Prosím o kontrolu logu, děkuji

[mkubajs]

Dobrý den,
chtěl bych vás poprosit o kontrolu logu. Mám jen otravující problém když jsem nainstaloval free verzi avg2011, tak mi pc po každém spuštění říká že nelze najít knihovnu msvcr80.dll, odkliknu to a je to ok, otravuje to

Děkuji.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubajs at 2011-05-15 18:54:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (5%) free of 191 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:54:57, on 15.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS1\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsvx.exe
C:\WINDOWS1\system32\winlogon.exe
C:\WINDOWS1\system32\services.exe
C:\WINDOWS1\system32\lsass.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\Explorer.EXE
C:\WINDOWS1\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS1\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS1\system32\CTHELPER.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS1\system32\rundll32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS1\system32\CTsvcCDA.exe
C:\WINDOWS1\system32\ctfmon.exe
C:\PROGRA~2\MICROS~4\rapimgr.exe
C:\WINDOWS1\system32\FsUsbExService.Exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\WINDOWS1\system32\nvsvc32.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS1\system32\svchost.exe
C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe
C:\WINDOWS1\system32\MsPMSPSv.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS1\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\WINDOWS1\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\PROGRA~2\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcmd 7.04\TOTALCMD.EXE
c:\DC\RSIT(1).exe
C:\Program Files\trend micro\Kubajs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS1\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS1\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS1\UpdReg.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS1\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [TViXNetShare] C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS1\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8041D8AF-9966-4517-B07D-5FE650DF7723}: NameServer = 10.11.0.251,10.11.1.101
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS1\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS1\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS1\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS1\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c98f8165f2db53) (gupdate1c98f8165f2db53) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KMService - Unknown owner - C:\WINDOWS1\system32\srvany.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS1\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Transoft Solutions License Server V1.6 - Unknown owner - C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS1\system32\ZoneLabs\vsmon.exe

--
End of file - 14316 bytes

======Scheduled tasks folder======

C:\WINDOWS1\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS1\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-05-05 2257760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-04-22 2495816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-04-22 2495816]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS1\system32\NvCpl.dll [2005-07-20 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS1\system32\NvMcTray.dll [2005-07-20 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-09-17 57344]
"CTDVDDET"=C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE [2003-06-18 45056]
"CTHelper"=C:\WINDOWS1\system32\CTHELPER.EXE [2003-10-06 24576]
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"UpdReg"=C:\WINDOWS1\UpdReg.EXE [2000-05-11 90112]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"Acronis True Image Monitor"=C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2008-05-22 475990]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-05-22 65536]
"NeroFilterCheck"=C:\WINDOWS1\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2007-08-07 200704]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]
"NPSStartup"= []
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteCenter"=C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [2003-10-08 139264]
"Start WingMan Profiler"= []
"TViXNetShare"=C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe [2008-02-14 858624]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-12-22 106952]
"ctfmon.exe"=C:\WINDOWS1\system32\ctfmon.exe [2008-04-14 15360]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]

