VIRY.CZ

Dobrý den
Manželka při stahování obrázku chytila Xp home security 2012. Tento nelze vypnout ani se dostat na web.
Toto provedla těsně před odjezdem na dovolenou.
Teď nade mnou stojí a pořád se ptá: "Už pojedeme?...."
Předem děkuju za jakoukoli radu.

Přikládám log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2011-07-17 12:26:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 178 GB (75%) free of 238 GB
Total RAM: 1535 MB (59% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5366673-E8CA-11D3-9CD9-0090271D075B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-07-15 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-07-15 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-02-26 491520]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - NetXfer - C:\Program Files\Xi\NetXfer\NXToolBar.dll [2006-09-25 57344]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-07-10 262144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-07-15 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\smax4.exe [2003-05-30 585728]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NetXfer"=C:\Program Files\Xi\NetXfer\NetTransport.exe [2007-04-04 1253376]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AutoPowerOn"=C:\Program Files\Auto Power-on\AutoPowerOn.exe [2009-12-03 2916352]
"TViXNetShare"=C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe [2009-12-03 883200]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-03-29 39408]
"1312660794"=C:\Documents and Settings\Pavel\Local Settings\Data aplikací\bkb.exe [2011-07-17 348160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax]
braviax.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet]
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\WINDOWS\system32\CTHELPER.EXE [2003-04-10 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
C:\Program Files\Executive Software\Diskeeper\DkIcon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
C:\Program Files\Messenger Plus! 3\MsgPlus.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\cs-cz\msnappau.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet]
C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2005-09-27 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-02-03 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
C:\Corel\GRAPHI~1\Programs\MFINDE~1.EXE [1998-01-12 83456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-02-20 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Net Activity Diagram.lnk]
C:\PROGRA~1\NETACT~1\nad.exe [2003-12-19 447492]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pavel^Nabídka Start^Programy^Po spuštění^ikowin32.exe]
C:\Documents and Settings\Pavel\Nabídka Start\Programy\Po spuštění\ikowin32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pavel^Nabídka Start^Programy^Po spuštění^Net Activity Diagram.lnk]
C:\PROGRA~1\NETACT~1\nad.exe [2003-12-19 447492]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pavel^Nabídka Start^Programy^Po spuštění^UCmore XP - The Search Accelerator.lnk]
C:\PROGRA~1\THESEA~1\UCMTSAIE.dll,DllShowTB []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SoundMAX Agent Service (default)"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\AirLive\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Pavel\Nabídka Start\Programy\Po spuštění
Net Activity Diagram.lnk - C:\Program Files\Net Activity Diagram\nad.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="winmm.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe"="C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable"
"C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe"="C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=IR32_32.DLL
"vidc.iv32"=IR32_32.DLL
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"midi"=wdmaud.drv
"vidc.iv41"=IR41_32.DLL
"msacm.iac2"=iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.voxacm160"=vct3216.acm
"VIDC.UYVY"=msyuv.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"mixer2"=wdmaud.drv
"mixer"=DrvTrNTm.dll
"wave3"=wdmaud.drv
"wave1"=wdmaud.drv
"wave"=DrvTrNTm.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll

======File associations======

.exe - open - "C:\Documents and Settings\Pavel\Local Settings\Data aplikací\bkb.exe" -a "%1" %*

======List of files/folders created in the last 1 month======

2011-07-17 12:25:05 ----D---- C:\rsit
2011-07-17 12:21:31 ----ASH---- C:\hiberfil.sys
2011-07-17 12:02:17 ----A---- C:\WINDOWS\ntbtlog.txt
2011-07-13 09:23:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 09:19:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-01 16:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$

