VIRY.CZ

Zdravim, začal mi blbnout internet asi před třemi dny. Bohužel(nebo bohudík) mi po napojení internetu na notebook jede. Proces system mi zabira cca 150 000kb(ciž poradil jeden znamej, že bude asi špatně). Diky moc


Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-07-28 21:17:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 55 GB (48%) free of 114 GB
Total RAM: 2046 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:51, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2304157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (file missing) (HKCU)
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8696 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1336601894-839522115-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1336601894-839522115-500UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, toolbar@ask.com:3.12.2.100005, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, engine@conduit.com:3.2.5.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2, plugin3@gameplaylabs.com:3.0, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1390, avg@igeared:7.005.030.004, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4e301118 ... &lng=cs&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"avg@igeared"=C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\
engine@conduit.com
plugin3@gameplaylabs.com
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-07-08 2274144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-10-25 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-10-25 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-09 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-05-12 20053608]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-27 98304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-03 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Documents and Settings\Administrator\Data aplikací\QipGuard\QipGuard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2011-03-03 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-06-27 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG10\avgam.exe"="C:\Program Files\AVG\AVG10\avgam.exe:*:Enabled:Správce událostí AVG"
"C:\Program Files\AVG\AVG10\avgemcx.exe"="C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.lhacm"=lhacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-28 21:17:44 ----D---- C:\Program Files\trend micro
2011-07-28 21:17:43 ----D---- C:\rsit
2011-07-27 14:14:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2011-07-27 14:12:37 ----D---- C:\WINDOWS\system32\drivers\AVG
2011-07-27 10:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2011-07-19 19:31:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2011-07-19 13:45:24 ----D---- C:\Program Files\AMD APP
2011-07-19 13:42:14 ----A---- C:\WINDOWS\system32\drivers\AtihdXP3.sys
2011-07-19 13:39:23 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-07-19 13:26:12 ----D---- C:\AMD
2011-07-18 13:13:36 ----A---- C:\WINDOWS\system32\CSVer.dll
2011-07-18 13:13:27 ----D---- C:\Intel
2011-07-18 13:06:24 ----D---- C:\Program Files\Intel
2011-07-17 23:16:08 ----D---- C:\Program Files\Lavalys
2011-07-13 13:14:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 13:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-12 16:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-07-12 00:46:11 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-07-11 19:30:09 ----A---- C:\WINDOWS\system32\wmpns.dll
2011-07-11 16:53:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaAccount
2011-07-11 16:50:54 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-07-11 16:50:32 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-07-11 16:50:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-07-11 16:48:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2011-07-11 16:42:14 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2011-07-11 16:40:22 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-07-11 16:40:18 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-07-11 16:38:30 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-07-11 16:38:25 ----D---- C:\Program Files\PC Connectivity Solution
2011-07-11 16:38:10 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-07-11 16:38:10 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-07-11 16:38:10 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-07-11 16:32:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2011-07-11 16:30:51 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Nokia
2011-07-11 16:30:31 ----D---- C:\Program Files\DIFX
2011-07-11 16:30:30 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
2011-07-11 16:30:15 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2011-07-11 16:29:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-06-29 22:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$

======List of files/folders modified in the last 1 month======

2011-07-28 21:17:48 ----D---- C:\WINDOWS\Prefetch
2011-07-28 21:17:44 ----RD---- C:\Program Files
2011-07-28 21:17:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-28 21:16:10 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-28 21:15:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-28 21:11:52 ----D---- C:\WINDOWS
2011-07-28 21:11:51 ----D---- C:\WINDOWS\Temp
2011-07-28 21:08:28 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mumble
2011-07-28 21:06:31 ----D---- C:\WINDOWS\system32
2011-07-28 21:04:41 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 13:22:26 ----D---- C:\Program Files\Garena
2011-07-28 12:38:15 ----SHD---- C:\WINDOWS\Installer
2011-07-28 10:18:02 ----D---- C:\WINDOWS\system32\config
2011-07-27 23:31:31 ----D---- C:\Program Files\World of Warcraft
2011-07-27 15:22:16 ----HD---- C:\WINDOWS\inf
2011-07-27 15:22:16 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 15:20:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-27 15:18:13 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-27 14:50:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-07-27 12:50:50 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-07-27 10:37:12 ----D---- C:\Program Files\AVG
2011-07-27 10:37:05 ----D---- C:\WINDOWS\WinSxS
2011-07-25 22:26:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-25 10:38:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-19 19:35:05 ----D---- C:\Program Files\Common Files\Adobe
2011-07-19 19:34:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-19 13:45:11 ----D---- C:\Program Files\ATI Technologies
2011-07-19 13:42:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-19 13:42:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-07-18 13:19:40 ----D---- C:\WINDOWS\system32\RTCOM
2011-07-18 13:06:16 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-17 23:40:59 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-07-17 21:48:11 ----D---- C:\Program Files\Common Files
2011-07-17 21:47:39 ----RD---- C:\Program Files\Skype
2011-07-14 12:45:44 ----D---- C:\WINDOWS\Debug
2011-07-13 13:10:04 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-13 10:58:43 ----D---- C:\WINDOWS\$hf_mig$
2011-07-12 00:46:46 ----D---- C:\WINDOWS\system32\CatRoot
2011-07-11 16:51:03 ----D---- C:\Program Files\Windows Media Player
2011-07-11 16:50:32 ----D---- C:\WINDOWS\system32\LogFiles
2011-07-11 16:42:50 ----D---- C:\WINDOWS\security
2011-06-30 11:28:41 ----RSD---- C:\WINDOWS\assembly
2011-06-30 11:25:51 ----D---- C:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-06-27 7022080]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 27216]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-06-14 6359656]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-06-27 643072]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-09 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