C:\Documents and Settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
BTTray.lnk - C:\Program Files\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Kubajs\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS1\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe"="C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe:*:Enabled:TViXNetShare"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS1\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS1\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG10\avgemcx.exe"="C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS1\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-05-09 21:31:46 ----A---- C:\WINDOWS1\system32\roboot.exe
2011-05-09 21:31:39 ----A---- C:\WINDOWS1\system32\msvcr80.dll
2011-05-08 16:59:29 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\AVG10
2011-05-08 16:38:38 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\AVG Security Toolbar
2011-05-08 16:37:39 ----D---- C:\WINDOWS1\system32\drivers\AVG
2011-05-08 16:37:39 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\AVG10
2011-05-08 15:58:28 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\MFAData
2011-04-25 18:54:17 ----A---- C:\WINDOWS1\unvise32.exe
2011-04-25 17:58:18 ----A---- C:\WINDOWS1\Sof2.INI
2011-04-25 15:26:44 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2011-05-15 18:54:57 ----D---- C:\WINDOWS1\Prefetch
2011-05-15 18:54:57 ----D---- C:\WINDOWS1\Internet Logs
2011-05-15 18:54:54 ----D---- C:\Program Files\trend micro
2011-05-15 18:54:45 ----A---- C:\WINDOWS1\wincmd.ini
2011-05-15 18:54:35 ----D---- C:\DC
2011-05-15 18:29:42 ----D---- C:\WINDOWS1\Temp
2011-05-15 18:29:33 ----D---- C:\WINDOWS1\system32
2011-05-15 18:28:35 ----D---- C:\WINDOWS1
2011-05-15 18:27:49 ----D---- C:\WINDOWS1\system32\CatRoot2
2011-05-15 14:39:25 ----A---- C:\WINDOWS1\SchedLgU.Txt
2011-05-13 14:44:18 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\Winamp
2011-05-12 20:16:57 ----SHD---- C:\WINDOWS1\Installer
2011-05-12 20:14:35 ----RSHDC---- C:\WINDOWS1\system32\dllcache
2011-05-12 20:08:53 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\Spybot - Search & Destroy
2011-05-11 18:04:24 ----D---- C:\WINDOWS1\system32\drivers
2011-05-11 18:04:23 ----HD---- C:\WINDOWS1\inf
2011-05-10 21:42:47 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\uTorrent
2011-05-09 22:50:20 ----D---- C:\Dokumenty
2011-05-09 21:49:31 ----SD---- C:\WINDOWS1\Tasks
2011-05-09 21:49:29 ----RD---- C:\Program Files
2011-05-09 21:20:10 ----D---- C:\WINDOWS1\PeerNet
2011-05-08 16:03:49 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\avg9
2011-05-08 16:02:53 ----SD---- C:\Documents and Settings\Kubajs\Data aplikací\Microsoft
2011-05-08 16:01:50 ----D---- C:\Program Files\AVG
2011-05-08 16:00:35 ----D---- C:\WINDOWS1\WinSxS
2011-05-05 07:03:16 ----A---- C:\WINDOWS1\SBWIN.INI
2011-05-05 07:02:26 ----D---- C:\Zvuk
2011-05-02 17:21:42 ----D---- C:\Program Files\Mozilla Firefox
2011-05-01 18:13:09 ----A---- C:\WINDOWS1\CTWave32.ini
2011-04-27 20:30:46 ----A---- C:\WINDOWS1\wcx_ftp.ini
2011-04-27 19:50:37 ----D---- C:\WINDOWS1\system32\drivers\UMDF
2011-04-26 20:10:36 ----A---- C:\WINDOWS1\system32\PerfStringBackup.INI
2011-04-25 19:02:45 ----D---- C:\Games
2011-04-25 17:52:00 ----D---- C:\Program Files\EA GAMES
2011-04-25 17:42:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-25 15:40:58 ----D---- C:\I N S T A L L
2011-04-25 15:31:27 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\Media Player Classic
2011-04-25 15:30:57 ----D---- C:\WINDOWS1\Minidump
2011-04-25 15:30:57 ----D---- C:\WINDOWS1\Debug
2011-04-25 15:20:41 ----HDC---- C:\WINDOWS1\$NtUninstallWudf01009$
2011-04-25 15:20:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS1\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS1\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS1\system32\drivers\btkrnl.sys [2003-10-15 1257418]
R0 d347bus;d347bus; C:\WINDOWS1\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS1\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS1\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 giveio;giveio; C:\WINDOWS1\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS1\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS1\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS1\system32\DRIVERS\snapman.sys [2008-05-22 78752]
R0 timounter;Acronis TrueImage Backup Archive Explorer; C:\WINDOWS1\system32\DRIVERS\timntr.sys [2008-05-22 202528]
R0 videX32;videX32; C:\WINDOWS1\system32\DRIVERS\videX32.sys [2009-05-05 13976]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS1\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Asapi;Asapi; C:\WINDOWS1\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS1\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS1\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS1\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS1\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS1\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 StarOpen;StarOpen; C:\WINDOWS1\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 vsdatant;vsdatant; C:\WINDOWS1\System32\vsdatant.sys [2010-05-13 532224]
R2 ASPI32;ASPI32; C:\WINDOWS1\system32\drivers\ASPI32.sys [2002-07-17 16877]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS1\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS1\system32\drivers\btslbcsp.sys []
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 PfDetNT;PfDetNT; \??\C:\WINDOWS1\system32\drivers\PfModNT.sys []
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS1\system32\DRIVERS\tifsfilt.sys [2008-05-22 28064]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS1\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS1\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS1\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS1\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS1\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 27216]
