF6CFD41A923F5E91FD3A19B228936702A9E3AD8E6F3F3FE189B9E9B78CF8C6E3F468BD0615B77E76E1CB5B0CB2C2B69DD12C7D64D6A05D234BD12FBC7A4B4B0F67652DC2713CB2F4E89E54D1CD42941364C51F7DD22D40BD8383B45FF6407599C50589C17480FE28626688126FCC712B2CF6D7A223C36EC5134BA3C4AC7BFA05A9197A27538DE720C06AC38D736FC4A0131F35D4ED166C4600BA66CA28F414475087EECAA240765E9B8692B9998B0AA32AAB0446B82D47B97077AE7FDA797DCB1CCB16B95DC939DBAEA8494086D7BF582422D85BF2E18E9233396F281A27F66F93F366B4E12EC201D6557B7FBE5DE7575A1B8BB06AE3D6B43A4EE13A9FF3C685DEA098307246A6AE18A38408B07A892C47C23515553636FA971881628825B5D1CC8AAAD43540003898BE839F295F30D70B5936884AAE48B0860C0F0056588E104F7A5BFEB49AEBE225E5D840DD94674C69B1324448782E9762B30FA66EFC236EFCCE33BEDFAB0C6BA9ECAB16E471C5734CB68E322E128A642EAAC79D1AD6C70D8EF9F8D8889A06803C39E685B925DFA9BCE2F86F3FCE05C00DA3C760087D55846382BA46E5E604C391C737A0BA31D03CEC465ECF26D5C9CA48E3DC9F475C28DDFA82C833115FB3CD85288E33AD6BB6F130857259EDA10810CB441D3D4E33A195FDA8B8008A29C529177C243AB8FCB4827C5A2D47878073982AB2DED2F796A62035B5E4C1B13D705568FC7267E6E3F018708E49874715C35C183040A87FED1EE20D81E8C0CF68EDC440F3B62028F117D4CA04C53C655635496DD0A0C0877475361AF526F88CCB7B5E8AC0737D51CDD44BEF2FE4BBFE8F073E283FA34E95BB9EE99091421C79DAD9FCD5D76E4C96705D846597309213DFFB9369B831B892250CBECA66A58D075FCFF0D4BFB29015A767FB5A59EFFC86385D8E740E779BCAE939EC46997F668B7626FB5E930EFD4C942DA19E2636EE22E175EE33A3E3C57195201BA567BD724210ABD4ED8212FDA02FEC5923C0548E93F494E433752D3C9B08426B2E9D1833C7F1B1A8A151152FD6BE6B"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(504)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL

- - - - - - - > 'lsass.exe'(564)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(3580)
c:\windows\system32\guard32.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\MPR.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\Philliboy\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\oodag.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-10-18 21:32:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-18 19:32

Před spuštěním: 3 203 059 712
Po spuštění: 3 152 785 408

- - End Of File - - 4EC479D1ECC5BC33BE2EA01E153B1133

4 položky smazány, zbytek logu vypadá čistý. Nastala nějaká změna?

vypadá to teď líp ten počítač, můžu pro jistotu ještě jeden log? ten poslední je ze včerejška a probehly tu ještě ňejaký menší změny...

Lépe bude dát log z MBAM: http://www.malwarebytes.org/mbam.php (úplný sken). Není tak agresivní, jako CF.

tak mě to pár vcí přece jen našlo:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4883

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19.10.2010 22:46:23
mbam-log-2010-10-19 (22-46-23).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|F:\|G:\|)
Skenované objekty: 556550
Uplynulý čas: 1 hodina(y), 25 minuta(y), 39 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 9

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP287\A0090896.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP290\A0092660.exe (Trojan.Clicker) -> No action taken.
C:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP304\A0092997.exe (Trojan.Clicker) -> No action taken.
D:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP290\A0092621.exe (Joke.Winshoot) -> No action taken.
D:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP308\A0094306.exe (Malware.Packer.Gen) -> No action taken.
D:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP308\A0094307.exe (RiskWare.Tool.CK) -> No action taken.
D:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP308\A0094308.exe (Malware.Packer.Gen) -> No action taken.
D:\System Volume Information\_restore{1973B8A3-E41E-422B-8F4B-CA2F88E11485}\RP308\A0094309.exe (Malware.Packer.Gen) -> No action taken.
C:\Documents and Settings\Philliboy\Data aplikací\FbxU.exe (Trojan.Clicker) -> No action taken.


vše jsem vymazal...
Tak snad už to bude běžet jako za mlada:)
dekuju za pomoc.