1. odinstaluj ASK Toolbar
2. vycisti PC s CCleanerom
3. prescanuj PC s MBAM - rychly scan

1. Ten toolbar jsem nenašel v ccleanru na odinstalaci ani v panelu nástrojů. Stačí ho fyzicky smazat?
2. Ccleaner používám co 2-3 dny
3.

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 7316

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

29.7.2011 12:35:13
mbam-log-2011-07-29 (12-35-13).txt

Typ kontroly: Rychlý test
Testované objekty: 149599
Uplynulý čas: 7 minut, 12 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

ComboFix 11-07-29.01 - Administrator 29.07.2011 19:50:45.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1256 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: AVG Anti-Virus 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\windows\system32\ctfmon(2).exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2011-07-29 10:27 . 2011-07-29 10:27 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2011-07-29 10:26 . 2011-07-29 10:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-29 10:26 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-29 10:26 . 2011-07-29 10:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-29 10:26 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-28 19:17 . 2011-07-28 19:17 -------- d-----w- c:\program files\trend micro
2011-07-28 19:17 . 2011-07-28 19:17 -------- d-----w- C:\rsit
2011-07-27 14:16 . 2011-07-27 14:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\AVG Security Toolbar
2011-07-27 12:14 . 2011-07-27 12:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG Security Toolbar
2011-07-27 12:12 . 2011-07-29 10:25 -------- d-----w- c:\windows\system32\drivers\AVG
2011-07-27 08:37 . 2011-07-27 10:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg8
2011-07-19 17:31 . 2011-07-19 17:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2011-07-19 11:45 . 2011-07-19 11:45 -------- d-----w- c:\program files\AMD APP
2011-07-19 11:42 . 2011-03-30 18:46 101392 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2011-07-19 11:39 . 2011-06-27 19:28 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-19 11:26 . 2011-07-19 11:26 -------- d-----w- C:\AMD
2011-07-18 11:13 . 2010-03-02 08:04 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-07-18 11:13 . 2011-07-18 11:13 -------- d-----w- C:\Intel
2011-07-18 11:06 . 2011-07-18 11:06 -------- d-----w- c:\program files\Intel
2011-07-17 21:16 . 2011-07-17 21:16 -------- d-----w- c:\program files\Lavalys
2011-07-11 17:30 . 2008-04-14 07:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-07-11 14:53 . 2011-07-11 14:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaAccount
2011-07-11 14:53 . 2011-07-11 14:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Nokia
2011-07-11 14:50 . 2011-07-11 14:51 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-07-11 14:48 . 2011-07-11 14:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2011-07-11 14:42 . 2008-04-13 22:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-07-11 14:42 . 2008-04-13 22:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2011-07-11 14:40 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-07-11 14:38 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-07-11 14:38 . 2011-07-11 14:38 -------- d-----w- c:\program files\PC Connectivity Solution
2011-07-11 14:38 . 2011-05-18 08:13 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-07-11 14:38 . 2011-05-18 08:13 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-07-11 14:38 . 2011-05-18 08:09 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-11 14:32 . 2011-07-11 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Suite
2011-07-11 14:30 . 2011-07-11 15:18 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Nokia
2011-07-11 14:30 . 2011-07-11 14:30 -------- d-----w- c:\program files\DIFX
2011-07-11 14:30 . 2011-07-11 14:43 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\PC Suite
2011-07-11 14:30 . 2011-05-18 08:13 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-07-11 14:29 . 2011-07-17 19:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-27 20:27 . 2011-03-03 14:04 7022080 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-06-27 20:19 . 2011-03-03 14:42 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-06-27 19:59 . 2011-03-03 14:42 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-06-27 19:59 . 2011-03-03 14:42 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-06-27 19:57 . 2011-03-03 14:42 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-06-27 19:56 . 2011-03-03 14:42 5111808 ----a-w- c:\windows\system32\aticaldd.dll
2011-06-27 19:40 . 2011-03-03 14:42 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-06-27 19:39 . 2011-03-03 14:07 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-06-27 19:35 . 2011-03-03 14:07 4091552 ----a-w- c:\windows\system32\ati3duag.dll