R3 btaudio;Bluetooth Audio; C:\WINDOWS1\system32\drivers\btaudio.sys [2003-10-15 21861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS1\system32\DRIVERS\btport.sys [2003-10-15 30235]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS1\system32\DRIVERS\btwdndis.sys [2003-10-15 146812]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS1\system32\drivers\ctac32k.sys [2003-11-05 645392]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS1\system32\drivers\ctaud2k.sys [2003-11-19 366160]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS1\system32\drivers\ctprxy2k.sys [2003-10-08 6096]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS1\system32\drivers\ctsfm2k.sys [2003-10-08 130288]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS1\system32\drivers\emupia2k.sys [2003-10-13 145488]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS1\system32\FsUsbExDisk.SYS []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS1\system32\drivers\ha10kx2k.sys [2003-10-21 904496]
R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS1\system32\drivers\hap16v2k.sys [2003-10-21 148432]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS1\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS1\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS1\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS1\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS1\system32\drivers\ctoss2k.sys [2003-10-08 178672]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS1\System32\Drivers\Pcouffin.sys [2010-07-29 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS1\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS1\system32\DRIVERS\Rtlnicxp.sys [2004-10-15 71168]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS1\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS1\System32\Drivers\vulfntr.sys [2005-06-06 11264]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS1\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS1\system32\drivers\WmFilter.sys [2009-09-11 35592]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS1\system32\drivers\WmHidLo.sys [2009-09-11 31752]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS1\system32\drivers\WmVirHid.sys [2009-09-11 14984]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS1\system32\drivers\WmXlCore.sys [2009-09-11 66056]
R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS1\system32\drivers\mbamswissarmy.sys []
S0 srescan;srescan; C:\WINDOWS1\system32\ZoneLabs\srescan.sys []
S2 HPFECP13;HPFECP13; C:\WINDOWS1\System32\drivers\HPFECP13.SYS [1998-09-25 52800]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS1\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS1\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS1\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS1\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btwhid;btwhid; C:\WINDOWS1\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;USB Bluetooth Driver; C:\WINDOWS1\System32\Drivers\btwusb.sys [2003-10-15 51848]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS1\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS1\system32\drivers\ctdvda2k.sys [2003-10-14 332800]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS1\system32\Drivers\DrvAgent32.sys []
S3 HCF_MSFT;HCF_MSFT; C:\WINDOWS1\system32\DRIVERS\HCF_MSFT.sys [2001-10-24 907456]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS1\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS1\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS1\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS1\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS1\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS1\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS1\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 RivaTunerEx;RivaTunerEx; \??\C:\Program Files\RivaTuner v2.0 RC 15.5\RivaTunerEx.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS1\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS1\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS1\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS1\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS1\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS1\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS1\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS1\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS1\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS1\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS1\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 Wdf01000;Wdf01000; C:\WINDOWS1\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS1\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS1\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS1\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-05-22 114688]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-05 85096]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\Bluetooth Software\bin\btwdins.exe [2003-10-15 135168]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS1\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS1\system32\FsUsbExService.Exe [2009-12-22 238040]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MSSQL$TRANSOFT;SQL Server (TRANSOFT); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NVSvc;WinFast(R) Display Driver Service; C:\WINDOWS1\system32\nvsvc32.exe [2005-07-20 127043]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 Transoft Solutions License Server V1.6;Transoft Solutions License Server V1.6; C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe [2009-07-01 376832]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS1\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS1\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 gupdate1c98f8165f2db53;Google Update Service (gupdate1c98f8165f2db53); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S2 KMService;KMService; C:\WINDOWS1\system32\srvany.exe [2003-04-18 8192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-31 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS1\UpdReg.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS1\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