Stále mi nabíhá na obrazovce Pc Tool,už jsem z toho neštastná děkuji za pomoc.Logfile of random's system information tool 1.08 (written by random/random)
Run by HP at 2010-10-20 08:57:18
Microsoft Windows 7 Home Premium
System drive C: has 201 GB (69%) free of 292 GB
Total RAM: 3999 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:57:29, on 20.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\firefox.exe
C:\Program Files (x86)\TrojanHunter 5.3\TrojanHunter.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\plugin-container.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\HP\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.1.27.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKLM\..\Run: [THGuard] "C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.1.27.dll/206 (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16406 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RMSchedule.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.1.27.dll [2010-01-28 671480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
XfireXO Toolbar - C:\Program Files (x86)\XfireXO\tbXfir.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-29 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-08-28 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
kikin Plugin - C:\Program Files (x86)\kikin\ie_kikin.dll [2010-06-24 782568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - XfireXO Toolbar - C:\Program Files (x86)\XfireXO\tbXfir.dll [2010-06-13 2734688]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2009-08-05 468264]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-08-28 148888]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-08-05 104408]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"ISTray"=C:\Program Files (x86)\PC Tools Security\pctsGui.exe [2010-09-23 1588184]
"THGuard"=C:\Program Files (x86)\TrojanHunter 5.3\THGuard.exe [2010-06-16 1070296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-15 39408]
"BitComet"=C:\Program Files (x86)\BitComet\BitComet.exe [2010-02-21 2969336]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-08-29 328568]
"ICQ"=C:\Program Files (x86)\ICQ7.2\ICQ.exe [2010-08-22 133432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files (x86)\Hamachi\hamachi.exe
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-20 08:53:54 ----D---- C:\Program Files (x86)\trend micro
2010-10-20 08:53:52 ----D---- C:\rsit
2010-10-18 13:42:48 ----A---- C:\Windows\reimage.ini
2010-10-18 13:42:29 ----D---- C:\rei
2010-10-18 13:42:28 ----D---- C:\Program Files (x86)\Reimage
2010-10-18 12:50:10 ----D---- C:\Users\HP\AppData\Roaming\TrojanHunter
2010-10-18 12:18:55 ----D---- C:\ProgramData\TrojanHunter
2010-10-18 12:18:51 ----R---- C:\Windows\SysWOW64\streamhlp.dll
2010-10-18 12:18:51 ----D---- C:\Program Files (x86)\TrojanHunter 5.3
2010-10-18 12:04:16 ----D---- C:\Users\HP\AppData\Roaming\PC Tools
2010-10-18 12:04:16 ----D---- C:\Program Files (x86)\PC Tools Security
2010-10-18 11:59:39 ----D---- C:\ProgramData\PC Tools
2010-10-18 08:35:26 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2010-10-18 08:35:25 ----D---- C:\ProgramData\Alwil Software
2010-10-17 04:37:25 ----D---- C:\ProgramData\Recovery
2010-10-16 20:30:29 ----HD---- C:\$AVG
2010-10-16 19:59:22 ----D---- C:\ProgramData\avg9
2010-10-16 19:59:22 ----D---- C:\Program Files (x86)\AVG
2010-10-16 19:51:54 ----A---- C:\Windows\ntbtlog.txt
2010-10-15 06:37:44 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-10-15 06:37:41 ----A---- C:\Windows\SysWOW64\ole32.dll
2010-10-15 06:37:39 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2010-10-15 06:37:37 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-10-15 06:37:35 ----A---- C:\Windows\SysWOW64\comctl32.dll
2010-10-15 06:37:32 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2010-10-15 06:37:31 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2010-10-15 06:37:31 ----A---- C:\Windows\SysWOW64\mfc40.dll
2010-10-15 06:37:27 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-10-15 06:37:25 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-10-15 06:37:23 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-10-15 06:37:23 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-10-15 06:37:23 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-10-15 06:37:22 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-10-15 06:37:22 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-10-15 06:37:22 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-10-15 06:37:22 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-10-15 06:37:21 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-10-15 06:37:17 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-10-15 06:37:16 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-10-15 06:37:15 ----A---- C:\Windows\SysWOW64\sscore.dll
2010-10-10 10:00:27 ----D---- C:\.jagex_cache_32
2010-10-04 19:33:05 ----D---- C:\Users\HP\AppData\Roaming\Registry Mechanic
2010-10-04 19:16:18 ----A---- C:\Windows\SysWOW64\msxml.dll
2010-10-04 19:16:09 ----D---- C:\Program Files (x86)\Common Files\PC Tools
2010-10-04 19:16:08 ----D---- C:\Program Files (x86)\Registry Mechanic
2010-10-04 19:14:24 ----D---- C:\Windows\SysWOW64\Adobe
2010-10-02 12:07:41 ----D---- C:\Users\HP\AppData\Roaming\funkitron
2010-09-30 15:35:44 ----RD---- C:\Program Files (x86)\Skype
2010-09-29 12:21:43 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-09-22 18:25:23 ----D---- C:\Users\HP\AppData\Roaming\Hamachi
2010-09-22 18:25:03 ----D---- C:\Program Files (x86)\Hamachi
2010-09-22 17:58:57 ----A---- C:\Windows\War3Unin.pif
2010-09-22 17:58:57 ----A---- C:\Windows\War3Unin.exe
2010-09-22 17:58:03 ----D---- C:\Program Files (x86)\Warcraft III
2010-09-22 17:10:28 ----D---- C:\games
2010-09-22 17:08:18 ----D---- C:\Users\HP\AppData\Roaming\GHISLER
2010-09-22 17:08:18 ----D---- C:\totalcmd
2010-09-22 17:08:18 ----A---- C:\Windows\UC.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\RAR.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\PKZIP.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\PKUNZIP.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\NOCLOSE.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\LHA.PIF
2010-09-22 17:08:18 ----A---- C:\Windows\ARJ.PIF