2011-06-27 19:22 . 2011-03-03 14:42 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-06-27 19:21 . 2011-03-03 14:42 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-06-27 19:21 . 2011-03-03 14:42 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-06-27 19:21 . 2011-03-03 14:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-06-27 19:21 . 2011-03-03 14:42 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-06-27 19:20 . 2011-03-03 14:42 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-06-27 19:18 . 2011-03-03 14:42 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-06-27 19:18 . 2011-03-03 14:07 3154816 ----a-w- c:\windows\system32\ativvaxx.dll
2011-06-27 19:17 . 2011-03-03 14:42 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-06-27 19:13 . 2011-03-03 14:42 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-06-27 19:11 . 2011-03-03 14:42 507904 ----a-w- c:\windows\system32\atiok3x2.dll
2011-06-27 19:09 . 2011-03-03 14:42 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2011-06-27 19:09 . 2011-03-03 14:42 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-06-27 19:03 . 2011-03-03 14:07 868352 ----a-w- c:\windows\system32\ati2cqag.dll
2011-06-27 19:01 . 2011-03-03 14:42 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-06-27 19:01 . 2011-03-03 14:42 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-06-27 19:01 . 2011-03-03 14:42 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-06-27 14:23 . 2011-06-27 14:23 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-06-27 14:23 . 2011-06-27 14:23 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-06-27 14:22 . 2011-06-27 14:22 13904896 ----a-w- c:\windows\system32\amdocl.dll
2011-06-14 11:38 . 2011-03-05 12:13 6359656 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-06-09 19:52 . 2011-06-09 19:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-09 19:52 . 2011-06-09 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-07 16:14 . 2011-06-07 16:14 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-06-06 11:35 . 2002-09-20 15:41 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-27 09:58 . 2011-03-05 12:13 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-13 09:17 . 2011-03-05 12:13 59496 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-05-12 06:10 . 2011-03-05 12:13 20053608 ----a-w- c:\windows\RTHDCPL.EXE
2011-05-02 15:32 . 2011-03-03 09:01 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33 2495816 ----a-w- c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-14 208896]
"RTHDCPL"="RTHDCPL.EXE" [2011-05-12 20053608]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-27 98304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-06 10:55 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2011-04-18 15:40 2334560 ----a-w- c:\program files\AVG\AVG10\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 15:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 08:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 08:53 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-05-26 19:50 15147400 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 8:13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 16:03 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.1.2011 6:41 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5.4.2011 0:59 297168]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18.4.2011 17:39 7398752]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8.2.2011 5:33 269520]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [19.7.2011 13:42 101392]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3.8.2010 16:23 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3.8.2010 16:23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3.8.2010 16:23 27216]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [3.3.2011 16:52 14848]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [3.3.2011 16:52 9984]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5.3.2011 14:13 1691480]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [27.7.2011 15:22 1025352]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-29 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2304157
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
TCP: DhcpNameServer = 192.168.2.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4e301118&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Security Toolbar em:version=7.005.030.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
MSConfigStartUp-QIP Internet Guardian - c:\documents and settings\Administrator\Data aplikací\QipGuard\QipGuard.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-29 19:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(872)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2011-07-29 19:57:09
ComboFix-quarantined-files.txt 2011-07-29 17:57
.
Před spuštěním: Volných bajtů: 64 276 844 544
Po spuštění: Volných bajtů: 64 383 852 544
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 892267FA2BF09042D2ADDDE36A59EEF7

Chvilka praní s AVG...staci jenom vypnou, a po scanu zapnout Resident shield, nenastanou nějaké kompikace?

pouzi ASKRemover http://www.softpedia.com/progDownload/A ... 60388.html
+ napis ci su nejake problemy

=) zatím všechno šlape bez problému. Myslítě, že by mohl být tak "nestabilní a zpomalený" díky tomu ASK toolbaru?.. Mimochodem, co to vlastně je =D

ASK Toolbar je otravny SW, ktory spomaluje PC - podobne aj Dealio apod.