HJT najdeš zde :

C:\Program Files\trend micro\Kubajs.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar a hlavně

to AVG a pak PC ještě dočisti AVG Removerem


Po té nainstaluj normální antivir - Avast nebo Aviru.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat.

[mkubajs]

Dobrý den,

vše jsem dle návodu udělal a vkládám log z mbamu:
Zatím děkuji.... uvidíme co tam je, snad nic.


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6539

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

16.5.2011 10:44:08
mbam-log-2011-05-16 (10-44-08).txt

Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 374725
Uplynulý čas: 1 hodin, 42 minut, 59 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Roli]

Tady nic, ale použijeme větší kalibr tak že pozorně číst, protože tento softík netoleruje chyby.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[mkubajs]

Dobrý den,
nějak mi to nejde přes ten combofix...zapnul jsem to v nouzovém režimu, přihlásil jako administrátor a chtěl vypnout rezidentní štít u avastu, ale nešlo to vypnout (klikal jsem na zastavit a nereagovalo to), ještě jsem vypnul zonealarm. Když jsem zapnul znova nouzový režim tak jsem neviděl nikde aktivní ikonu avastu a zapnul jsem combofix, ale hned ho našel že je aktivní, a když mi to napsal znova že je to na moje riziko, že bude pokračovat, tak jsem to raději ukončil.

[mkubajs]

tak se mi nakonec povedlo

posílám

ComboFix 11-05-15.04 - Administrator 16.05.2011 19:16:08.3.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1765 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kubajs\WINDOWS
c:\documents and settings\mkubajs\WINDOWS
c:\windows1\daemon.dll
c:\windows1\system32\drivers\etc\lmhosts
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-16 do 2011-05-16 )))))))))))))))))))))))))))))))
.
.
2011-05-16 15:52 . 2011-05-16 15:52 -------- d-----w- c:\documents and settings\Administrator
2011-05-09 19:31 . 2011-03-25 16:03 15592 ----a-w- c:\windows1\system32\roboot.exe
2011-05-09 19:31 . 2011-03-25 03:35 626688 ----a-w- c:\windows1\system32\msvcr80.dll
2011-05-08 15:24 . 2011-05-08 15:24 -------- d-----w- c:\documents and settings\Kubajs\Local Settings\Data aplikací\AVG Security Toolbar
2011-05-08 14:59 . 2011-05-08 14:59 -------- d-----w- c:\documents and settings\Kubajs\Data aplikací\AVG10
2011-05-08 13:58 . 2011-05-16 06:30 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Data aplikací\MFAData
2011-04-25 16:54 . 1999-12-17 07:13 86016 ----a-w- c:\windows1\unvise32.exe
2011-04-25 13:26 . 2011-04-25 13:26 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-27 14:28 . 2011-03-31 17:48 23456 ----a-w- c:\windows1\system32\drivers\DrvAgent32.sys
2011-05-02 15:21 . 2011-03-28 19:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]
.
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2005-07-20 7110656]
"nwiz"="nwiz.exe" [2005-07-20 1519616]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2005-07-20 86016]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
"CTHelper"="CTHELPER.EXE" [2003-10-06 24576]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"Acronis True Image Monitor"="c:\program files\Acronis\TrueImage\TrueImageMonitor.exe" [2008-05-22 475990]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-05-22 65536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
c:\documents and settings\All Users.WINDOWS1\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872]
BTTray.lnk - c:\program files\Bluetooth Software\BTTray.exe [2003-10-15 503869]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\DVICO\\TViXNetShare\\TViXNetShare.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\WINDOWS1\\system32\\ZoneLabs\\vsmon.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 d347prt;d347prt;c:\windows1\system32\drivers\d347prt.sys [21.5.2008 19:15 5248]
R1 Asapi;Asapi;c:\windows1\system32\drivers\asapi.sys [28.9.2009 22:43 11264]
S0 d347bus;d347bus;c:\windows1\system32\drivers\d347bus.sys [21.5.2008 19:15 155136]
S1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [16.5.2011 8:44 441176]
S1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [16.5.2011 8:44 307928]
S2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [16.5.2011 8:44 19544]
S2 FsUsbExService;FsUsbExService;c:\windows1\system32\FsUsbExService.Exe [14.1.2010 23:25 238040]
S2 gupdate1c98f8165f2db53;Google Update Service (gupdate1c98f8165f2db53);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 17:23 133104]
S2 HPFECP13;HPFECP13;c:\windows1\system32\drivers\HPFecp13.sys [25.9.1998 10:55 52800]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26.5.2010 15:35 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26.5.2010 15:35 493032]
S2 KMService;KMService;c:\windows1\system32\srvany.exe [8.2.2011 18:06 8192]
S2 MSSQL$TRANSOFT;SQL Server (TRANSOFT);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24.11.2008 22:31 29263712]
S2 PfDetNT;PfDetNT;c:\windows1\system32\drivers\PfModNT.sys [21.5.2008 17:47 15840]
S2 Transoft Solutions License Server V1.6;Transoft Solutions License Server V1.6;c:\program files\Transoft Solutions\License Server\TransoftLS.exe [1.7.2009 22:22 376832]
S3 DrvAgent32;DrvAgent32;c:\windows1\system32\drivers\DrvAgent32.sys [31.3.2011 19:48 23456]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows1\system32\FsUsbExDisk.Sys [14.1.2010 23:25 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 17:23 133104]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 11:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 RivaTunerEx;RivaTunerEx;c:\program files\RivaTuner v2.0 RC 15.5\RivaTunerEx.sys [6.5.2005 22:15 2560]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-16 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 15:23]
.
2011-05-16 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 15:23]
.
.
------- Doplňkový sken -------
.
TCP: {8041D8AF-9966-4517-B07D-5FE650DF7723} = 10.11.0.251,10.11.1.101
FF - ProfilePath - c:\documents and settings\Kubajs\Data aplikací\Mozilla\Firefox\Profiles\83mqmv3q.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-NPSStartup - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-16 19:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-05-16 19:26:37
ComboFix-quarantined-files.txt 2011-05-16 17:26
.
Před spuštěním: Volných bajtů: 10 802 843 648
Po spuštění: Volných bajtů: 10 938 740 736
.
- - End Of File - - 7DE0DBBC795116EBAE34149E3904937F