======List of files/folders modified in the last 1 month======

2011-07-17 12:26:16 ----D---- C:\WINDOWS\Internet Logs
2011-07-17 12:25:04 ----D---- C:\WINDOWS\Prefetch
2011-07-17 12:24:42 ----D---- C:\WINDOWS\Temp
2011-07-17 12:21:49 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-17 12:02:17 ----D---- C:\WINDOWS
2011-07-17 11:27:20 ----A---- C:\WINDOWS\win.ini
2011-07-15 19:08:18 ----SHD---- C:\WINDOWS\Installer
2011-07-15 14:07:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-14 08:29:57 ----D---- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
2011-07-13 09:28:22 ----D---- C:\WINDOWS\system32
2011-07-13 09:23:32 ----HD---- C:\WINDOWS\inf
2011-07-13 09:23:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-13 09:19:15 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-13 09:19:11 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 09:18:15 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-12 23:00:20 ----D---- C:\Program Files\yBook
2011-07-06 09:08:37 ----D---- C:\Program Files\Balabolka
2011-07-01 23:34:26 ----D---- C:\WINDOWS\system32\config
2011-07-01 18:34:31 ----RSD---- C:\WINDOWS\assembly
2011-07-01 18:34:31 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-01 16:57:51 ----SHD---- C:\Config.Msi
2011-07-01 16:53:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-01 16:53:08 ----D---- C:\WINDOWS\WinSxS
2011-06-30 18:59:13 ----D---- C:\Documents and Settings\Pavel\Data aplikací\Adobe
2011-06-30 18:59:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-06-21 22:25:18 ----A---- C:\WINDOWS\NeroDigital.ini
2011-06-19 19:15:10 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2010-07-12 45648]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-07-06 158272]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-12-25 639224]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2010-07-06 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-07-06 581984]
R0 viaraid;viaraid; C:\WINDOWS\System32\DRIVERS\viaraid.sys [2003-05-20 70272]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2003-03-14 4228]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-26 271360]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-26 18048]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 SVKP;SVKP; \??\C:\WINDOWS\System32\SVKP.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-07-06 160288]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-02-20 19200]
R3 AsapiW2K;ASAPIW2K; C:\WINDOWS\system32\drivers\Asapiw2k.sys [2002-04-17 11264]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-09-26 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-09-26 862490]
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys [2003-07-17 147328]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 ltmodem5;DeskPorte 56K Internal L; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-09-12 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
R3 ProtoWall;ProtoWall Network Service; C:\WINDOWS\System32\DRIVERS\ProtoWall.sys [2004-05-01 31360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 uscbs108;uscbs108; C:\WINDOWS\system32\DRIVERS\uscbs108.sys [2003-03-09 8672]
R3 uscsc108;uscsc108; C:\WINDOWS\system32\DRIVERS\uscsc108.sys [2003-03-09 102336]
S0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
S0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys []
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2005-05-31 28160]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 arpxq7or;arpxq7or; C:\WINDOWS\system32\drivers\arpxq7or.sys []
S3 ATI Remote Wonder II;ATI Remote Wonder II; C:\WINDOWS\system32\drivers\ATIRWVD.SYS []
S3 atinevxx;ATI WDM Rage Theater Video NSP; C:\WINDOWS\system32\DRIVERS\atinevxx.sys [2005-02-01 165888]
S3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2004-08-03 105984]
S3 ATITUNEP;ATI WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\atineuxx.sys [2005-02-01 56320]
S3 ativraxx;ATI WDM Rage Theater Audio; C:\WINDOWS\System32\DRIVERS\atinraxx.sys [2005-02-01 55296]
S3 ATIXSAudio;ATI WDM TV Audio Crossbar; C:\WINDOWS\system32\DRIVERS\atinesxx.sys [2005-02-01 74240]
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\WINDOWS\System32\Drivers\AVerAF35.sys [2010-04-02 642560]
S3 Bridge;Most MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-09-26 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-09-26 149028]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-09-26 47875]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-09-26 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-09-26 67384]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2003-03-25 134656]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2003-04-11 502160]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys []
S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2003-03-25 6144]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2003-03-25 135696]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2003-03-25 144736]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\System32\DRIVERS\ENTECH.SYS []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-10 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-08-10 21672]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2011-05-08 70001]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2003-04-03 850880]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2005-08-09 10345]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\System32\drivers\hap16v2k.sys [2003-04-01 142752]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2005-02-01 15360]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2003-03-25 190176]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2004-09-28 68222]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TTDec;ATI WDM Teletext Decoder; C:\WINDOWS\System32\DRIVERS\ATINTTXX.sys [2005-02-01 13824]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VICHW00;VICHW00; \??\C:\WINDOWS\SYSTEM32\DRIVERS\VICHW00.SYS []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 X10UIF;ATI Wireless Remote Receiver V2.36; C:\WINDOWS\System32\Drivers\x10uif.sys [2003-03-28 10761]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-07-06 2480048]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe [2006-09-26 266295]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-05-07 516096]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-29 136176]
S2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-29 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]

-----------------EOF-----------------

Zdravim
Manzelku poslat varit.

1:Restart do nudzoveho rezimu s pracou v sieti

2: pouzijes RogueKiller>.spustis>>stlac 2> [enter] log vloz sem
http://www.viry.cz/forum/viewtopic.php? ... 05#p981205

3:pouzijes Malwarebytes, Uplny skan, co najde daj zmazat>>log vloz sem.
Stiahnes>>mbam-setup
Nainstalovat, aktualizovat, a spustit skan.
Spravit UPLNY skan, co najde daj ZMAZAT, ak bude treba restart, uz mozes povolit.
Log vloz sem.
Podrobny Navod:
http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

4: PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix

Velké díky za rychlou pomoc.

