Prosím pomoc asi sem nainstaloval virus

[Overlad]

Dobrý den mám dojem že jsem nainstaloval virus.Instalační soubor zmizel v tu chvíli se mi vyply všechny programu.Kupodivu je zatím vše v naprostém pořádku...

tady máte log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2010-12-02 20:05:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (46%) free of 55 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:39, on 2.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\Philips\GoGear Mix Device Manager\main.exe
C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Hqipya.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\pc\Plocha\RSIT.exe
C:\DOCUME~1\pc\LOCALS~1\Temp\Hxx.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,D:\Nová složka (3)\L4D2DEMO\CRACK\UnDead.Injector.exe
O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: FCTBPos00Pos - {180E37B8-072D-48E4-800D-F353EE800672} - C:\Program Files\myYearbook Toolbar\Toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll
O2 - BHO: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll
O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll
O3 - Toolbar: myYearbook Toolbar - {B05CABA4-89F3-410B-8471-6BC0EDC8C91F} - C:\Program Files\myYearbook Toolbar\Toolbar.dll
O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Funneopets] C:\WINDOWS\system32\Funneopets.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\pc\LOCALS~1\Temp\Hxx.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: Philips Device Manager.lnk = C:\Program Files\Philips\GoGear Mix Device Manager\main.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\pc\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\pc\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\pc\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F7FE813-5F4A-4884-9BAD-DD1B4D363811}: NameServer = 10.0.0.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Turbine Message Service - Live (LiveTurbineMessageService) - Unknown owner - D:\Turbine Download Manager\TurbineMessageService.exe (file missing)
O23 - Service: Turbine Network Service - Live (LiveTurbineNetworkService) - Unknown owner - D:\Turbine Download Manager\TurbineNetworkService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe

--
End of file - 11483 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1993962763-527237240-1801674531-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1993962763-527237240-1801674531-1004.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{180E37B8-072D-48E4-800D-F353EE800672}]
myYearbook Toolbar BHO - C:\Program Files\myYearbook Toolbar\Toolbar.dll [2010-08-23 1499136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll [2010-08-26 2736736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
IMVU Inc Toolbar - C:\Program Files\IMVU_Inc\tbIMVU.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
Burn4Free Toolbar Helper - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2010-01-21 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - Burn4Free Toolbar - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2010-01-21 815104]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\tbDVD1.dll [2010-08-26 2736736]
{B05CABA4-89F3-410B-8471-6BC0EDC8C91F} - myYearbook Toolbar - C:\Program Files\myYearbook Toolbar\Toolbar.dll [2010-08-23 1499136]
{90b49673-5506-483e-b92b-ca0265bd9ca8} - IMVU Inc Toolbar - C:\Program Files\IMVU_Inc\tbIMVU.dll [2010-06-13 2734688]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-10 3906656]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-01 1443072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-03 16876032]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2006-09-01 282624]
"Funneopets"=C:\WINDOWS\system32\Funneopets.exe [2009-09-23 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-04-14 3037696]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-05-28 95800]
"InstallIQUpdater"=C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe [2010-07-07 1008128]
"JP595IR86O"=C:\DOCUME~1\pc\LOCALS~1\Temp\Hxx.exe [2010-12-02 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Philips Device Manager.lnk - C:\Program Files\Philips\GoGear Mix Device Manager\main.exe