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\documents and settings\Kubajs\Local Settings\Data aplikací\AVG Security Toolbar
c:\documents and settings\Kubajs\Data aplikací\AVG10

FireFox::
FF - ProfilePath - c:\documents and settings\Kubajs\Data aplikací\Mozilla\Firefox\Profiles\83mqmv3q.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[mkubajs]

dobrý den,

tady je další výpis

ComboFix 11-05-15.04 - Administrator 17.05.2011 7:57.4.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1753 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kubajs\Data aplikací\AVG10
c:\documents and settings\Kubajs\Data aplikací\AVG10\cfgall\usergui.cfg
c:\documents and settings\Kubajs\Local Settings\Data aplikací\AVG Security Toolbar
c:\documents and settings\Kubajs\Local Settings\Data aplikací\AVG Security Toolbar\cache\overlay.xml
c:\windows1\system32\drivers\etc\lmhosts
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-17 do 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-16 20:00 . 2011-05-16 20:00 404640 ----a-w- c:\windows1\system32\FlashPlayerCPLApp.cpl
2011-05-16 19:42 . 2011-05-16 19:42 142592 ----a-w- c:\windows1\system32\drivers\sp_rsdrv2.sys
2011-05-16 19:42 . 2011-05-16 19:43 -------- d-----w- c:\documents and settings\Kubajs\Data aplikací\Spyware Terminator
2011-05-16 19:42 . 2011-05-16 19:51 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Data aplikací\Spyware Terminator
2011-05-16 19:42 . 2011-05-16 19:55 -------- d-----w- c:\program files\Spyware Terminator
2011-05-16 15:52 . 2011-05-16 15:52 -------- d-----w- c:\documents and settings\Administrator
2011-05-16 06:44 . 2011-05-10 12:03 307928 ----a-w- c:\windows1\system32\drivers\aswSP.sys
2011-05-16 06:44 . 2011-05-10 11:59 19544 ----a-w- c:\windows1\system32\drivers\aswFsBlk.sys
2011-05-16 06:44 . 2011-05-10 12:03 441176 ----a-w- c:\windows1\system32\drivers\aswSnx.sys
2011-05-16 06:44 . 2011-05-10 12:02 49240 ----a-w- c:\windows1\system32\drivers\aswTdi.sys
2011-05-16 06:44 . 2011-05-10 11:59 25432 ----a-w- c:\windows1\system32\drivers\aswRdr.sys
2011-05-16 06:44 . 2011-05-10 12:02 102616 ----a-w- c:\windows1\system32\drivers\aswmon2.sys
2011-05-16 06:44 . 2011-05-10 12:02 96344 ----a-w- c:\windows1\system32\drivers\aswmon.sys
2011-05-16 06:44 . 2011-05-10 11:59 30808 ----a-w- c:\windows1\system32\drivers\aavmker4.sys
2011-05-16 06:44 . 2011-05-10 12:10 40112 ----a-w- c:\windows1\avastSS.scr
2011-05-16 06:44 . 2011-05-10 12:10 199304 ----a-w- c:\windows1\system32\aswBoot.exe
2011-05-16 06:44 . 2011-05-16 06:44 -------- d-----w- c:\program files\AVAST Software
2011-05-16 06:44 . 2011-05-16 06:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Data aplikací\AVAST Software
2011-05-09 19:31 . 2011-03-25 16:03 15592 ----a-w- c:\windows1\system32\roboot.exe
2011-05-09 19:31 . 2011-03-25 03:35 626688 ----a-w- c:\windows1\system32\msvcr80.dll
2011-05-08 13:58 . 2011-05-16 06:30 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Data aplikací\MFAData
2011-04-25 16:54 . 1999-12-17 07:13 86016 ----a-w- c:\windows1\unvise32.exe
2011-04-25 13:26 . 2011-04-25 13:26 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-27 14:28 . 2011-03-31 17:48 23456 ----a-w- c:\windows1\system32\drivers\DrvAgent32.sys
2011-05-02 15:21 . 2011-03-28 19:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-16_17.24.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-16 20:00 . 2011-05-16 20:00 239776 c:\windows1\system32\Macromed\Flash\FlashUtil10q_Plugin.exe
+ 2010-01-27 01:07 . 2011-05-16 20:00 6271136 c:\windows1\system32\Macromed\Flash\NPSWF32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]
.
[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2005-07-20 7110656]
"nwiz"="nwiz.exe" [2005-07-20 1519616]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2005-07-20 86016]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
"CTHelper"="CTHELPER.EXE" [2003-10-06 24576]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"Acronis True Image Monitor"="c:\program files\Acronis\TrueImage\TrueImageMonitor.exe" [2008-05-22 475990]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-05-22 65536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
c:\documents and settings\All Users.WINDOWS1\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872]
BTTray.lnk - c:\program files\Bluetooth Software\BTTray.exe [2003-10-15 503869]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\DVICO\\TViXNetShare\\TViXNetShare.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\WINDOWS1\\system32\\ZoneLabs\\vsmon.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 Asapi;Asapi;c:\windows1\system32\drivers\asapi.sys [28.9.2009 22:43 11264]
S1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [16.5.2011 8:44 441176]
S1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [16.5.2011 8:44 307928]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows1\system32\drivers\sp_rsdrv2.sys [16.5.2011 21:42 142592]
S2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [16.5.2011 8:44 19544]
S2 FsUsbExService;FsUsbExService;c:\windows1\system32\FsUsbExService.Exe [14.1.2010 23:25 238040]
S2 gupdate1c98f8165f2db53;Google Update Service (gupdate1c98f8165f2db53);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 17:23 133104]
S2 HPFECP13;HPFECP13;c:\windows1\system32\drivers\HPFecp13.sys [25.9.1998 10:55 52800]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [26.5.2010 15:35 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [26.5.2010 15:35 493032]
S2 KMService;KMService;c:\windows1\system32\srvany.exe [8.2.2011 18:06 8192]
S2 MSSQL$TRANSOFT;SQL Server (TRANSOFT);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24.11.2008 22:31 29263712]
S2 PfDetNT;PfDetNT;c:\windows1\system32\drivers\PfModNT.sys [21.5.2008 17:47 15840]
S2 Transoft Solutions License Server V1.6;Transoft Solutions License Server V1.6;c:\program files\Transoft Solutions\License Server\TransoftLS.exe [1.7.2009 22:22 376832]
S3 DrvAgent32;DrvAgent32;c:\windows1\system32\drivers\DrvAgent32.sys [31.3.2011 19:48 23456]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows1\system32\FsUsbExDisk.Sys [14.1.2010 23:25 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 17:23 133104]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 11:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 RivaTunerEx;RivaTunerEx;c:\program files\RivaTuner v2.0 RC 15.5\RivaTunerEx.sys [6.5.2005 22:15 2560]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-17 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 15:23]
.
2011-05-16 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 15:23]
.
.
------- Doplňkový sken -------
.
TCP: {8041D8AF-9966-4517-B07D-5FE650DF7723} = 10.11.0.251,10.11.1.101
FF - ProfilePath -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-17 08:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-05-17 08:08:36
ComboFix-quarantined-files.txt 2011-05-17 06:08
ComboFix2.txt 2011-05-16 17:26
.
Před spuštěním: Volných bajtů: 10 776 272 896
Po spuštění: Volných bajtů: 10 769 711 104
.
- - End Of File - - A0DBEE91B7B310290A6615C504748A0E