======List of files/folders modified in the last 1 months======

2010-10-20 08:57:28 ----D---- C:\Windows\Temp
2010-10-20 08:53:54 ----RD---- C:\Program Files (x86)
2010-10-20 08:51:08 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2010-10-20 08:41:23 ----A---- C:\ProgramData\HPWALog.txt
2010-10-20 07:56:23 ----AD---- C:\ProgramData\Temp
2010-10-20 07:32:30 ----SHD---- C:\System Volume Information
2010-10-20 07:22:50 ----D---- C:\Users\HP\AppData\Roaming\BitComet
2010-10-20 07:21:33 ----HD---- C:\ProgramData
2010-10-20 07:20:45 ----A---- C:\ProgramData\hpqp.ini
2010-10-18 13:42:48 ----D---- C:\Windows
2010-10-18 13:12:56 ----D---- C:\Program Files (x86)\Common Files
2010-10-18 12:18:51 ----D---- C:\Windows\SysWOW64
2010-10-18 10:42:01 ----SD---- C:\ProgramData\Microsoft
2010-10-18 10:27:37 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2010-10-18 08:43:57 ----D---- C:\Windows\SysWOW64\drivers
2010-10-18 08:43:57 ----D---- C:\Windows\System32
2010-10-18 08:35:25 ----RD---- C:\Program Files
2010-10-16 20:30:29 ----D---- C:\Program Files (x86)\Easy Photo Frame
2010-10-16 20:09:21 ----D---- C:\Windows\winsxs
2010-10-16 19:59:22 ----SHD---- C:\Windows\Installer
2010-10-16 19:59:15 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-10-16 19:57:25 ----D---- C:\ProgramData\Norton
2010-10-16 19:57:23 ----D---- C:\Windows\Tasks
2010-10-16 16:49:07 ----D---- C:\Windows\Logs
2010-10-16 16:27:04 ----D---- C:\Program Files (x86)\NortonInstaller
2010-10-16 16:24:44 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2010-10-16 14:54:54 ----D---- C:\ProgramData\Xfire
2010-10-16 14:54:54 ----D---- C:\Program Files (x86)\Xfire
2010-10-16 14:54:00 ----D---- C:\Windows\SysWOW64\migration
2010-10-16 14:54:00 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-16 14:54:00 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-16 14:53:59 ----D---- C:\Windows\inf
2010-10-16 10:37:36 ----D---- C:\Users\HP\AppData\Roaming\Xfire
2010-10-16 10:37:17 ----D---- C:\ProgramData\Microsoft Help
2010-10-15 23:58:25 ----D---- C:\Users\HP\AppData\Roaming\ICQ
2010-10-10 20:05:31 ----D---- C:\Windows\SysWOW64\Macromed
2010-10-10 08:36:39 ----D---- C:\Windows\Prefetch
2010-10-04 15:13:04 ----D---- C:\Downloads
2010-10-04 13:25:22 ----RD---- C:\Users
2010-10-02 20:24:14 ----D---- C:\Windows\Microsoft.NET
2010-10-02 20:24:09 ----RSD---- C:\Windows\assembly
2010-10-02 12:42:09 ----D---- C:\ProgramData\WildTangent
2010-09-30 21:30:36 ----D---- C:\ProgramData\Enkord
2010-09-30 17:04:35 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-09-30 15:35:44 ----D---- C:\ProgramData\Skype
2010-09-30 14:25:39 ----D---- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4
2010-09-30 11:13:20 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-09-28 08:51:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys []
R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 X6va001;X6va001; \??\C:\Users\HP\AppData\Local\Temp\001F50F.tmp []
S3 X6va002;X6va002; \??\C:\Users\HP\AppData\Local\Temp\002DA55.tmp []
S3 X6va003;X6va003; \??\C:\Users\HP\AppData\Local\Temp\00396CA.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-09 124928]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R2 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2010-08-30 1145816]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-15 135664]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-07-28 246520]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-15 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

2Philloy: Nemáte zač!
2vikina30: založte si, prosím, vlastní topic. Děkujeme.