VIRY.CZ

Ahoj,rozhodl jsem se, ze odhodim svoji jesitnost a obratim se sem s radou na nekoho,kdo odstranuje svinstvo casteji nez ja Je to i z casovych duvodu,ale hlavne proto,ze mam momentalne k dispozici pouze jeden zavirovany komp a ten me nepusti ani na google,takze neco vyhledat je nemozne...

Takze: znicehonic se mi pozaviraly vsechny taby v prohlizeci,pokud neco zadam do adresniho nebo vyhledavaciho radku,nic se nestane,zadny prohlizec nezobrazi zadny web.Ping funguje normalne,IM funguje taky normalne,emaily se stahuji.Avast,Spybot SD ani Spyware Terminator nic nenasli ani v nouzovem rezimu.Pres mobil jsem stahl UPM a Hijack a pres BT se je snazil poslat do PC,ale v mobilu se mi v nastaveni BT misto nazvu meho PC objevilo asi 50 PC,ale vsechny bez nazvu.Nahodne jsem jeden vybral a prenos se podaril.Na prvni pohled jsem v logu z UMP i HJT nic evidentne podezreleho nenasel Wireshark ukazal problem s TCP,ale winsockxpfix nic nevyresil...

Nasledne jsem zjistil,ze se mi na klavesnici nahodne prehazuje cesky layout s anglickym,prestoze dole na liste sviti stale CS.Vedle kurzoru kazdych 5 sekund probliknou presypaci hodiny (to se driv nedelo).Pred chvili jsem zjistil,ze na internet muzu,ale jen pres odkazy.Tazke kdyz mi pres IM prijde odkaz,v prohlizeci se normalne otevre,ale proste se po netu muzu pohybovat pouze pres linky.Coz neni uplne ono.Pokud najedu kurzorem nad link,nezobrazi se "ruka" a kdyz na nej kliknu,nic se nestane.Musim ho z kontextove nabidky otevrit do noveho tabu,pak se zobrazi.PC je celkove takove podivne,bezdratova klavesnice a mys obcas par sekund nereaguje...Jo jeste neco - Avast se po startu nespusti automaticky,ale je treba to udelat rucne.

Predem dekuji za rady.


Logfile of random's system information tool 1.09 (written by random/random)
Run by m'D@f'K@ at 2011-08-17 17:40:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 51 GB (65%) free of 78 GB
Total RAM: 3067 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:40:38, on 17.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\TAMSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Toshiba\3GUty\tw3gsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\thpsrv.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\RMClock\RMClock.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\OSK.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Documents and Settings\m'D@f'K@\Plocha\RSIT.exe
C:\Documents and Settings\m'D@f'K@\Plocha\m'D@f'K@.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ThpSrv] C:\WINDOWS\system32\thpsrv /logon
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [TOSDCR] TOSDCR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TOSHIBA_3G_UTY] C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe
O4 - HKCU\..\Run: [RMClock] "C:\Program Files\RMClock\RMClockLauncher.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 3587559343
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0061133796
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: ATFUS - C:\WINDOWS\system32\FpWinLogonNp.dll
O20 - Winlogon Notify: TosBtNP - TosBtNP.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\WINDOWS\system32\TAMSvr.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: 3G RF Power Control Utility (TW3GSVC) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\3GUty\tw3gsvc.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe

--
End of file - 9147 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-29 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-29 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"00THotkey"=C:\WINDOWS\system32\00THotkey.exe [2006-08-07 253952]
"000StTHK"=C:\WINDOWS\system32\000StTHK.exe [2001-06-23 24576]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320]
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2008-08-07 299008]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-04 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-08-04 170520]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-08-04 141848]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
"ThpSrv"=C:\WINDOWS\system32\thpsrv /logon []
"TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2008-09-09 730432]
"UsbMonitor"=C:\Program Files\TrueSuite Access Manager\usbnotify.exe [2008-07-25 94208]
"TOSDCR"=C:\WINDOWS\system32\TOSDCR.EXE [2005-12-12 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-16 13590528]
"ATITool"=C:\Program Files\ATITool\ATITool.exe [2006-12-08 3035136]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"nwiz"=nwiz.exe /install []
"TosHKCW.exe"=C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [2007-10-05 172032]
"TOSHIBA_3G_UTY"=C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe [2010-06-23 1592264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RMClock"=C:\Program Files\RMClock\RMClockLauncher.exe [2008-02-29 61440]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2010-07-11 2199040]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-08-14 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DDWMon]
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [2007-04-26 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FingerPrintNotifer]
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe [2008-09-03 712704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-07-13 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-04-16 13590528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwdBank]
C:\Program Files\TrueSuite Access Manager\PwdBank.exe [2008-09-03 3152384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TAudEffect]
C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe [2006-08-09 344144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-12 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA_3G_UTY]
C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe [2010-06-23 1592264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
C:\Program Files\TOSHIBA\TouchED\TouchED.exe [2005-09-05 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSODDCtl]
C:\WINDOWS\system32\TPSODDCtl.exe [2008-08-07 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVer HID Receiver.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERHI~1.EXE [2008-06-10 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2008-06-18 679936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2010-06-28 2721184]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ATFUS]
C:\WINDOWS\system32\FpWinLogonNp.dll [2008-09-03 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-07-29 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TosBtNP]
C:\WINDOWS\system32\TosBtNP.dll [2006-07-21 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\SWAT 4\Content\System\Swat4.exe"="C:\Program Files\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlatOut\flatout.exe"="C:\Program Files\FlatOut\flatout.exe:*:Enabled:flatout"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Gemz\Half-Life 2\Half-Life 2\hl2.exe"="D:\Gemz\Half-Life 2\Half-Life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\RealVNC\VNC4\winvnc4.exe"="C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server Free Edition for Win32"
"C:\Documents and Settings\m'D@f'K@\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\m'D@f'K@\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"D:\Gemz\Warcraft III\Frozen Throne.exe"="D:\Gemz\Warcraft III\Frozen Throne.exe:*:Enabled:Frozen Throne.exe"
"D:\Gemz\Warcraft III\Warcraft III.exe"="D:\Gemz\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Disabled:Program pro přenos souborů"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecx.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
"wave4"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-08-17 16:00:37 ----DC---- C:\rsit
2011-08-17 14:11:31 ----AC---- C:\WINDOWS\resetlog.txt
2011-08-17 11:26:12 ----SHDC---- C:\RECYCLER
2011-08-17 02:40:38 ----AC---- C:\Boot.bak
2011-08-17 02:40:33 ----RASHDC---- C:\cmdcons
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\zip.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\SWXCACLS.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\SWSC.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\SWREG.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\sed.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\PEV.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\NIRCMD.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\MBR.exe
2011-08-17 02:36:00 ----AC---- C:\WINDOWS\grep.exe
2011-08-17 02:35:52 ----DC---- C:\WINDOWS\ERDNT
2011-08-17 02:35:46 ----DC---- C:\Qoobox
2011-08-16 22:45:45 ----ASH---- C:\hiberfil.sys
2011-07-29 20:39:54 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\vlc
2011-07-29 15:52:28 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-07-29 15:50:50 ----AC---- C:\WINDOWS\system32\javaws.exe
2011-07-29 15:50:50 ----AC---- C:\WINDOWS\system32\javaw.exe
2011-07-29 15:50:50 ----AC---- C:\WINDOWS\system32\java.exe
2011-07-29 15:50:50 ----AC---- C:\WINDOWS\system32\deployJava1.dll
2011-07-19 18:48:23 ----AC---- C:\WINDOWS\NDSBrow.INI
2011-07-18 23:05:29 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\WinBatch
2011-07-18 22:20:34 ----AC---- C:\WINDOWS\system32\InsSecRc.scr
2011-07-18 22:20:34 ----AC---- C:\WINDOWS\system32\InsSec.scr
2011-07-18 21:10:07 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\WirelessManager
2011-07-18 20:54:20 ----RAC---- C:\WINDOWS\system32\drivers\toshcm.sys
2011-07-18 13:27:51 ----AC---- C:\WINDOWS\ModemLog_Toshiba F3507g Mobile Broadband Modem.txt
2011-07-18 13:21:59 ----AC---- C:\WINDOWS\ModemLog_Toshiba F3507g Mobile Broadband Data Modem.txt