[mkubajs]

možná jsem už trochu předbíhal...koukal jsem se na vaše popisy a tak jsem odinstaloval combofix a dal odstranit zbytky přes Tcleaner...
myslíte, že je tam ještě něco špatného?
Děkuji

[Roli]

možná jsem už trochu předbíhal...koukal jsem se na vaše popisy a tak jsem odinstaloval combofix a dal odstranit zbytky přes Tcleaner...
myslíte, že je tam ještě něco špatného?
Děkuji

To si šikula zrovna jsem to chtěl napsat

Ne nic špatného tam nevidím, tak mi písni jaký je stav PC.

[mkubajs]

Zdravím,
já nejsem šikula, koukám co vy a vaši kolegové dovedete , jste borci a borkyně.
Je to ok, ještě jednou díky moc za rady.
Mějte se.

[Roli]

Není zač a měj se

[mkubajs]

zdravim.pisu z mobilu. ted jsem po par dnech zapnul pc a kdyz nabiha win a ukazuje se plocha tak se po ni hned ukazala nabidka start a ostatni ikony na plose. me to trva hrozne dlouho nez se vse objevi. nema to souvislost s combofix...
vse jsem udelal a odinstaloval 17.5. a 18.5. jsem vam psal ze je vse v poradku, tak nevim

[mkubajs]

možná jsem už trochu předbíhal...koukal jsem se na vaše popisy a tak jsem odinstaloval combofix a dal odstranit zbytky přes Tcleaner...
myslíte, že je tam ještě něco špatného?
Děkuji

ale odinstaloval jsem to v normalnim rezimu ne v nouzovem a ten tcleaner jsem pouzil v normalnim rezimu.
ale i po tom vsem kdyz jsem pocitac restartoval vse fungovalo a i druhy den,ale po par dnech kdy jsem byl pryc to takto dlouze nabiha s pozadim a nez nabehne cela plocha s nabidkou start...
dekuji moc za radu

[mkubajs]

dobrý den,

tak to nebylo asi tím odinstalováním. Jak tady byla v minulém týdnu bouřka, tak mi to odpálilo router na půdě kvůli tomu to nabíhalo jen s pozadím tak dlouho.
tak se nezlobte za blbé dotazy