Preventivka + problém

[Jenda66]

Dobrý večer,
dlouho jsem tu nebyl, tak bych se nedivil, kdyby se v počítači našlo plno problémů, které jsem ještě sám nezjistil. Co se mého pozorování týče, tak mi připadá, že je počítač pomalejší, než dříve a ještě mě nějak zlobí síťové připojení. Když použiju funkci Opravit (připojení sítě ), tak se mi to zasekne na Mazání mezipaměti ARP.. resp. mi to napíše, že systém Windows nemohl dokončit opravu, protože mu nešla vyčistit ona mezipaměť. Zasílám log z RSIT a budu se modlit k Vám mocným, kteří se v oněch řádcích vyznáte!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jenda at 2012-10-10 20:51:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 318 GB (67%) free of 476 GB
Total RAM: 3036 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52:07, on 10.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\LSI SoftModem\agrsmsvc.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\Program Files\Alwil Software\Avast5\avastUI.exe
E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
E:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\WINDOWS\System32\svchost.exe
E:\Documents and Settings\Jenda\Plocha\Stažené\RSIT.exe
E:\Program Files\trend micro\Jenda.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast5] "E:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QlbCtrl.exe] E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Samsung PanelMgr] E:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - E:\Documents and Settings\Jenda\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - E:\Program Files\QIP\qip.exe (HKCU)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\CommonFiles\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - E:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - E:\Program Files\Sony\Sony PC Companion\PCCService.exe
O24 - Desktop Component 0: (no name) - file:///E:/DOCUME~1/Jenda/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 7300 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - E:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\280igl9w.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, illimitux@illimitux.net:4.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=E:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"wrc@avast.com"=E:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=E:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=e:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

E:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

E:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
npImagine.dll
nppdf32.dll

E:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

E:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\280igl9w.default\extensions\
illimitux@illimitux.net
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre7\bin\ssv.dll [2012-05-09 453064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - E:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-09 157640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=E:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-01-16 1044480]
"avast5"=E:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-08-21 4282728]
"QlbCtrl.exe"=E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"Samsung PanelMgr"=E:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2011-07-06 688128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
E:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2011-07-06 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
E:\Program Files\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
E:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-03-10 506936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\Skype\Plugin Manager\skypePM.exe"="E:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Documents and Settings\Jenda\Plocha\Warcraft 3 CZ 1.24c + Battle.net + Addony\Warcraft III\Warcraft III.exe"="E:\Documents and Settings\Jenda\Plocha\Warcraft 3 CZ 1.24c + Battle.net + Addony\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"E:\Program Files\commonfiles\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\commonfiles\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="E:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"E:\Program Files\QIP 2010\qip.exe"="E:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"E:\Program Files\QIP Infium\infium.exe"="E:\Program Files\QIP Infium\infium.exe:*:Disabled:QIP Infium"
"E:\Program Files\cacaoweb\cacaoweb.exe"="E:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb"
"E:\Documents and Settings\Jenda\Plocha\aoe2\empires2.exe"="E:\Documents and Settings\Jenda\Plocha\aoe2\empires2.exe:*:Enabled:Age of Empires II"
"E:\Documents and Settings\Jenda\Plocha\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="E:\Documents and Settings\Jenda\Plocha\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"E:\WINDOWS\system32\dplaysvr.exe"="E:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\Program Files\TmNationsForever\TmForever.exe"="E:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\Samsung\Samsung Universal Scan Driver\USDAgent.exe"="E:\Program Files\Samsung\Samsung Universal Scan Driver\USDAgent.exe:*:Enabled:USDAgent"
"E:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe"="E:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe:*:Enabled:ICCUpdater"
"E:\Documents and Settings\Jenda\Plocha\Games\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="E:\Documents and Settings\Jenda\Plocha\Games\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"E:\Documents and Settings\Jenda\Plocha\Jazz2\Jazz2.exe"="E:\Documents and Settings\Jenda\Plocha\Jazz2\Jazz2.exe:*:Enabled:Jazz Jackrabbit 2"
"E:\Documents and Settings\Jenda\Plocha\Games\Microsoft Games\Age of Empires II\empires2.exe"="E:\Documents and Settings\Jenda\Plocha\Games\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"E:\Program Files\Valve\hl.exe"="E:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Program Files\EA Sports\NHL 09\nhl2009.exe"="E:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"E:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Documents and Settings\Jenda\Local Settings\temp\Keygen.exe"="E:\Documents and Settings\Jenda\Local Settings\temp\Keygen.exe:*:Enabled:Keygen"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe"="E:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online"
"E:\Documents and Settings\Jenda\Local Settings\Data aplikací\Microsoft\Age of Empires Online\Spartan.exe"="E:\Documents and Settings\Jenda\Local Settings\Data aplikací\Microsoft\Age of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online"
"E:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="E:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"E:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="E:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-10-10 20:51:52 ----D---- E:\rsit
2012-10-10 20:44:24 ----D---- E:\Program Files\Marvell
2012-09-27 23:24:25 ----A---- E:\WINDOWS\AutoKMS.exe
2012-09-21 18:42:58 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2012-09-13 16:45:10 ----A---- E:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt

======List of files/folders modified in the last 1 month======

2012-10-10 20:52:01 ----D---- E:\WINDOWS\Prefetch
2012-10-10 20:51:57 ----D---- E:\Program Files\trend micro
2012-10-10 20:50:50 ----D---- E:\WINDOWS\system32
2012-10-10 20:50:50 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2012-10-10 20:49:16 ----D---- E:\WINDOWS\system32\CatRoot2
2012-10-10 20:47:24 ----D---- E:\WINDOWS\Temp
2012-10-10 20:47:15 ----D---- E:\WINDOWS
2012-10-10 20:47:02 ----D---- E:\WINDOWS\system32\ias
2012-10-10 20:45:08 ----A---- E:\WINDOWS\SchedLgU.Txt
2012-10-10 20:44:43 ----D---- E:\WINDOWS\system32\ReinstallBackups
2012-10-10 20:44:43 ----D---- E:\WINDOWS\system32\drivers
2012-10-10 20:44:41 ----HD---- E:\WINDOWS\inf
2012-10-10 20:44:24 ----RD---- E:\Program Files
2012-10-09 18:27:56 ----D---- E:\Program Files\Mozilla Firefox
2012-10-09 14:33:18 ----D---- E:\Documents and Settings\Jenda\Data aplikací\Winamp
2012-10-09 14:33:14 ----D---- E:\Documents and Settings\Jenda\Data aplikací\uTorrent
2012-10-09 14:14:39 ----D---- E:\Program Files\Opera
2012-10-08 01:18:32 ----A---- E:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2012-10-06 12:01:14 ----A---- E:\WINDOWS\NeroDigital.ini
2012-09-21 18:41:20 ----D---- E:\Documents and Settings\All Users\Data aplikací\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; E:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 SFAUDIO;Sonic Focus DSP Driver; E:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2010-08-14 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; E:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; E:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; E:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; E:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-01-16 339456]
R3 AEAudio;AE Audio Service; E:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; E:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; E:\WINDOWS\system32\DRIVERS\btport.sys [2009-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; E:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-01-14 991656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; E:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 16768]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; E:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; E:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-07-17 297728]
S1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\E:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\E:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; E:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-10-29 1204128]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; E:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-08-26 1735296]
S3 btaudio;Zvukové zařízení Bluetooth; E:\WINDOWS\system32\drivers\btaudio.sys [2009-01-14 534568]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; E:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-01-14 156816]
S3 btwhid;btwhid; E:\WINDOWS\system32\DRIVERS\btwhid.sys [2009-01-14 57384]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; E:\WINDOWS\System32\Drivers\btwusb.sys [2009-01-14 47272]
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\E:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usb_rndisx;Adaptér USB RNDIS; E:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); E:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WinUSB;Sony sa0102 ADB Interface; E:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-08-08 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; E:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-08-21 44808]
R2 btwdins;Bluetooth Service; E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-12-11 346720]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2010-04-25 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2011-11-01 214520]
R2 wlidsvc;Windows Live ID Sign-in Assistant; E:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 yksvc;Marvell Yukon Service; E:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 Com4QLBEx;Com4QLBEx; E:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; E:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; e:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-09 129976]
S3 ose;Office Source Engine; E:\Program Files\CommonFiles\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\CommonFiles\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 Sony PC Companion;Sony PC Companion; E:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Jenda66]

Zdravím, nezlobte se, že ještě otravuji, ale nekouknul by někdo na ten log? Předem děkuji.

[Jenda66]

Zdravím, nemám svůj log posunout do jiné sekce?

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Spustte MiniTool dle kolegy

daj spustit tento program
http://www.bleepingcomputer.com/downloa ... box/dl/65/

Spustit>.zafajknut.
1:Report IEPROXY
2:Report FFPROXY
3:List comtent OFF HOSTS
4:List IP CONFIGURATION
5:LIST WINSOCK...
6:List Last 10 EvENTS..
7:Only problems
8:Klik GO a log nech ti da do fora.

[Jenda66]

AdwCleaner
# AdwCleaner v2.004 - Logfile created 10/12/2012 at 00:13:30
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jenda - NOTEBOOK
# Boot Mode : Normal
# Running from : E:\Documents and Settings\Jenda\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : E:\Documents and Settings\Jenda\Data aplikací\cacaoweb

***** [Registry] *****

Key Found : HKCU\Software\cacaoweb
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1220945662-1060284298-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1220945662-1060284298-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry is clean.

-\\ Opera v12.2.1578.0

File : E:\Documents and Settings\Jenda\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1798 octets] - [12/10/2012 00:13:30]

########## EOF - E:\AdwCleaner[R1].txt - [1858 octets] ##########

[Jenda66]

RogueKiller:

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jenda [Práva správce]
Mód : Kontrola -- Datum : 10/12/2012 00:15:42

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_POWER] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[IRP_MJ_PNP] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E09B40)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E07864)

¤¤¤ Soubor HOSTS: ¤¤¤
--> E:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-60ZAT1 +++++
--- User ---
[MBR] f861baf1f9aa80f8abda1180efc87d9c
[BSP] fd5599e0d3c09c5bc4e88f5d59a5d226 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 909 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1863540 | Size: 476019 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

[Jenda66]

MiniTool

MiniToolBox by Farbar Version: 23-07-2012
Ran by Jenda (administrator) on 12-10-2012 at 00:18:57
Systém Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 2
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8072 PCI-E Gigabit Ethernet Controller = Připojení k místní síti 4 (Disconnected)
Síťový adaptér Broadcom 802.11b/g = Bezdrátové připojení k síti (Connected)


# ----------------------------------
#Konfigurace rozhranˇ protokolu IP
# ----------------------------------
pushd interface ip


# Konfigurace protokolu IP rozhranˇ pro "Bezdr tov‚ pýipojenˇ k sˇti"

set address name="Bezdr tov‚ pýipojenˇ k sˇti" source=dhcp
set dns name="Bezdr tov‚ pýipojenˇ k sˇti" source=static addr=8.8.8.8 register=PRIMARY
set wins name="Bezdr tov‚ pýipojenˇ k sˇti" source=dhcp


popd
# Konec konfigurace protokolu IP rozhranˇ




Konfigurace protokolu IP systému Windows



Název hostitele . . . . . . . . . : notebook

Primární přípona DNS. . . . . . . :

Typ uzlu . . . . . . . . . . . . : neznámý

Povoleno směrování IP . . . . . . : Ano

WINS Proxy povoleno . . . . . . . : Ano



Adaptér sítě Ethernet Bezdrátové připojení k síti:



Přípona DNS podle připojení . . . :

Popis . . . . . . . . . . . . . . : Síťový adaptér Broadcom 802.11b/g

Fyzická Adresa. . . . . . . . . . : 00-26-5E-70-5B-11

Protokol DHCP povolen . . . . . . : Ano

Automatická konfigurace povolena : Ano

Adresa IP . . . . . . . . . . . . : 10.0.0.3

Maska podsítě . . . . . . . . . . : 255.255.255.0

Výchozí brána . . . . . . . . . . : 10.0.0.138

Server DHCP . . . . . . . . . . . : 10.0.0.138

Servery DNS . . . . . . . . . . . : 8.8.8.8

Zapůjčeno . . . . . . . . . . . . : 11. října 2012 22:39:11

Zápůjčka vyprší . . . . . . . . . : 14. října 2012 22:39:11

Server: google-public-dns-a.google.com
Address: 8.8.8.8

N˙zev: google.com
Addresses: 173.194.70.100, 173.194.70.139, 173.194.70.138, 173.194.70.113
173.194.70.101, 173.194.70.102



Pýˇkaz PING na google.com [173.194.70.100] s d‚lkou 32 bajt…:



OdpovŘÔ od 173.194.70.100: bajty=32 źas=50ms TTL=49

OdpovŘÔ od 173.194.70.100: bajty=32 źas=48ms TTL=49



Statistika ping pro 173.194.70.100:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 48ms, Maximum = 50ms, Pr…mŘr = 49ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

N˙zev: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 72.30.38.140



Pýˇkaz PING na yahoo.com [98.139.183.24] s d‚lkou 32 bajt…:



OdpovŘÔ od 98.139.183.24: bajty=32 źas=303ms TTL=44

OdpovŘÔ od 98.139.183.24: bajty=32 źas=380ms TTL=45



Statistika ping pro 98.139.183.24:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 303ms, Maximum = 380ms, Pr…mŘr = 341ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

N˙zev: bleepingcomputer.com
Address: 208.43.87.2



Pýˇkaz PING na bleepingcomputer.com [208.43.87.2] s d‚lkou 32 bajt…:



OdpovŘÔ od 208.43.87.2: Cˇlově hostitel nenˇ dostupně.

OdpovŘÔ od 208.43.87.2: Cˇlově hostitel nenˇ dostupně.



Statistika ping pro 208.43.87.2:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms



Pýˇkaz PING na 127.0.0.1 s d‚lkou 32 bajt…:



OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128



Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================
Seznam rozhranˇ
0x1 ........................... MS TCP Loopback interface
0x20002 ...00 26 5e 70 5b 11 ...... Síťový adaptér Broadcom 802.11b/g - Packet Scheduler Miniport
===========================================================================
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov  maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.3 25
10.0.0.0 255.255.255.0 10.0.0.3 10.0.0.3 25
10.0.0.3 255.255.255.255 127.0.0.1 127.0.0.1 25
10.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.3 10.0.0.3 25
255.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 1
Věchozˇ br na: 10.0.0.138
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 E:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 E:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 E:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 E:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 E:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 19 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 20 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 21 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 22 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 23 E:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/21/2012 11:36:44 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/21/2012 08:54:25 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/21/2012 01:18:28 PM) (Source: Application Error) (User: )
Description: Chybující aplikace avastui.exe, verze 7.0.1466.549, chybující modul ntdll.dll, verze 5.1.2600.5755, adresa chyby 0x00010717.
Zpracování události, specifické pro médium ([avastui.exe!ws!])

Error: (09/19/2012 05:08:44 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/19/2012 04:19:42 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/19/2012 00:22:23 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/18/2012 08:30:10 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/17/2012 10:52:05 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/16/2012 00:44:01 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/13/2012 06:22:05 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace Word Manager.exe, verze 1.1.0.280, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


System errors:
=============
Error: (10/11/2012 09:00:48 PM) (Source: BROWSER) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{5C1F4F05-26FA-4DD2-BA71-27D6DC8D7789} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (10/11/2012 08:58:21 PM) (Source: Service Control Manager) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/11/2012 08:58:21 PM) (Source: Service Control Manager) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/11/2012 08:58:07 PM) (Source: Dhcp) (User: )
Description: Zapůjčení adresy IP 192.168.2.4 pro síťovou kartu s adresou 00265E705B11 byla
serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (10/11/2012 01:54:47 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverHPIDANetBT_Tcpip_{C606A617-B4E4-492D-9F3

Error: (10/11/2012 11:20:37 AM) (Source: Service Control Manager) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/11/2012 11:20:37 AM) (Source: Service Control Manager) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/11/2012 10:34:06 AM) (Source: Service Control Manager) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/11/2012 10:34:06 AM) (Source: Service Control Manager) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/10/2012 09:57:28 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverHPIDANetBT_Tcpip_{C606A617-B4E4-492D-9F3


Microsoft Office Sessions:
=========================
Error: (11/22/2011 11:01:46 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.1014360

Error: (10/02/2011 00:54:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.101450


**** End of log ****

A děkuji, že jste se mě ujmul!

[vyosek]

Mate tam aktualni ovladace pro sitovou kartu?

[Jenda66]

No, teď jsem stáhnul nejnovější ovladač na síťovou kartu. Ale na Wifi se mi nedaří najít novější, takže asi i zde mám aktuální. Jinak jste žádný problém nenašel?

[vyosek]

Wifi je OK, sitova karta jiz funguje nebo jsou stale problemy s pripojenim

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Jenda66]

No, on není problém se samotným připojením. To všechno jde, jak má. Pouze mě trápí, že když použiju funkci 'Opravit', tak se ten proces zasekne na Mazání paměti ARP. Zasílám log. Jinak jste žádné další problémy nenašel?

# AdwCleaner v2.004 - Logfile created 10/13/2012 at 22:43:11
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jenda - NOTEBOOK
# Boot Mode : Normal
# Running from : E:\Documents and Settings\Jenda\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : E:\Documents and Settings\Jenda\Data aplikací\cacaoweb

***** [Registry] *****

Key Found : HKCU\Software\cacaoweb
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-1220945662-1060284298-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1220945662-1060284298-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry is clean.

-\\ Opera v12.2.1578.0

File : E:\Documents and Settings\Jenda\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1927 octets] - [12/10/2012 00:13:30]
AdwCleaner[R2].txt - [1858 octets] - [13/10/2012 22:43:11]

########## EOF - E:\AdwCleaner[R2].txt - [1918 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Jenda66]

Á, pardon. Teď už by to mělo být ono.

# AdwCleaner v2.004 - Logfile created 10/14/2012 at 13:49:50
# Updated 06/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jenda - NOTEBOOK
# Boot Mode : Normal
# Running from : E:\Documents and Settings\Jenda\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : E:\Documents and Settings\Jenda\Data aplikací\cacaoweb

***** [Registry] *****

Key Deleted : HKCU\Software\cacaoweb
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry is clean.

-\\ Opera v12.2.1578.0

File : E:\Documents and Settings\Jenda\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1927 octets] - [12/10/2012 00:13:30]
AdwCleaner[R2].txt - [1987 octets] - [13/10/2012 22:43:11]
AdwCleaner[S1].txt - [1634 octets] - [14/10/2012 13:49:50]

########## EOF - E:\AdwCleaner[S1].txt - [1694 octets] ##########

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Jenda66]

Zasílám Combofix. A ještě jednou děkuji za veškerou pomoc!

ComboFix 12-10-14.03 - Jenda 14.10.2012 20:30:36.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3036.2176 [GMT 2:00]
Spuštěný z: e:\documents and settings\Jenda\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\windows\pkunzip.pif
e:\windows\pkzip.pif
e:\windows\system32\AegisI5Installer.exe
e:\windows\system32\scrnrdr.exe
e:\windows\system32\VIRepair
e:\windows\system32\VIRepair\RESHAC~1.ini
e:\windows\system32\VIRepair\RESHAC~1.log
e:\windows\system32\VIRepair\vi.sif
e:\windows\ydi.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-14 do 2012-10-14 )))))))))))))))))))))))))))))))
.
.
2012-10-10 18:51 . 2012-10-10 18:52 -------- d-----w- E:\rsit
2012-10-10 18:44 . 2012-10-10 18:44 -------- d-----w- e:\program files\Marvell
2012-09-27 21:24 . 2012-09-27 21:24 446258 ----a-w- e:\windows\AutoKMS.exe
2012-09-21 16:42 . 2012-09-21 16:42 696240 ----a-w- e:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 16:42 . 2011-10-04 15:54 73136 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 12:18 . 2012-08-28 12:18 286720 ----a-w- e:\windows\system32\swb_uninst.exe
2012-08-21 09:13 . 2011-06-24 08:57 729752 ----a-w- e:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2009-08-25 11:49 54232 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2009-08-25 11:48 355632 ----a-w- e:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2009-08-25 11:49 35928 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2009-08-25 11:48 97608 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2009-08-25 11:48 89624 ----a-w- e:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2009-08-25 11:49 25256 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:13 . 2009-08-25 11:48 21256 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-10-13 07:44 41224 ----a-w- e:\windows\avastSS.scr
2012-08-21 09:12 . 2009-08-25 11:48 227648 ----a-w- e:\windows\system32\aswBoot.exe
2012-08-13 20:47 . 2012-08-13 20:47 796672 ----a-w- e:\windows\GPInstall.exe
2012-07-27 11:29 . 2009-08-18 09:30 564632 ----a-w- e:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2012-07-27 11:29 . 2009-08-18 09:24 19720 ----a-w- e:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2005-03-31 20:17 . 2009-09-30 18:22 40960 ----a-w- e:\program files\Uninstall_CDS.exe
2012-07-09 19:14 . 2011-06-24 18:14 97208 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- e:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="e:\program files\Analog Devices\Core\smax4pnp.exe" [2009-01-16 1044480]
"QlbCtrl.exe"="e:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"Samsung PanelMgr"="e:\windows\Samsung\PanelMgr\SSMMgr.exe" [2011-07-06 688128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2011-07-06 11:24 688128 ----a-w- e:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-03-10 11:44 506936 ----a-w- e:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\QIP\\qip.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\WINDOWS\\system32\\dplaysvr.exe"=
"e:\\Program Files\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Program Files\\Samsung\\Samsung Universal Scan Driver\\USDAgent.exe"=
"e:\\Program Files\\Samsung\\Samsung Universal Scan Driver\\ICCUpdater.exe"=
"e:\\Documents and Settings\\Jenda\\Plocha\\Games\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"e:\\Documents and Settings\\Jenda\\Plocha\\Games\\Microsoft Games\\Age of Empires II\\empires2.exe"=
"e:\\Program Files\\Valve\\hl.exe"=
"e:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"e:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Games\\Age of Empires Online\\Spartan.exe"=
"e:\\Documents and Settings\\Jenda\\Local Settings\\Data aplikací\\Microsoft\\Age of Empires Online\\Spartan.exe"=
"e:\\Program Files\\Ubisoft\\IL-2 Sturmovik 1946\\il2fb.exe"=
"e:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"e:\\Documents and Settings\\Jenda\\Plocha\\COD 2\\CoD2MP_s.exe"=
.
R0 SFAUDIO;Sonic Focus DSP Driver;e:\windows\system32\drivers\sfaudio.sys [28.3.2008 11:14 24064]
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [19.9.2009 20:10 691696]
R1 aswSnx;aswSnx;e:\windows\system32\drivers\aswSnx.sys [24.6.2011 10:57 729752]
R1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [25.8.2009 13:48 355632]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [25.8.2009 13:48 21256]
R3 Com4QLBEx;Com4QLBEx;e:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [21.9.2011 23:15 227896]
R3 osppsvc;Office Software Protection Platform;e:\program files\commonfiles\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S2 SSPORT;SSPORT;\??\e:\windows\system32\Drivers\SSPORT.sys --> e:\windows\system32\Drivers\SSPORT.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;e:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service;e:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.7.2012 21:14 129976]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;e:\windows\system32\drivers\nmwcdnsu.sys [13.6.2010 16:52 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;e:\windows\system32\drivers\nmwcdnsuc.sys [13.6.2010 16:52 8320]
S3 Sony PC Companion;Sony PC Companion;e:\program files\Sony\Sony PC Companion\PCCService.exe [24.3.2012 19:48 155320]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-14 e:\windows\Tasks\avast! Emergency Update.job
- e:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-09 09:12]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - e:\documents and settings\Jenda\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - e:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat do zařízení &Bluetooth... - e:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - e:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{5C1F4F05-26FA-4DD2-BA71-27D6DC8D7789}: NameServer = 8.8.8.8
FF - ProfilePath - e:\documents and settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\280igl9w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: !HIDDEN! 2009-09-01 17:09; {20a82645-c095-46ed-80e3-08825760534b}; e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Steam - e:\program files\Steam\Steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-14 20:38
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1220945662-1060284298-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b9,b0,95,6a,dd,7f,4e,03,c5,09,36,ff,ca,4c,3d,92,5b,4f,1f,44,90,9d,64,
1c,e0,a1,7e,24,64,b1,15,60,37,73,18,65,7f,cc,4c,a8,5d,ee,ab,2b,d5,cf,b4,82,\
"??"=hex:a9,c9,c2,79,62,ad,27,57,e4,14,6d,55,b5,7b,ea,02
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
e:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-10-14 20:41:04
ComboFix-quarantined-files.txt 2012-10-14 18:41
.
Před spuštěním: Volných bajtů: 323 341 557 760
Po spuštění: Volných bajtů: 323 293 835 264
.
- - End Of File - - 88346BCD08C507EE417E9BF687E4581A