======List of files/folders modified in the last 1 month======

2011-08-17 17:38:55 ----HDC---- C:\WINDOWS\inf
2011-08-17 17:37:14 ----DC---- C:\WINDOWS\Temp
2011-08-17 14:17:35 ----DC---- C:\WINDOWS\system32
2011-08-17 14:17:35 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-17 14:11:34 ----DC---- C:\WINDOWS\system32\drivers\etc
2011-08-17 14:11:31 ----DC---- C:\WINDOWS
2011-08-17 11:16:30 ----DC---- C:\WINDOWS\SoftwareDistribution
2011-08-17 03:10:50 ----DC---- C:\WINDOWS\system32\CatRoot2
2011-08-17 03:10:42 ----DC---- C:\WINDOWS\Prefetch
2011-08-17 03:05:34 ----C---- C:\WINDOWS\system.ini
2011-08-17 03:01:43 ----DC---- C:\WINDOWS\system32\drivers
2011-08-17 03:01:43 ----DC---- C:\WINDOWS\AppPatch
2011-08-17 03:01:41 ----DC---- C:\Program Files\Common Files
2011-08-17 02:40:38 ----RASHC---- C:\boot.ini
2011-08-17 02:35:59 ----SHD---- C:\System Volume Information
2011-08-17 02:35:59 ----DC---- C:\WINDOWS\system32\Restore
2011-08-17 00:10:51 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-08-16 22:22:28 ----DC---- C:\Program Files\Spyware Terminator
2011-08-16 22:22:17 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Spyware Terminator
2011-08-16 21:40:57 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-16 21:21:16 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Skype
2011-08-14 19:43:18 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Opera
2011-08-13 21:48:45 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\uTorrent
2011-08-13 21:48:45 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\DAEMON Tools Lite
2011-08-13 21:48:43 ----DC---- C:\WINDOWS\Logs
2011-08-13 21:48:43 ----DC---- C:\WINDOWS\Debug
2011-08-13 00:01:50 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Mp3tag
2011-08-10 23:04:22 ----RSDC---- C:\WINDOWS\assembly
2011-08-10 23:03:55 ----DC---- C:\WINDOWS\Microsoft.NET
2011-08-10 22:23:51 ----DC---- C:\Program Files\Internet Explorer
2011-08-10 22:20:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-10 22:20:14 ----HDC---- C:\WINDOWS\$hf_mig$
2011-08-10 22:19:55 ----SHDC---- C:\WINDOWS\Installer
2011-08-10 22:19:06 ----DC---- C:\WINDOWS\WinSxS
2011-08-10 22:05:22 ----AC---- C:\WINDOWS\system32\MRT.exe
2011-08-10 22:04:16 ----DC---- C:\WINDOWS\ie8updates
2011-08-10 21:52:04 ----C---- C:\WINDOWS\win.ini
2011-08-09 20:27:59 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Dropbox
2011-08-09 20:27:29 ----RDC---- C:\My Dropbox
2011-07-30 19:04:26 ----DC---- C:\Program Files\CCleaner
2011-07-30 19:00:55 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\Media Player Classic
2011-07-30 00:45:14 ----AC---- C:\WINDOWS\wincmd.ini
2011-07-29 16:04:35 ----RSDC---- C:\WINDOWS\Fonts
2011-07-29 16:04:24 ----DC---- C:\Program Files\OpenOffice.org 3
2011-07-29 15:50:33 ----DC---- C:\Program Files\Java
2011-07-25 17:08:54 ----AC---- C:\WINDOWS\system32\mshtml.dll
2011-07-24 14:16:26 ----RDC---- C:\Program Files\Skype
2011-07-24 14:16:19 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-07-24 14:15:46 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\skypePM
2011-07-22 18:54:47 ----DC---- C:\Documents and Settings\m'D@f'K@\Data aplikací\gtk-2.0
2011-07-22 11:13:18 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-19 19:08:58 ----DC---- C:\WINDOWS\system32\NtmsData
2011-07-19 02:44:59 ----AC---- C:\WINDOWS\ModemLog_Axesstel USB Modem.txt
2011-07-18 23:05:40 ----DC---- C:\Program Files\Toshiba
2011-07-18 22:28:53 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-07-18 22:20:37 ----DC---- C:\WINDOWS\system32\ReinstallBackups
2011-07-18 20:58:41 ----DC---- C:\Documents and Settings\All Users\Data aplikací\TOSHIBA
2011-07-18 20:54:05 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF mini-filter driver; C:\WINDOWS\system32\Drivers\AlfaFF.sys [2008-07-25 42608]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2008-07-20 324120]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-31 691696]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\WINDOWS\system32\DRIVERS\thpdrv.sys [2008-07-09 27768]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\WINDOWS\system32\DRIVERS\Thpevm.SYS [2007-09-04 6528]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\WINDOWS\system32\DRIVERS\tos_sps32.sys [2008-08-12 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\system32\DRIVERS\TVALZ.SYS [2007-02-15 16768]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\D:\Exez\hw32_239\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2011-05-21 231248]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-03-25 123856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-03-25 41680]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 tdudf;TOSHIBA UDF File System Driver; C:\WINDOWS\system32\DRIVERS\tdudf.sys [2007-03-26 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver; C:\WINDOWS\system32\DRIVERS\trudf.sys [2007-02-19 134016]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2008-02-07 166448]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2008-08-14 146944]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-07-24 41216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-01 4743680]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-16 6250240]
R3 RTCore32;RTCore32; \??\C:\Program Files\RMClock\RTCore32.sys []
R3 Sony_EricssonWWSC;Toshiba F3507g Mobile Broadband USIM Port; C:\WINDOWS\system32\DRIVERS\toshscard.sys [2008-08-07 24232]
R3 TEchoCan;Toshiba Audio Effect; C:\WINDOWS\system32\DRIVERS\TEchoCan.sys [2007-02-21 435072]
R3 toshbus;Toshiba F3507g Mobile Broadband Device driver (WDM); C:\WINDOWS\system32\DRIVERS\toshbus.sys [2009-03-17 281088]
R3 toshcard;Toshiba F3507g Mobile Broadband Device Management; C:\WINDOWS\system32\DRIVERS\toshcard.sys [2009-03-17 359040]
R3 toshgps;Toshiba F3507g Mobile Broadband GPS Port; C:\WINDOWS\system32\DRIVERS\toshgps.sys [2008-09-29 77864]
R3 toshmdfl;Toshiba F3507g Mobile Broadband Modem Filter; C:\WINDOWS\system32\DRIVERS\toshmdfl.sys [2009-03-17 14976]
R3 toshmdfl2;Toshiba F3507g Mobile Broadband Data Modem Filter; C:\WINDOWS\system32\DRIVERS\toshmdfl2.sys [2009-03-17 14976]
R3 toshmdm;Toshiba F3507g Mobile Broadband Modem Driver; C:\WINDOWS\system32\DRIVERS\toshmdm.sys [2009-03-17 367104]
R3 toshmdm2;Toshiba F3507g Mobile Broadband Data Modem Driver; C:\WINDOWS\system32\DRIVERS\toshmdm2.sys [2009-03-17 410880]
R3 toshnd5;Toshiba F3507g Mobile Broadband Network Adapter (NDIS); C:\WINDOWS\system32\DRIVERS\toshnd5.sys [2009-03-17 25856]
R3 toshunic;Toshiba F3507g Mobile Broadband Network Adapter (WDM); C:\WINDOWS\system32\DRIVERS\toshunic.sys [2009-03-17 374912]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfec;Bluetooth ACPI; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2010-06-18 15160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-03-25 110608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 akicpoyu;akicpoyu; C:\WINDOWS\system32\drivers\akicpoyu.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-09-20 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-09-20 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-09-20 38784]
S3 catchme;catchme; \??\C:\DOCUME~1\m'D@f'K@\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; C:\WINDOWS\system32\drivers\CrystalSysInfo.sys []
S3 CXSONORA;AVerMedia 23885 AvStream Video Capture; C:\WINDOWS\system32\drivers\A885VCap.sys [2008-05-30 736768]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-06-13 243856]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-12-24 68696]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-07-29 6023456]
S3 libusb0;LibUsb-Win32 - Kernel Driver; C:\WINDOWS\system32\drivers\libusb0.sys [2009-10-21 28160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2007-02-22 16128]
S3 toshidpt;Bluetooth HID Port; C:\WINDOWS\system32\drivers\Toshidpt.sys [2009-06-19 9608]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2010-04-07 171240]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2009-08-10 59888]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2010-05-13 50232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Chicony USB 2.0 Camera; C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 UVCFTR;UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-03-25 99728]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Authentec memory manager;Authentec memory manager service; C:\WINDOWS\system32\TAMSvr.exe [2008-09-02 49152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-29 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-16 168004]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 152944]
R2 TW3GSVC;3G RF Power Control Utility; C:\Program Files\Toshiba\3GUty\tw3gsvc.exe [2009-12-18 127384]
R2 WMCoreService;Mobile Broadband Service; C:\Program Files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe [2011-01-07 840232]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-06-05 352256]
S3 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-07-14 409600]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FingerprintServer;Fingerprint Server; C:\WINDOWS\system32\FpLogonServ.exe [2008-09-03 131072]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2008-06-02 174616]
S3 OOD2000;O&O Defrag 2000; C:\WINDOWS\system32\OOD2000.exe [2001-04-06 238080]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-05-17 496128]
S3 Thpsrv;Ochrana HDD TOSHIBA; C:\WINDOWS\system32\ThpSrv.exe [2008-07-25 551736]
S3 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-08-12 83312]
S3 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\WINDOWS\system32\TODDSrv.exe [2007-11-21 129632]
S3 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2008-06-02 2058776]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím!
Log z RSIT, provedený po skenu ComboFix je k ničemu. Pokud tam něco bylo, CF to smazal. Otevřte soubor C:\combofix.txt a jeho obsah sem zkopírujte.

Chapu Vase rozhorceni,ale takhle to bohuzel nepujde (ted bych sem dal stydiciho se smajlika,ale nevim ktery to je).Bohuzel jsem si vzdycky poradil sam a tak jsem nepredpokladal,ze budu odesilat logy.Po vcerejsi aplikaci CF a winsockxpfix se asi 2 hodiny zdalo,ze PC pracuje normalne,takze jsem log po zbeznem projiti 'chytre' smazal...Proto jsem se o CF radsi ani nezminoval.Po par hodinach se ale priznaky objevily znovu Tohle je nejstarsi log co mam:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:31, on 17.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\TAMSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Toshiba\3GUty\tw3gsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe
C:\Program Files\RMClock\RMClock.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Toshiba\TOSHIBA Wireless Manager\WirelessManager.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Documents and Settings\m'D@f'K@\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ThpSrv] C:\WINDOWS\system32\thpsrv /logon
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [TOSDCR] TOSDCR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ATITool] "C:\Program Files\ATITool\ATITool.exe" -s
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TOSHIBA_3G_UTY] C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe
O4 - HKCU\..\Run: [RMClock] "C:\Program Files\RMClock\RMClockLauncher.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 3587559343
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0061133796
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: ATFUS - C:\WINDOWS\system32\FpWinLogonNp.dll
O20 - Winlogon Notify: TosBtNP - C:\WINDOWS\SYSTEM32\TosBtNP.dll
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\WINDOWS\system32\TAMSvr.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: 3G RF Power Control Utility (TW3GSVC) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\3GUty\tw3gsvc.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe

--
End of file - 8892 bytes

Já nejsem rozhořčený, jen vám říkám, že RSIT po provedeném skenu CF je k ničemu, neboť je vždy čistý. Proto potřebuji vidět log z ComboFix, abych věděl, co bylo smazáno, příp. zda tam ještě něco nezbylo. Pokud jste jej smazal, budete muset provést nový sken CF.

Omulem jsem v predchozim postu poslal log z HJT...

ComboFix 11-08-16.05 - m'D@f'K@ 18.08.2011 0:28.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3067.2418 [GMT 2:00]
Spuštěný z: c:\documents and settings\m'D@f'K@\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-17 do 2011-08-17 )))))))))))))))))))))))))))))))
.
.
2011-08-17 14:00 . 2011-08-17 14:00 -------- dc----w- C:\rsit
2011-08-10 20:03 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 20:03 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-10 20:02 . 2011-06-23 18:31 105984 -c----w- c:\windows\system32\dllcache\url.dll
2011-07-29 18:39 . 2011-07-30 19:29 -------- dc----w- c:\documents and settings\m'D@f'K@\Data aplikací\vlc
2011-07-29 13:50 . 2011-07-29 13:50 472808 -c--a-w- c:\windows\system32\deployJava1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-29 13:50 . 2008-09-29 17:54 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-07-15 13:29 . 2008-09-29 17:28 456320 -c--a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-09-29 17:28 10496 -c--a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43 . 2010-07-24 21:57 40112 -c--a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2009-06-22 18:21 199304 -c--a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-28 21:19 441176 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2009-06-22 18:21 309848 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2009-06-22 18:21 43608 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2009-06-22 18:21 102616 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2009-06-22 18:21 96344 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2009-06-22 18:21 25432 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2009-06-22 18:21 30808 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2009-06-22 18:21 19544 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-24 14:10 . 2008-09-29 17:34 139656 -c--a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2008-09-29 17:28 916480 -c--a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2008-09-29 17:28 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2008-09-29 17:28 1469440 -c--a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2008-09-29 17:28 385024 -c--a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-09-29 17:28 293376 -c--a-w- c:\windows\system32\winsrv.dll
2011-06-17 19:57 . 2011-05-15 18:12 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2008-09-29 17:28 1858944 -c--a-w- c:\windows\system32\win32k.sys
2011-05-20 22:24 . 2011-05-20 22:24 231248 -c--a-w- c:\windows\system32\drivers\truecrypt.sys
2007-09-20 02:45 . 2009-06-14 17:20 90112 -c--a-r- c:\program files\axesstel.dll
2007-09-20 02:45 . 2009-06-14 17:20 118784 -c--a-r- c:\program files\MSP_Uninstall.exe
2006-05-03 10:06 163328 -csha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 -csha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 -csha-r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-17_00.49.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-17 22:08 . 2011-08-17 22:08 16384 c:\windows\Temp\Perflib_Perfdata_6ac.dat
+ 2008-09-29 17:28 . 2011-08-17 22:21 71784 c:\windows\system32\perfc009.dat
- 2008-09-29 17:28 . 2011-08-17 00:29 71784 c:\windows\system32\perfc009.dat
- 2008-09-29 17:28 . 2011-08-17 00:29 83288 c:\windows\system32\perfc005.dat
+ 2008-09-29 17:28 . 2011-08-17 22:21 83288 c:\windows\system32\perfc005.dat
+ 2008-09-29 17:28 . 2011-08-17 22:21 441466 c:\windows\system32\perfh009.dat
- 2008-09-29 17:28 . 2011-08-17 00:29 441466 c:\windows\system32\perfh009.dat
- 2008-09-29 17:28 . 2011-08-17 00:29 438022 c:\windows\system32\perfh005.dat
+ 2008-09-29 17:28 . 2011-08-17 22:21 438022 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 -c--a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 -c--a-w- c:\documents and settings\m'D@f'K@\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 -c--a-w- c:\documents and settings\m'D@f'K@\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 -c--a-w- c:\documents and settings\m'D@f'K@\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 -c--a-w- c:\documents and settings\m'D@f'K@\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOvrly1]
@="{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}"
[HKEY_CLASSES_ROOT\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}]
2008-07-25 13:41 118784 ----a-w- c:\program files\TrueSuite Access Manager\IconOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RMClock"="c:\program files\RMClock\RMClockLauncher.exe" [2008-02-29 61440]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2010-07-11 2199040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"00THotkey"="c:\windows\system32\00THotkey.exe" [2006-08-07 253952]
"000StTHK"="000StTHK.exe" [2001-06-23 24576]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-15 184320]
"TPSMain"="TPSMain.exe" [2008-08-07 299008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-04 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-04 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-04 141848]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"TFNF5"="TFNF5.exe" [2008-09-09 730432]
"UsbMonitor"="c:\program files\TrueSuite Access Manager\usbnotify.exe" [2008-07-25 94208]
"TOSDCR"="TOSDCR.EXE" [2005-12-12 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-16 13590528]
"ATITool"="c:\program files\ATITool\ATITool.exe" [2006-12-08 3035136]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"nwiz"="nwiz.exe" [2010-04-16 1657448]
"TosHKCW.exe"="c:\program files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2007-10-05 172032]
"TOSHIBA_3G_UTY"="c:\program files\Toshiba\3GUty\TW3GCTRL.exe" [2010-06-23 1592264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2008-09-03 11:48 208896 ------w- c:\windows\system32\FpWinlogonNp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TosBtNP]
2006-07-21 17:54 65536 -c--a-w- c:\windows\system32\TosBtNP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVer HID Receiver.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AVer HID Receiver.lnk
backup=c:\windows\pss\AVer HID Receiver.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AVerQuick.lnk
backup=c:\windows\pss\AVerQuick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-06 10:55 35736 -c--a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2008-08-14 11:46 417792 -c--a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DDWMon]
2007-04-26 09:49 495616 -c--a-w- c:\program files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FingerPrintNotifer]
2008-09-03 11:47 712704 -c----w- c:\program files\TrueSuite Access Manager\FpNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-07-13 13:44 966712 -c--a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-16 00:45 13590528 -c--a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-06-02 16:38 367128 -c--a-w- c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwdBank]
2008-09-03 14:20 3152384 -c--a-w- c:\program files\TrueSuite Access Manager\PwdBank.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TAudEffect]
2006-08-09 17:48 344144 -c--a-w- c:\program files\Toshiba\TAudEffect\TAudEff.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
2005-04-12 08:31 65536 -c--a-w- c:\program files\Toshiba\TOSCDSPD\TOSCDSPD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA_3G_UTY]
2010-06-23 13:41 1592264 -c--a-w- c:\program files\Toshiba\3GUty\tw3gctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
2005-09-05 09:53 98304 -c--a-w- c:\program files\Toshiba\TouchED\TouchED.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSODDCtl]
2008-08-07 14:12 122880 -c--a-w- c:\windows\system32\TPSODDCtl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2007-01-05 18:57 204288 -c----w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\SWAT 4\\Content\\System\\Swat4.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlatOut\\flatout.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Gemz\\Half-Life 2\\Half-Life 2\\hl2.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"c:\\Documents and Settings\\m'D@f'K@\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"d:\\Gemz\\Warcraft III\\Frozen Throne.exe"=
"d:\\Gemz\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\system32\drivers\AlfaFF.sys [26.4.2009 19:21 42608]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.4.2009 3:38 691696]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [9.7.2008 9:39 27768]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [29.9.2008 20:04 6528]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.5.2011 23:19 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.6.2009 20:21 309848]
R1 HWiNFO32;HWiNFO32 Kernel Driver;d:\exez\hw32_239\HWiNFO32.sys [30.4.2009 2:00 16872]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [17.5.2011 16:11 142592]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [10.4.2010 19:47 123856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [10.4.2010 19:47 41680]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.6.2009 20:21 19544]
R2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [26.4.2009 19:21 49152]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [26.3.2007 12:22 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [19.2.2007 12:15 134016]
R2 TW3GSVC;3G RF Power Control Utility;c:\program files\Toshiba\3GUty\tw3gsvc.exe [18.7.2011 23:05 127384]
R2 WMCoreService;Mobile Broadband Service;c:\program files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe servicemode --> c:\program files\TOSHIBA\Mobile Broadband Device\WMCore\WMCore.exe servicemode [?]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [29.9.2008 19:46 41216]
R3 Sony_EricssonWWSC;Toshiba F3507g Mobile Broadband USIM Port;c:\windows\system32\drivers\toshscard.sys [29.9.2008 20:04 24232]
R3 TEchoCan;Toshiba Audio Effect;c:\windows\system32\drivers\TEchoCan.sys [26.4.2009 19:16 435072]
R3 toshbus;Toshiba F3507g Mobile Broadband Device driver (WDM);c:\windows\system32\drivers\toshbus.sys [29.9.2008 20:04 281088]
R3 toshcard;Toshiba F3507g Mobile Broadband Device Management;c:\windows\system32\drivers\toshcard.sys [29.9.2008 20:04 359040]
R3 toshgps;Toshiba F3507g Mobile Broadband GPS Port;c:\windows\system32\drivers\toshgps.sys [29.9.2008 20:04 77864]
R3 toshmdfl;Toshiba F3507g Mobile Broadband Modem Filter;c:\windows\system32\drivers\toshmdfl.sys [29.9.2008 20:04 14976]
R3 toshmdfl2;Toshiba F3507g Mobile Broadband Data Modem Filter;c:\windows\system32\drivers\toshmdfl2.sys [29.9.2008 20:04 14976]
R3 toshmdm;Toshiba F3507g Mobile Broadband Modem Driver;c:\windows\system32\drivers\toshmdm.sys [29.9.2008 20:04 367104]
R3 toshmdm2;Toshiba F3507g Mobile Broadband Data Modem Driver;c:\windows\system32\drivers\toshmdm2.sys [29.9.2008 20:04 410880]
R3 toshnd5;Toshiba F3507g Mobile Broadband Network Adapter (NDIS);c:\windows\system32\drivers\toshnd5.sys [29.9.2008 20:04 25856]
R3 toshunic;Toshiba F3507g Mobile Broadband Network Adapter (WDM);c:\windows\system32\drivers\toshunic.sys [29.9.2008 20:04 374912]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [25.3.2010 20:06 110608]
S3 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [28.4.2009 3:55 352256]
S3 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [28.4.2009 3:55 409600]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\axtmvflt.sys [14.6.2009 19:20 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\axtmvmdm.sys [14.6.2009 19:20 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\axtmvprt.sys [14.6.2009 19:20 38784]
S3 CXSONORA;AVerMedia 23885 AvStream Video Capture;c:\windows\system32\drivers\A885VCap.sys [28.4.2009 3:57 736768]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [29.9.2008 19:28 243856]
S3 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [26.4.2009 19:21 131072]
S3 libusb0;LibUsb-Win32 - Kernel Driver;c:\windows\system32\drivers\libusb0.sys [13.7.2011 15:11 28160]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.7.2011 0:49 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [13.7.2011 0:49 8576]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
S3 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [26.4.2009 19:17 2058776]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.3.2010 20:06 99728]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore32
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-18 00:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
c:\windows\system32\TAM_GINA.dll
c:\program files\TrueSuite Access Manager\fpsuites.DLL
c:\program files\TrueSuite Access Manager\SharedResources.dll
c:\program files\TrueSuite Access Manager\FPResource.dll
c:\windows\system32\authTpm.dll
c:\windows\system32\FpWinLogonNp.dll
.
- - - - - - - > 'explorer.exe'(2820)
c:\documents and settings\m'D@f'K@\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\program files\TrueSuite Access Manager\IconOvrly.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
Celkový čas: 2011-08-18 00:40:18
ComboFix-quarantined-files.txt 2011-08-17 22:40
.
Před spuštěním: Volných bajtů: 53 172 998 144
Po spuštění: Volných bajtů: 53 163 495 424
.
- - End Of File - - 9D04997DDA3D00C09086EF715001CA23

Velmi zajímavé, neboť log ComboFix je čistý. Virový problém toto zřejmě nebude. Zkuste obnovu systému k datu, kdy PC korektně fungoval. Případně si vzpomeňte, co jste instaloval těsně před tím, než se problém objevil.

Taky mi pripadalo,ze je vsude'cisto',ale rikal jsem si,ze jsem treba neco prehlid V posledni dobe jsem nic zasadniho neinstaloval,ale zkusim to jeste projit.Ja jeden tip mozna mam,ale nejak se mi to nezda - na svoje 'pokusy' pouzivam vetsinou linux,ale jak jsem psal vyse,mel jsem ted k dispozici pouze jedno PC s XP.No a prolezal jsem stranky jedny grupy (Cult of the Dead Cow).Nedavam radsi primo odkaz,at na to lidi neklikaj,ale mam dojem,ze XP+Opera neni zrovna dobra kombinace pro tuhle cinnost.Takze budu muset jeste poradne proverit komunikaci,coz nebude vzhledem k nefunkcnosti prohlizece uplne jednoduche,nemuzu ani zkontrolovat IP...Asi bych zkusil nejaky slusny firewall ktery si nebere moc prostredku.Doporucil byste ZA?

Uvitam vase nazory,diky.

Ještě zkuste sken na Spywary (Superantispyware: http://www.stahuj.centrum.cz/utility_a_ ... tispyware/ ). Co se týká FW, ZA mohu doporučit, většinou se snaáší se vším a má relativně nízké požadavky na systémové prostředky. K Opeře vám nic nepovím, nemám s ní mnoho zkušeností.

Diky za odpoved,ale zatim si porad nevim rady.Super AntiSpyware podle ocekavani nic nenasel,Avast se stale po startu nespusti,prestoze jsem ho resetoval do defaultniho nastaveni.ZA jsem nainstaloval,ale nespusti se GUI.V procesech je videt ze bezi,dole na liste je taky videt,ale na nic nereaguje.Pouze kdyz na nej v liste najedu kurzorem,objevi se bublina s tim ze ochrana bezi a UI se inicializuje.Ale bohuzel k tomu nikdy nedojde,takze neni mozny zkontrolovat nastaveni atd.

Je to teda pekne zapeklity...Any ideas?

EDIT: Jinak ZA se nechce ani korektne ukoncit pokud chci vypnout pocitac.Instaloval jsem ho i v nouzaku ale se stejnym vysledkem...Uz jsem smireni s tim,ze budu formatovat,ale potreboval bych to dostat do alespon trochu pouzitelnyho stavu,abych moh jeste par dni fungovat a hlavne si zazalohovat data a mit jistotu,ze si nedotahnu nejaky bordel do ciste instalace.

EDIT1: Po chvilce laborovani a nekolika rebootech se mi povedlo ZA korektne spustit.To same s Avastem,zadne nastaveni nepomohlo,az moznost Repair v Add/Remove programs.Takze zatim to nejak funguje (i nejak podivne),sice porad nemuzu na skudce ukazat prstem,coz me dost stve,ale aspon neco.Dalsi postup bude ze nabootuju z nejakyho linux distra a projedu antivirem.Ale bude to na dlouho,mam ted pripojeni jen pres mobil

Zkuste obnovu systému k datu, kdy korektně fungoval.

Kdybych windowsi obnovu pouzival a nemel s ni jen ty nejhorsi zkusenosti (aspon tedy do XP vcetne,v Seven uz je to snad lepsi),tak bych to i udelal.Jenze ono by to stejne mozna nepomohlo,je mozny ze tam to svinstvo uz nejakou dobu je.Nejlepsi je myslim po instalaci win+ovladacu+programu udelat image disku,to mi prijde spolehlivejsi.Bohuzel jsem to nikdy neudelal,protoze se mi tohle stalo za 15 let poprve...

Kazdopadne chci jeste jednou podekovat za rady a za snahu a pokud by vas jeste neco napadlo,budu rad.Kazdopadne jsem smireny s reinstallem,po 3 letech uz maji XP narok

Dříve, než provedete reinstal, můžete se ještě pokusit o opravu systému XPManagerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549 , nebo z instal. CD: http://www.viry.cz/forum/viewtopic.php?f=46&t=41036 .

Musim uznat,ze se ke me dostala opravdu povedena vecicka
Se systemem se dalo jakz takz pracovat pouze pokud jsem se nepokousel pripojit na net,v tu chvili PC totalne zamrzlo a jedina moznost byla ho natvrdo vypnout.To same se delo v pripade,ze jsem si chtel nejaka data zazalohovat.S daty na internim disku se dalo v pohode pracovat,pokud jsem se ale pokusil zkopirovat nekam mimo,system hned zatuhnul,samozrejme i v pripade,kdy jsem chtel data vypalit Zalohovat se mi povedlo az v nouzaku,ale zajimalo by me,jestli uz nemam ten bordel i na externim disku.

Tak si rikam dobra,udelam cistou instalaci XP.Ale co se nestalo,po par minutach modra smrt - I/O error.Tak jsem jeste zkusil nabootovat do Ubuntu,ale bez uspechu,mechanika nacita jak zbesila a nic

Nejaky napad? :James007:


EDIT: zkusil jsem znovu ComboFix,ale v pulce se zasekne a konec...

Tohle vypadá na poškozený systém. Co je napsáno na té modré obrazovce?

Primo tu konkretni chybu jsem neresil,protoze tam byla ta hlaska (pri instalaci Win) ktera nabada ke kontrole na viry.A pri spousteni Ubuntu mi to psalo I/O error.

Ja mam takovy dojem,ze ten virus se proste snazil znemoznit zalohu dat nekam mimo fyzicky disk.I pres sit - pokud jsem pracoval offline,bylo vse "jakoby" ok,ale stacilo zapnout wifi nebo pripojit kabel a byl konec.To same bylo s vypalovanim image.Jakmile jsem se v ImgBurn pokusil vybrat data k vypaleni,nastal okamzity zatuh.Opet pomohl nouzovy rezim.A s tou mechanikou - nekolikrat jsem nabootoval do livka Ubuntu a pak to z niceho nic prestalo jit,to same s Win.

Problem je,ze z meho notebooku nejde jednoduse vyndat disk,coz bych jinak udelal hned jako prvni vec.Nakonec jsem to ale vyresil tak,ze jsem pripojil externi mechaniku a okamzite zacal instalovat Ubuntu,coz se nastesti povedlo.Takze ted je tam jako jediny system a z nej se pokusim zjistit,jestli neni chycena i ta moje zaloha.No a pozdejs tam pridam i ty wokna

EDIT: jeste jsem zapomnel rict,ze co jsem se zbavil zavirovanych (a z toho duvodu pravdepodobne i poskozenych) XP,tak v Ubuntu mechanika funguje bez problemu