C:\Documents and Settings\pc\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-09-11 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\CrosuS\CrosuSApp.exe"="C:\Program Files\CrosuS\CrosuSApp.exe:*:Enabled:Crosus"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Turbine Download Manager\TurbineMessageService.exe"="D:\Turbine Download Manager\TurbineMessageService.exe:*:Enabled:TurbineMessageService"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Games-Masters.com\CABAL Online (Europe)\cabal.exe"="C:\Program Files\Games-Masters.com\CABAL Online (Europe)\cabal.exe:*:Enabled:CABAL"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Saints Row 2\SR2_pc.exe"="C:\Program Files\Saints Row 2\SR2_pc.exe:*:Enabled:SR2_pc"
"C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe"="C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine"
"D:\Nová složka (3)\L4D2DEMO\left4dead2.exe"="D:\Nová složka (3)\L4D2DEMO\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe"="C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe:LocalSubNet:Enabled:UltiDev Cassini Web Server for ASP.NET 2.0"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\myYearbook Toolbar\TroubleShooter.exe"="C:\Program Files\myYearbook Toolbar\TroubleShooter.exe:*:Enabled:myYearbook Toolbar (Helper)"
"C:\Program Files\myYearbook Toolbar\ToolbarUpdate.exe"="C:\Program Files\myYearbook Toolbar\ToolbarUpdate.exe:*:Enabled:myYearbook Toolbar (Update)"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-12-02 20:05:27 ----D---- C:\rsit
2010-12-02 20:05:27 ----D---- C:\Program Files\trend micro
2010-12-02 19:14:19 ----A---- C:\WINDOWS\Hqipya.exe
2010-12-02 19:14:14 ----A---- C:\WINDOWS\system32\sshnas21.dll
2010-11-29 16:41:38 ----D---- C:\Documents and Settings\pc\Data aplikací\Help
2010-11-29 07:38:18 ----D---- C:\Documents and Settings\pc\Data aplikací\Ubisoft
2010-11-29 07:38:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-11-25 20:37:07 ----A---- C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe
2010-11-25 20:37:06 ----D---- C:\Program Files\MyDefrag v4.3.1
2010-11-25 20:01:33 ----D---- C:\Program Files\RegCure
2010-11-25 20:01:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\RegCure
2010-11-25 19:57:07 ----D---- C:\Program Files\ToniArts
2010-11-25 19:03:12 ----D---- C:\Program Files\Crawler
2010-11-25 13:45:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-23 19:05:11 ----D---- C:\Program Files\MSECache
2010-11-19 17:14:32 ----D---- C:\Program Files\ConduitEngine
2010-11-18 16:54:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-11-18 16:54:43 ----D---- C:\Program Files\IObit
2010-11-15 20:40:57 ----A---- C:\WINDOWS\system32\zlib1.dll
2010-11-15 20:19:20 ----D---- C:\Program Files\Sid Meier's Civilization V
2010-11-14 18:20:36 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-11-14 18:20:26 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-11-14 18:20:26 ----A---- C:\WINDOWS\system32\drivers\BthEnum.sys
2010-11-14 18:20:25 ----A---- C:\WINDOWS\system32\wshirda.dll
2010-11-14 18:20:25 ----A---- C:\WINDOWS\system32\irmon.dll
2010-11-14 18:20:25 ----A---- C:\WINDOWS\system32\irftp.exe
2010-11-14 18:20:17 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2010-11-14 09:14:33 ----D---- C:\Documents and Settings\pc\Data aplikací\Tunngle
2010-11-14 09:14:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tunngle
2010-11-14 09:14:29 ----A---- C:\WINDOWS\system32\drivers\tap0901t.sys
2010-11-13 18:44:12 ----D---- C:\Program Files\ATI Stream
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-11-13 18:37:05 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-11-13 18:36:32 ----D---- C:\Program Files\ATI
2010-11-13 16:26:10 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-11-13 16:26:10 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-11-13 16:26:09 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-11-13 16:26:09 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-11-13 16:26:08 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-11-13 16:26:07 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-11-13 16:26:07 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-11-13 16:26:06 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-11-10 07:15:56 ----D---- C:\Documents and Settings\pc\Data aplikací\GrabPro
2010-11-10 07:14:31 ----D---- C:\Program Files\Zrychleni Pocitace
2010-11-10 07:13:55 ----D---- C:\Documents and Settings\pc\Data aplikací\ProgSense
2010-11-10 07:13:41 ----D---- C:\Documents and Settings\pc\Data aplikací\OpenCandy
2010-11-10 07:13:37 ----D---- C:\Documents and Settings\pc\Data aplikací\Orbit
2010-11-08 14:14:11 ----D---- C:\Program Files\Visual Basic 6.0 Runtime&Steuerelemente
2010-11-08 14:14:00 ----N---- C:\WINDOWS\Setup1.exe
2010-11-08 14:13:59 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-11-08 13:31:46 ----D---- C:\Program Files\Activision
2010-11-05 22:10:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Caphyon
2010-11-05 22:10:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Key Metric Software

======List of files/folders modified in the last 1 months======

2010-12-02 20:05:28 ----D---- C:\WINDOWS\Temp
2010-12-02 20:05:27 ----RD---- C:\Program Files
2010-12-02 20:03:29 ----SD---- C:\WINDOWS\Tasks
2010-12-02 20:03:06 ----D---- C:\WINDOWS\Prefetch
2010-12-02 19:29:00 ----D---- C:\Documents and Settings\pc\Data aplikací\PriceGong
2010-12-02 19:17:12 ----D---- C:\WINDOWS\system32
2010-12-02 19:17:12 ----D---- C:\Program Files\Common Files
2010-12-02 19:15:14 ----D---- C:\WINDOWS
2010-12-02 07:43:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-29 21:29:00 ----D---- C:\WINDOWS\system32\config
2010-11-29 17:35:48 ----D---- C:\Program Files\Ubisoft
2010-11-29 17:35:40 ----SHD---- C:\WINDOWS\Installer
2010-11-29 17:35:26 ----D---- C:\WINDOWS\system32\DirectX
2010-11-29 17:35:25 ----HD---- C:\WINDOWS\inf
2010-11-29 17:34:49 ----RSD---- C:\WINDOWS\assembly
2010-11-29 17:27:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-29 17:21:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-29 17:02:22 ----D---- C:\Program Files\Spyware Terminator
2010-11-29 16:41:38 ----D---- C:\Program Files\WinRAR
2010-11-29 16:31:09 ----D---- C:\WINDOWS\Media
2010-11-29 14:31:32 ----D---- C:\Documents and Settings\pc\Data aplikací\Spyware Terminator
2010-11-25 23:17:03 ----D---- C:\WINDOWS\pchealth
2010-11-25 17:52:19 ----D---- C:\Program Files\EA Games
2010-11-25 13:52:43 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-25 13:52:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-25 13:52:11 ----D---- C:\Program Files\Common Files\System
2010-11-25 13:52:11 ----A---- C:\WINDOWS\win.ini
2010-11-25 13:51:22 ----D---- C:\Program Files\Microsoft.NET
2010-11-25 13:51:20 ----RSD---- C:\WINDOWS\Fonts
2010-11-25 13:51:15 ----D---- C:\WINDOWS\system32\wbem
2010-11-25 13:51:11 ----D---- C:\Program Files\MSBuild
2010-11-25 13:49:22 ----D---- C:\WINDOWS\WinSxS
2010-11-23 19:08:55 ----SD---- C:\Documents and Settings\pc\Data aplikací\Microsoft
2010-11-15 20:47:13 ----D---- C:\WINDOWS\system
2010-11-14 22:10:23 ----D---- C:\WINDOWS\security
2010-11-14 19:33:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-14 18:20:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-14 18:20:36 ----D---- C:\WINDOWS\system32\drivers
2010-11-14 17:52:57 ----D---- C:\WINDOWS\Cursors
2010-11-14 09:10:33 ----D---- C:\WINDOWS\Minidump
2010-11-13 18:45:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-13 18:37:05 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-13 18:37:02 ----D---- C:\Program Files\ATI Technologies
2010-11-13 16:25:07 ----D---- C:\WINDOWS\Logs
2010-11-13 16:10:22 ----D---- C:\WINDOWS\Debug
2010-11-10 22:28:13 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-09 07:41:24 ----D---- C:\Program Files\Mozilla Firefox
2010-11-08 06:59:19 ----D---- C:\Program Files\Electronic Arts
2010-11-05 22:10:41 ----D---- C:\Program Files\Key Metric Software
2010-11-05 22:06:30 ----D---- C:\Documents and Settings\pc\Data aplikací\Key Metric Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-01 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-01 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-03-01 54280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-03-01 71176]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-09-11 5417472]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-03-01 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 az82docp;az82docp; C:\WINDOWS\system32\drivers\az82docp.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ddxgb;ddxgb; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\ddxgb.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WsAudioDevice_383;WsAudioDevice_383; C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-09-11 606208]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-30 66872]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-14 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0; C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2007-02-07 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-05 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveTurbineMessageService;Turbine Message Service - Live; D:\Turbine Download Manager\TurbineMessageService.exe []
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-01 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveTurbineNetworkService;Turbine Network Service - Live; D:\Turbine Download Manager\TurbineNetworkService.exe []
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-05-03 3658096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Roli]

Zdravím, no šmejdy tam máš.

Tohle fixni v HJT :

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,D:\Nová složka (3)\L4D2DEMO\CRACK\UnDead.Injector.exe
O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Funneopets] C:\WINDOWS\system32\Funneopets.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\pc\LOCALS~1\Temp\Hxx.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Nero BackItUp Scheduler 4.0

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

[Overlad]

prominte ale log obsahuje 235458 znaků a povoleno je pouze 60000

[Roli]

To se nic neděje nahraj ho třeba TADY a sem mi dej link na stažení.

[Overlad]

http://leteckaposta.cz/332783961

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
C:\WINDOWS\Hqipya.exe
C:\DOCUME~1\pc\LOCALS~1\Temp\Hxx.exe
C:\DOCUME~1\pc\LOCALS~1\Temp\ddxgb.sys

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"JP595IR86O"=-

Driver::
ddxgb

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci