Prosím o kontrolu logu

[Frisbeeman]

Pěkný nový rok přeji. Řeším problém s nefunkčním internetem na stolním pc a domnívám se, že to způsobilo odstranění nějakého spyware. Počítač není schopný navázat spojení se službou DHCP, která nefunguje kvůli nějaké chybě NetBT.
Přikládám log a předem děkuji.


Logfile of random's system information tool 1.09 (written by random/random)
Run by PJ at 2012-01-01 20:01:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (27%) free of 142 GB
Total RAM: 3071 MB (84% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-220523388-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-220523388-725345543-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\PJ\Data aplikací\Mozilla\Firefox\Profiles\q5wyqtef.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"fe_7.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-02 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-02 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\PJ\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-10-30 136176]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-08-09 417112]
"uTorrent"=C:\Program Files\uTorrent 2\uTorrent.exe [2011-11-23 399736]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe

C:\Documents and Settings\PJ\Nabídka Start\Programy\Po spuštění
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-05-15 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\32829538.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\32829538.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\+ HRY\Battlefield\BFP4f.exe"="C:\+ HRY\Battlefield\BFP4f.exe:*:Enabled:BFP4f"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\+ HRY\World of Warcraft\BackgroundDownloader.exe"="C:\+ HRY\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\+ HRY\World of Warcraft\Launcher.exe"="C:\+ HRY\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\uTorrent 2\uTorrent.exe"="C:\Program Files\uTorrent 2\uTorrent.exe:*:Enabled:µTorrent"
"C:\+ HRY\S.T.A.L.K.E.R. -\bin\xrEngine.exe"="C:\+ HRY\S.T.A.L.K.E.R. -\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"C:\+ HRY\S.T.A.L.K.E.R. -\bin\dedicated\xrEngine.exe"="C:\+ HRY\S.T.A.L.K.E.R. -\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\+ HRY\Battlefield 2\BF2.exe"="C:\+ HRY\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\+ HRY\Bionic Commando Rearmed\bcr.exe"="C:\+ HRY\Bionic Commando Rearmed\bcr.exe:*:Enabled:Bionic Commando Rearmed"
"C:\Documents and Settings\PJ\Local Settings\Apps\2.0\QYBX6DLZ.E1X\R8LN59NC.05X\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\CurseClient.exe"="C:\Documents and Settings\PJ\Local Settings\Apps\2.0\QYBX6DLZ.E1X\R8LN59NC.05X\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\CurseClient.exe:*:Enabled:Curse Client 4.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\+ HRY\Combat Arms EU\CombatArms.exe"="C:\+ HRY\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\+ HRY\Combat Arms EU\Engine.exe"="C:\+ HRY\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=ctwdm32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2012-01-01 20:01:19 ----D---- C:\Program Files\trend micro
2012-01-01 20:01:18 ----D---- C:\rsit
2012-01-01 19:48:34 ----A---- C:\WINDOWS\system32\drivers\29764660.sys
2012-01-01 19:47:18 ----A---- C:\TDSSKiller.2.6.25.0_01.01.2012_19.47.18_log.txt
2012-01-01 14:17:17 ----D---- C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2011-12-31 15:58:15 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-12-31 15:58:14 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-12-31 15:58:12 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-12-31 15:58:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-12-31 15:58:11 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-12-31 15:58:11 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-12-31 15:58:11 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-12-31 15:58:10 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-12-31 15:57:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-12-31 15:57:27 ----A---- C:\WINDOWS\avastSS.scr
2011-12-31 13:18:49 ----A---- C:\WINDOWS\resetlog.txt
2011-12-31 12:58:33 ----D---- C:\WINDOWS\WBEM
2011-12-31 12:57:37 ----HDC---- C:\WINDOWS\ie8
2011-12-31 12:22:34 ----D---- C:\WINDOWS\CSC
2011-12-30 15:14:37 ----D---- C:\Program Files\AVAST Software
2011-12-29 23:15:44 ----D---- C:\Documents and Settings\PJ\Data aplikací\SUPERAntiSpyware.com
2011-12-29 23:13:30 ----D---- C:\Program Files\SUPERAntiSpyware
2011-12-29 23:13:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-12-29 19:19:35 ----D---- C:\Documents and Settings\PJ\Data aplikací\Nicalis
2011-12-29 17:23:47 ----A---- C:\Documents and Settings\All Users\Data aplikací\T5VwMux.dat
2011-12-29 09:30:05 ----D---- C:\WINDOWS\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2011-12-29 09:09:09 ----D---- C:\Program Files\Common Files\BioWare
2011-12-28 23:07:46 ----A---- C:\Documents and Settings\PJ\Data aplikací\Bastion v1.0r21.exe
2011-12-28 20:45:52 ----AH---- C:\WINDOWS\system32\HsInfo.dat
2011-12-28 20:28:33 ----D---- C:\Documents and Settings\PJ\Data aplikací\InstallShield Installation Information
2011-12-28 20:27:49 ----D---- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-12-28 19:08:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hi-Rez Studios
2011-12-28 14:00:19 ----D---- C:\Documents and Settings\PJ\Data aplikací\XRay Engine
2011-12-26 22:19:22 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-12-16 08:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-16 08:49:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-16 08:40:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-16 08:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-16 08:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-16 08:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2618444$
2011-12-16 08:40:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-16 08:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-13 00:06:20 ----D---- C:\Documents and Settings\PJ\Data aplikací\Trine2
2011-12-11 15:03:27 ----D---- C:\Downloads
2011-12-10 13:47:13 ----D---- C:\Documents and Settings\PJ\Data aplikací\Broken Rules
2011-12-10 13:47:07 ----A---- C:\WINDOWS\d3dx.dat
2011-12-09 15:07:17 ----D---- C:\Program Files\DocXV
2011-12-07 21:09:48 ----D---- C:\Documents and Settings\PJ\Data aplikací\Sony Online Entertainment
2011-12-07 19:09:57 ----D---- C:\Program Files\BandiMPEG1
2011-12-07 12:22:28 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-12-06 21:11:12 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-12-06 21:11:11 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-12-06 21:11:09 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-12-04 19:30:19 ----D---- C:\Program Files\SWF Opener

======List of files/folders modified in the last 1 month======

2012-01-01 20:01:25 ----D---- C:\WINDOWS\Prefetch
2012-01-01 20:01:19 ----RD---- C:\Program Files
2012-01-01 19:58:24 ----D---- C:\+DOWNLOAD
2012-01-01 19:48:34 ----D---- C:\WINDOWS\system32\drivers
2012-01-01 19:46:32 ----D---- C:\Documents and Settings\PJ\Data aplikací\uTorrent
2012-01-01 19:14:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-01 19:08:29 ----D---- C:\WINDOWS\Temp
2012-01-01 18:53:54 ----A---- C:\errlgr.txt
2012-01-01 18:50:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-01 18:25:31 ----D---- C:\WINDOWS
2012-01-01 14:17:41 ----D---- C:\WINDOWS\system32\DirectX
2012-01-01 14:17:40 ----HD---- C:\WINDOWS\inf
2012-01-01 14:17:17 ----SHD---- C:\WINDOWS\Installer
2012-01-01 14:16:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-01-01 14:16:37 ----D---- C:\WINDOWS\system32
2012-01-01 14:15:08 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-01 14:14:51 ----D---- C:\+ HRY
2012-01-01 13:35:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-01-01 13:31:04 ----D---- C:\WINDOWS\system32\drivers\etc
2012-01-01 13:30:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-01-01 13:24:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-31 18:57:23 ----D---- C:\WINDOWS\WinSxS
2011-12-31 18:57:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-12-31 18:57:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-31 18:32:52 ----SD---- C:\WINDOWS\Tasks
2011-12-31 18:25:42 ----D---- C:\WINDOWS\network diagnostic
2011-12-31 17:52:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-12-31 15:57:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-12-31 13:09:36 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-31 13:09:31 ----D---- C:\Program Files\Internet Explorer
2011-12-31 13:09:30 ----D---- C:\WINDOWS\Help
2011-12-31 13:00:46 ----D---- C:\Documents and Settings\PJ\Data aplikací\DAEMON Tools Lite
2011-12-31 12:58:35 ----D---- C:\WINDOWS\system32\config
2011-12-31 12:58:28 ----RD---- C:\WINDOWS\Offline Web Pages
2011-12-31 12:58:28 ----D---- C:\WINDOWS\Media
2011-12-31 12:29:44 ----A---- C:\WINDOWS\system32\userinit.exe
2011-12-30 19:08:39 ----D---- C:\Program Files\FreeRapid-0.86u1
2011-12-30 13:40:09 ----RSD---- C:\WINDOWS\assembly
2011-12-30 13:37:10 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-30 13:25:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-30 13:21:33 ----D---- C:\WINDOWS\Logs
2011-12-30 10:57:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-12-29 16:49:15 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-12-29 16:26:03 ----D---- C:\+DOWNLOAD UNFINISHED
2011-12-29 14:26:45 ----D---- C:\Documents and Settings\PJ\Data aplikací\vlc
2011-12-29 09:09:09 ----D---- C:\Program Files\Common Files
2011-12-28 20:32:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-12-28 20:32:17 ----RSH---- C:\boot.ini
2011-12-28 19:10:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-12-28 19:08:40 ----D---- C:\Documents and Settings
2011-12-28 10:15:28 ----D---- C:\Program Files\AGEIA Technologies
2011-12-23 00:29:55 ----SD---- C:\Documents and Settings\PJ\Data aplikací\Microsoft
2011-12-16 08:50:27 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-16 08:40:38 ----D---- C:\WINDOWS\Debug
2011-12-16 08:40:34 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-16 08:40:20 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-14 22:23:20 ----D---- C:\Documents and Settings\PJ\Data aplikací\BSplayer
2011-12-12 15:50:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\NexonEU
2011-12-10 13:43:03 ----HD---- C:\WINDOWS\msdownld.tmp
2011-12-06 21:11:27 ----D---- C:\WINDOWS\RegisteredPackages
2011-12-03 21:24:11 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iteraid;ITERAID_Service_Install; C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-02-25 24827]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2007-08-29 116264]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2007-08-29 19240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-30 232512]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-15 4069888]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S0 32829538;32829538; C:\WINDOWS\system32\drivers\29764660.sys [2012-01-01 94896]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 uwtdapob;uwtdapob; \??\C:\DOCUME~1\PJ\LOCALS~1\Temp\uwtdapob.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-15 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-10-30 75136]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 AMService;AMService; C:\WINDOWS\TEMP\kdlyvl\setup.exe [2011-12-29 41472]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-02 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny vecer preji

Poprosim o tento log TDSSKiller.2.6.25.0_01.01.2012_19.47.18_log.txt

[Frisbeeman]

Tak se omlouvám za planý poplach, vyřešeno obnovením systému. Prosím o smazání.

[vyosek]

No jak chcete, ja bych to jeste proveril, pac haveti tam bylo dost. Pokud chcete, dejte novy log z RSIT