Dostal jsem se k bodu 3. a po restartu XP naběhly takřka dokonce, ale nelze spustit žádný program.
Počítač se neustále ptá v čem to má spustit.
Mohlo dojít k uložení nějakého souboru do virové truhly Avastu - to prováděla dcera než jsem se vrátil a děvčata přiznala barvu.
Přikládám logy provedených úkonů.

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Safe mode with network support
User: Administrator [Admin rights]
Mode: Remove -- Date : 07/17/2011 13:15:58

Bad processes: 0

Registry Entries: 5
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\bkb.exe" -a "C:\Program Files\Internet Explorer\IEXPLORE.EXE") -> REPLACED : ("C:\Program Files\internet explorer\iexplore.exe")

HOSTS File:
127.0.0.1 activation.guitar-pro.com

Finished : << RKreport[1].txt >>
RKreport[1].txt

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 7173

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

17.7.2011 14:39:17
mbam-log-2011-07-17 (14-39-17).txt

Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 494811
Uplynulý čas: 1 hodin, 6 minut, 33 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 21

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\pavel kácha\local settings\data aplikací\bkb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\ImTOO\video converter ultimate 6\lxt_itvcu6520216.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\WINDOWS\cru629.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
d:\instalace - software\ms.office.enterprise.2007.czech.sp2-martin20-24_03_2010\klíč + legalizátor + menu\msoe2007kg.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\instalace - software\soundforge\sound forge 8.0\keygen\keygen.exe (Trojan.Downloader) -> Not selected for removal.
d:\Install\atf-psani na stroji\ZAV\zavkomplet\Fix\keygen.exe (Malware.Packer.Gen) -> Not selected for removal.
d:\Install\BSplayer\bs.player.pro.v2.43.1008.multilingual.incl.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> Not selected for removal.
d:\Install\BSplayer\bs.player.pro.v2.43.1008.multilingual.incl.keymaker-core\keygen.exe (Trojan.Dropper.PGen) -> Not selected for removal.
d:\Install\dbpoweramp music converter\dbpoweramp music converter 11 (1)\dmc 11 dbpoweramp 11 crack patch.exe (Trojan.Downloader) -> Not selected for removal.
d:\Install\dbpoweramp music converter\dbpoweramp music converter v.11+ (full codecs-powerpack & crack)\programa - powerpack + cracks\powerpacks + cracks + utilidades\crack 2 powerpack de dbpoweramp music converter v.9\Crack.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\Install\FTP\flashfxp 3.6.0 build 1240 final\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\Install\FTP\flashfxp.v3.4.0.1145.multilingual.incl.patch.and.keymaker.working-acme\ffxp_keygen.exe (Malware.Packer.Gen) -> Not selected for removal.
d:\Install\MOBIL\mpegable.x4.live.v2.2.7\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\Install\Palení\Clone\clone cd 3.3.4.1.0 and serial + keygen1.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
d:\Install\Titulky\ss2r2.exe (Adware.Dropper) -> Not selected for removal.
d:\Install\tuneup utilities 2006\tuneuputilities2006v5.3.2341 keygen.exe (Trojan.Downloader) -> Not selected for removal.
d:\Install\Video\Titulky\ss2r2.exe (Adware.Dropper) -> Not selected for removal.
d:\Install\wxp-crack\kf141\keyfinder.exe (RiskWare.Tool.CK) -> Not selected for removal.
d:\Install\wxp-crack\windows2003&xp&lhantiproductactivationv2.0.0crackcrackware2k\Crypt.dll (Hacktool) -> Not selected for removal.
d:\Install\wxp-crack\windows2003&xp&lhantiproductactivationv2.0.0crackcrackware2k\WPA_Kill.exe (Hacktool.Wpakill) -> Not selected for removal.
d:\Video\popcorn mkv audioconverter\audioconverter.exe (Backdoor.Agent) -> Not selected for removal.

ok,
otvor notepad poznamkovy blog
start>spustit napis notepad.
skopiruj zeleny text do poznamkoveho blogu:
Klikni na subor>>ulozit ako....napis fix.reg
nastav vsetky subory
a uloz na plochu.
2x klikni a spust.
povol zapis do registra.
restrt.
a pokracuj combofixom

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.com]
@="comfile"

[HKEY_CLASSES_ROOT\.com\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\comfile]
@="MS-DOS Application"
"EditFlags"=hex:30,00,00,00

[HKEY_CLASSES_ROOT\comfile\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,32,00,00,00

[HKEY_CLASSES_ROOT\comfile\shell]

[HKEY_CLASSES_ROOT\comfile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shellex]

[HKEY_CLASSES_ROOT\comfile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\comfile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\comfile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"

pockaj chvilku to je na com, mozes spustit, ale dam ti aj na exe.

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"TileInfo"="prop:FileDescription;Company;FileVersion"
"InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size"

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PEAnalyser]
@="{09A63660-16F9-11d0-B1DF-004F56001CA7}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

Bohužel, situace je setrvalá.
XP naběhnou, objeví se hodiny, hlášení, že počítač může být ohrožen a tím to skončí.
Funguje myš a Tento počítač, ale nic dalšího nelze spustit (TC, Word, IE).
Vždy se objeví tabulka Otevřít v programu.
Ale v nouzovém režimu programy spustit jdou.

Dobre spustis exehelper
http://www.raktor.net/exeHelper/exeHelper.scr
a log vloz sem, potom daj uplnu znova kontrolu malwarebytes,
log vloz sem.

Omlouvam, neobnovoval jsem stránky - ten fix na exe zásadně pomohl.
Jdu na combofix.

Nedaří se mi dokončit Combofix. Po fázi 50 se to zasekne a ani po půlhodině se nic neděje.
Zkouším to už podruhé a je to stejné.
Odstavil jsem firewall, poyastavil avast a co šlo jsem zavřel.
A k logu to stejně nedospěje.

1:Stiahnuť aswMBR.exe na plochu.
2:Dvakrát kliknite na aswMBR.exe a spusťte
3:Kliknite na tlačidlo "Scan" pre spustenie skenovania
4:Uložte asw.log na plochu.
http://public.avast.com/%7Egmerek/aswMBR.exe
5:Log vloz sem

Musel jsem restarovat, ale nakonec se povedlo.

aswMBR version 0.9.7.753 Copyright(c) 2011 AVAST Software
Run date: 2011-07-17 17:31:05
-----------------------------
17:31:05.765 OS Version: Windows 5.1.2600 Service Pack 3
17:31:05.765 Number of processors: 2 586 0x205
17:31:05.765 ComputerName: PK1 UserName:
17:31:06.875 Initialize success
17:31:16.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
17:31:16.515 Disk 0 Vendor: WDC_WD2500JS-00MHB1 10.02E01 Size: 238475MB BusType: 3
17:31:16.531 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-19
17:31:16.531 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
17:31:16.562 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-24
17:31:16.562 Disk 2 Vendor: ST3320620A 3.AAE Size: 305245MB BusType: 3
17:31:18.609 Disk 0 MBR read successfully
17:31:18.625 Disk 0 MBR scan
17:31:18.640 Disk 0 unknown MBR code
17:31:20.671 Disk 0 scanning sectors +488392065
17:31:20.734 Disk 0 scanning C:\WINDOWS\system32\drivers
17:31:22.890 File: C:\WINDOWS\system32\drivers\ati2mtag.sys **SUSPICIOUS**
17:31:23.734 File: C:\WINDOWS\system32\drivers\ativtmxx.dll **SUSPICIOUS**
17:31:39.671 Service scanning
17:31:41.015 Disk 0 trace - called modules:
17:31:41.046 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a863aa8]<<
17:31:41.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a961ab8]
17:31:41.093 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8a91cb00]
17:31:41.125 \Driver\atapi[0x8a957f38] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x8a863aa8
17:31:41.156 Scan finished successfully
17:31:53.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Pavel Kácha\Plocha\MBR.dat"
17:31:53.203 The log file has been saved successfully to "C:\Documents and Settings\Pavel Kácha\Plocha\aswMBR.txt"

ok, spust este raz aswMBR a klikni na gombik FIXMBR.

log vloz sem

Provedeno.

aswMBR version 0.9.7.753 Copyright(c) 2011 AVAST Software
Run date: 2011-07-17 17:37:23
-----------------------------
17:37:23.484 OS Version: Windows 5.1.2600 Service Pack 3
17:37:23.484 Number of processors: 2 586 0x205
17:37:23.484 ComputerName: PK1 UserName:
17:37:24.359 Initialize success
17:37:33.312 Verifying
17:37:43.312 Disk 0 Windows 501 MBR fixed successfully
17:37:58.234 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Pavel Kácha\Plocha\MBR.dat"
17:37:58.234 The log file has been saved successfully to "C:\Documents and Settings\Pavel Kácha\Plocha\aswMBR1.txt"

VIRY.CZ

Xp home security 2012 - nelze vypnout

Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout