znacka v rohu obrazu - prosim o kontrolu RSIT logu

[wolfixis]

Zdravim

mam nejaky znak (vypada jako zeleny znak svislítko) v hornim levem rohu obrazu.
Nesetkal se stim nekdo ?

[Unlimited_Killer]

Je to jen jeden znak?
A když nad něj najedete myší, je myš 'pod' ním, nebo 'nad' ním?

[wolfixis]

Tvari se ze je na plose jako mysi ho zakryju.

projizdej jsem to Norman Malware Cleaner kterej nasel a smazal nekolik svini / znak zmizel.

jeste poslu radsi log z RSIT

-----------------------------------------------------------------------------
Norman Malware Cleaner
Version 1.6.2
Copyright © 1990 - 2009, Norman ASA. Built 2009/12/18 10:05:47

Norman Scanner Engine Version: 6.04.03
Nvcbin.def Version: 6.04.00, Date: 2009/12/18 10:05:47, Variants: 4605872

Scan started: 18/12/2009 21:24:07

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 3
Logged on user: WOLFI\wolf

Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000
Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000
Set registry value: HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify = 0x00000001 -> 0x00000000
Set registry value: HKLM\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify = 0x00000001 -> 0x00000000
Set registry value: HKLM\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify = 0x00000001 -> 0x00000000

Scanning bootsectors...

Number of sectors found: 0
Number of sectors scanned: 0
Number of sectors not scanned: 0
Number of infections found: 0
Number of infections removed: 0
Total scanning time: 0s


Scanning running processes and process memory...

D:\WINDOWS\system32\DRIVERS\ithsgt.sys (Infected with W32/Vundo.FTH)
Removed driver: ithsgt
Deleted file

D:\WINDOWS\system32\DRIVERS\lilsgt.sys (Infected with W32/Vundo.FTI)
Removed driver: lilsgt
Deleted file

Number of processes/threads found: 5026
Number of processes/threads scanned: 5026
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 3m 22s


Scanning file system...

Scanning: prescan

Scanning: C:\*.*

Scanning: D:\*.*


D:\Documents and Settings\Administrator\Plocha\p910i\Ir Remote Full\Ir Remote Full.zip/keygen.exe (Infected with W32/Obfuscated.BR!genr)
Deleted file

D:\WINDOWS\system32\BASSMOD.dll (Infected with Malware.JVTB)
Deleted file

Scanning: E:\*.*


Running post-scan cleanup routine:

Aborted by user
Number of files found: 791458
Number of archives unpacked: 3028
Number of files scanned: 791437
Number of files not scanned: 21
Number of files skipped due to exclude list: 0
Number of infected files found: 5
Number of infected files repaired/deleted: 5
Number of infections removed: 5
Total scanning time: 4h 8m 50s

[wolfixis]

Logfile of random's system information tool 1.06 (written by random/random)
Run by wolf at 2009-12-20 16:54:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 9 GB (29%) free of 31 GB
Total RAM: 1024 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:59, on 20.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\TortoiseSVN\bin\TSVNCache.exe
D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
D:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
D:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\CTHELPER.EXE
D:\Program Files\WinFast\WFDTV\DTVSchdl.exe
D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\QuickTime\QTTask.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\WinFast\WFDTV\WFWIZ.exe
D:\Program Files\Free Download Manager\fdm.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
D:\Documents and Settings\wolf\Local Settings\Data aplikací\Google\Update\1.2.183.13\GoogleCrashHandler.exe
D:\WINDOWS\system32\CTsvcCDA.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\lkads.exe
D:\WINDOWS\system32\lktsrv.exe
D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
D:\WINDOWS\system32\nisvcloc.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\System32\PAStiSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
D:\Program Files\VideoLAN\VLC\vlc.exe
D:\WINDOWS\NOTEPAD.EXE
E:\download firefox\RSIT.exe
E:\download firefox\wolf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WinFastDTV] D:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MagUninstall] "D:\Program Files\Ashampoo\Ashampoo Magical UnInstall\MagicalUnInstall.exe"
O4 - HKLM\..\Run: [OM2_Monitor] "D:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [NI Background Service] D:\Program Files\National Instruments\Shared\Update Service\BackgroundService.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [Free Download Manager] D:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\wolf\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [OM2_Monitor] "D:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [AtiTrayTools] "D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKUS\S-1-5-21-1614895754-484061587-725345543-1007\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'mamka')
O4 - HKUS\S-1-5-21-1614895754-484061587-725345543-1007\..\Run: [OM2_Monitor] "D:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" (User 'mamka')
O4 - HKUS\S-1-5-21-1614895754-484061587-725345543-500\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1614895754-484061587-725345543-1007 Startup: MultiRes (User 'mamka')
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://D:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://D:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://D:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://D:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7225301968
O16 - DPF: {6E49B4EF-9FE5-44DF-8D04-445AA94F83DB} (Sony Network Camera Viewer Control) -
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/on ... /fscax.cab
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://stipanet.avonet.cz:444/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BF6D4F3-C15C-4BE7-8F88-D3F3F1788AEF}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVerRemote - AVerMedia - D:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - D:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kattcet_ - Sun Microsystems, Inc. - (no file)
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - D:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - D:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - D:\WINDOWS\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - D:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - D:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: STI Simulator - Unknown owner - D:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe (file missing)

--
End of file - 13771 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-484061587-725345543-1008Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-484061587-725345543-1008UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre6\bin\ssv.dll [2008-10-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - D:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - D:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-04-30 218160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2008-10-24 136600]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"WINDVDPatch"=D:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=D:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=D:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"WinFastDTV"=D:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2008-07-11 90112]
"ArcSoft Connection Service"=D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MagUninstall"=D:\Program Files\Ashampoo\Ashampoo Magical UnInstall\MagicalUnInstall.exe [2007-11-02 1743712]
"OM2_Monitor"=D:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]
"NI Background Service"=D:\Program Files\National Instruments\Shared\Update Service\BackgroundService.exe [2008-04-03 77824]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WinFast Schedule"=D:\Program Files\WinFast\WFDTV\WFWIZ.exe [2008-06-20 2887680]
"Free Download Manager"=D:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"Google Update"=D:\Documents and Settings\wolf\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-04-22 133104]
"SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"OM2_Monitor"=D:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]
"eyeBeam SIP Client"= []
"AtiTrayTools"=D:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2007-08-27 517120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\ICQ6\ICQ.exe"="D:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\UltraVnc\vncviewer.exe"="D:\Program Files\UltraVnc\vncviewer.exe:*:Enabled:vncviewer.exe"
"E:\Hry\steam\steamapps\common\oddworld abes exoddus demo\Exoddus.exe"="E:\Hry\steam\steamapps\common\oddworld abes exoddus demo\Exoddus.exe:*:Enabled:Oddworld: Abe's Exoddus Demo"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\ICQ6.5\ICQ.exe"="D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5bc479de-7503-11dd-845a-000c6e6ea0f6}]
shell\AutoRun\command - H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81ecf024-266d-11dd-8470-005056c00008}]
shell\AutoRun\command - H:\setup.exe


======File associations======

.js - open - "D:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.txt - open - "%WinDir%\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 months======

2009-12-20 16:54:13 ----D---- D:\rsit
2009-12-18 21:18:41 ----A---- D:\WINDOWS\{00000000-00000000-0000000E-00001102-00000002-80261102}.BAK
2009-12-11 12:02:37 ----D---- D:\Program Files\QuickTime
2009-12-11 09:03:28 ----D---- D:\WINDOWS\system32\Adobe
2009-12-07 22:21:52 ----D---- D:\Documents and Settings\wolf\Data aplikací\vlc
2009-12-04 23:49:31 ----D---- D:\Documents and Settings\wolf\Data aplikací\KompoZer

======List of files/folders modified in the last 1 months======

2009-12-20 16:54:11 ----D---- D:\WINDOWS\Prefetch
2009-12-20 16:53:45 ----D---- D:\Documents and Settings\wolf\Data aplikací\Free Download Manager
2009-12-20 16:42:17 ----SHD---- D:\WINDOWS\Installer
2009-12-20 16:17:58 ----D---- D:\WINDOWS\Temp
2009-12-20 16:12:44 ----D---- D:\Program Files\Mozilla Firefox
2009-12-19 02:25:46 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-12-19 02:04:07 ----D---- D:\Program Files\Mozilla Thunderbird
2009-12-19 01:41:00 ----D---- D:\Program Files\Spybot - Search & Destroy
2009-12-19 00:27:12 ----D---- D:\WINDOWS\system32
2009-12-18 21:32:30 ----SHD---- D:\System Volume Information
2009-12-18 21:27:30 ----D---- D:\WINDOWS\system32\drivers
2009-12-18 21:19:05 ----D---- D:\WINDOWS
2009-12-18 21:18:49 ----D---- D:\WINDOWS\system32\LogFiles
2009-12-18 21:04:38 ----D---- D:\WINDOWS\Debug
2009-12-18 20:32:22 ----AD---- D:\xampp
2009-12-18 20:00:14 ----D---- D:\Documents and Settings\wolf\Data aplikací\gtk-2.0
2009-12-18 19:47:02 ----D---- D:\Documents and Settings\wolf\Data aplikací\dvdcss
2009-12-18 15:02:56 ----D---- D:\WINDOWS\system32\CatRoot2
2009-12-18 11:24:03 ----D---- D:\Documents and Settings\wolf\Data aplikací\Skype
2009-12-18 10:41:09 ----D---- D:\Documents and Settings\wolf\Data aplikací\skypePM
2009-12-18 00:29:04 ----D---- D:\Documents and Settings\wolf\Data aplikací\FileZilla
2009-12-17 15:46:47 ----HD---- D:\WINDOWS\inf
2009-12-15 13:51:42 ----A---- D:\WINDOWS\Wincmd.ini
2009-12-14 13:06:29 ----A---- D:\WINDOWS\win.ini
2009-12-14 13:02:13 ----AC---- D:\WINDOWS\system32\PerfStringBackup.INI
2009-12-11 12:04:39 ----D---- D:\WINDOWS\WinSxS
2009-12-11 12:02:37 ----D---- D:\Program Files
2009-12-11 12:02:33 ----D---- D:\Documents and Settings\All Users\Data aplikací\Apple Computer
2009-12-10 01:22:29 ----DC---- D:\WINDOWS\system32\dllcache
2009-12-10 01:22:12 ----D---- D:\Program Files\Internet Explorer
2009-12-10 01:22:05 ----D---- D:\WINDOWS\ie8updates
2009-12-10 01:22:01 ----HD---- D:\WINDOWS\$hf_mig$
2009-12-05 11:10:14 ----D---- D:\Program Files\Hotspot Shield
2009-12-01 21:06:19 ----A---- D:\WINDOWS\system32\MRT.exe
2009-11-25 12:11:11 ----D---- D:\Program Files\MSXML 4.0
2009-11-25 00:54:29 ----A---- D:\WINDOWS\system32\aswBoot.exe
2009-11-22 13:15:04 ----D---- D:\Program Files\TortoiseSVN
2009-11-22 13:15:03 ----D---- D:\Program Files\Common Files\TortoiseOverlays

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AFS2K;AFS2k; D:\WINDOWS\system32\drivers\AFS2K.sys [2007-10-30 82380]
R1 AmdK7;Ovladač procesoru AMD K7; D:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 Amfilter;Compatible Mouse Filter Driver; D:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-04-06 8704]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 atitray;atitray; \??\D:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 Ext2fs;Ext2fs; D:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-01-20 179584]
R1 fwdrv;Firewall Driver; D:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 IfsMount;IfsMount; D:\WINDOWS\system32\DRIVERS\ifsmount.sys [2007-12-29 49536]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; D:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
R1 mbmiodrvr;mbmiodrvr; \??\D:\WINDOWS\system32\mbmiodrvr.sys []
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\D:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; D:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 VBoxDrv;VirtualBox Service; D:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-08-05 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; D:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-08-05 41424]
R1 vmm;Virtual Machine Monitor; \??\D:\WINDOWS\system32\Drivers\vmm.sys []
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; D:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-27 278984]
R2 cvintdrv;cvintdrv; D:\WINDOWS\system32\drivers\cvintdrv.sys [2007-10-23 4096]
R2 CX23880;WinFast CX2388x WDM Video Capture.; D:\WINDOWS\system32\drivers\cx88vid.sys [2006-10-18 162944]
R2 CXAVXBAR;WinFast CX2388x WDM Crossbar.; D:\WINDOWS\system32\drivers\cxavxbar.sys [2006-10-18 9728]
R2 CXTUNE;WinFast CX2388x WDM TVTuner.; D:\WINDOWS\system32\drivers\CX88TUNE.sys [2006-10-18 50816]
R2 lirsgt;lirsgt; D:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-27 25416]
R2 PfModNT;PfModNT; \??\D:\WINDOWS\system32\PfModNT.sys []
R2 SCNDRVP;SCNDRVP; D:\WINDOWS\system32\drivers\SCNDRVP.sys [2001-03-22 64302]
R2 SCRCAMHRDRV;ScreenCamera HR; D:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2009-03-27 234304]
R2 vnccom;vnccom; D:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R2 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver; \??\D:\WINDOWS\system32\ZDCNDIS5.sys []
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-21 3565056]
R3 ctac32k;Creative AC3 Software Decoder; D:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); D:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; D:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; D:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 emupia;E-mu Plug-in Architecture Driver; D:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; D:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; D:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ossrv;Creative OS Services Driver; D:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 taphss;Anchorfree HSS Adapter; D:\WINDOWS\system32\DRIVERS\taphss.sys [2009-11-12 32768]
R3 tapvpn;TAP VPN Adapter; D:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 Tetris;Tetris driver; D:\WINDOWS\System32\Drivers\Tetris.sys [2008-08-01 48928]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; D:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-08-05 91472]
R3 VBoxNetFlt;VBoxNetFlt Service; D:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-08-05 99472]
R3 vncdrv;vncdrv; D:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
R3 VPCNetS2;Virtual Machine Network Services Driver; D:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 vulfntrs;VIA USB Roothub Lower Filter; D:\WINDOWS\System32\Drivers\vulfntr.sys [2003-01-02 10496]
S1 Uim_IM;UIM Drive Backup Image Plugin; D:\WINDOWS\System32\Drivers\Uim_IM.sys []
S1 UimBus;Universal Image Mounter Controller; D:\WINDOWS\system32\DRIVERS\UimBus.sys []
S2 ASInsHelp;ASInsHelp; \??\D:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 abvyzx5o;abvyzx5o; D:\WINDOWS\system32\drivers\abvyzx5o.sys []
S3 aeaudio;aeaudio; D:\WINDOWS\system32\drivers\aeaudio.sys []
S3 Amusbprt;Compatible HID-compliant Mouse Driver; D:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-04-19 14336]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; D:\WINDOWS\system32\drivers\AVerFx2hbtv.sys [2008-01-15 257024]
S3 BlueletAudio;Bluetooth Audio Service; D:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-02-01 20096]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\BRGSp50.sys [2006-11-27 20608]
S3 Bridge;Most MAC; D:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; D:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2005-04-06 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; D:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-07 11860]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; D:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\D:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\D:\Program Files\CPUID\PC Wizard 2009\pcwiz32.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; D:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); D:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-05-06 24511]
S3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 epmntdrv;epmntdrv; \??\D:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\D:\WINDOWS\system32\EuGdiDrv.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FTDIBUS;SEMC DSS SyncStation Serial Converter Driver; D:\WINDOWS\system32\drivers\ftdibus.sys [2004-01-19 19153]
S3 FTLUND;Lundinova Filter Driver; D:\WINDOWS\system32\drivers\ftlund.sys [2004-01-19 6828]
S3 FTSER2K;SEMC DSS SyncStation Driver; D:\WINDOWS\system32\drivers\ftser2k.sys [2004-01-19 50396]
S3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-10-29 25280]
S3 HWACCESS;HWACCESS; \??\D:\WINDOWS\SYSTEM32\HWACCESS.SYS []
S3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-20 12160]
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTLGPOS;MTLGPOS; D:\WINDOWS\system32\drivers\mtlgpos.sys [2006-09-06 19840]
S3 MTLGPOS2;MTLGPOS2; D:\WINDOWS\system32\drivers\mtlgpos2.sys [2007-08-15 20224]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NDISKIO;NDISKIO; \??\D:\DOCUME~1\wolf\LOCALS~1\Temp\00000f99.nmc\nse\bin\ndiskio.sys []
S3 nm;Ovladač programu Sledování sítě; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\D:\WINDOWS\system32\NSNDIS5.SYS []
S3 NTSIM;NTSIM; \??\D:\WINDOWS\system32\ntsim.sys []
S3 PAC207;Trust WB-1400T Webcam; D:\WINDOWS\system32\DRIVERS\pfc027.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2001-09-20 5888]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8029.SYS []
S3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 slicedisk.sys;slicedisk.sys; \??\D:\WINDOWS\system32\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; D:\WINDOWS\system32\drivers\smwdm.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); D:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; D:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; D:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USB28xxBGA;USB 2883 Device; D:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-06-22 479232]
S3 USB28xxOEM;USB 28xx OEM Filter; D:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-04-25 45696]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 VBoxTAP;VirtualBox TAP Adapter; D:\WINDOWS\system32\DRIVERS\VBoxTAP.sys [2008-02-20 47552]
S3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; D:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 vulfnths;VIA USB Host Controller Lower Filter; D:\WINDOWS\System32\Drivers\vulfnth.sys [2003-01-02 6912]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; D:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-11-27 17664]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; D:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACDaemon;ArcSoft Connect Daemon; D:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 AVerRemote;AVerRemote; D:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-03-13 339968]
R2 AVerScheduleService;AVerScheduleService; D:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-03-05 380928]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; D:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 HotspotShieldService;Hotspot Shield Service; D:\Program Files\Hotspot Shield\bin\openvpnas.exe [2009-11-17 224816]
R2 HssSrv;Hotspot Shield Helper Service; D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-11-12 331824]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2008-10-24 152984]
R2 lkClassAds;National Instruments PSP Server Locator; D:\WINDOWS\system32\lkads.exe [2007-11-27 40488]
R2 lkTimeSync;National Instruments Time Synchronization; D:\WINDOWS\system32\lktsrv.exe [2007-11-27 50736]
R2 NIDomainService;National Instruments Domain Service; D:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2007-11-27 213552]
R2 niSvcLoc;NI Service Locator; D:\WINDOWS\system32\nisvcloc.exe [2007-07-19 48704]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 71096]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2008-10-05 66872]
R2 PnkBstrB;PnkBstrB; D:\WINDOWS\system32\PnkBstrB.exe [2008-10-05 103736]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-11 570880]
R2 SPF4;Sunbelt Personal Firewall 4; D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R2 STI Simulator;STI Simulator; D:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UleadBurningHelper;Ulead Burning Helper; D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-07-21 602112]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-07-21 593920]
S2 LkCitadelServer;Lookout Citadel Server; D:\WINDOWS\system32\lkcitdl.exe [2007-11-27 695136]
S2 XAMPP;XAMPP Service; C:\xampp\service.exe []
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-07-24 72704]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-26 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HssTrayService;Hotspot Shield Tray Service; D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-11-17 57640]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NILM License Manager;NILM License Manager; D:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2007-01-29 1007616]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

[Unlimited_Killer]

Ok, jdeme na to.

~~~

Stáhněte OTM na Plochu. Spusťte ho dvojklikem na OTMoveIt3.exe, pokud máte Vistu, pravým tlačítkem na soubor -> Run as Administrator [spustit jako administrátor].
Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
Explorer.EXE

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"UpdReg"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"eyeBeam SIP Client"=-

:files
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-484061587-725345543-1008Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-484061587-725345543-1008UA.job

:services
JavaQuickStarterService

:commands
[emptytemp]
[reboot]

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra. Pokud se zobrazí hláška k restartování, klikněte na Yes. Po restartu log najdete v C:\_OTM\MovedFiles

~~~

Stáhněte MBAM a postupujte podle popisu. Zatím nic nemažte, MBAM má občas falešné detekce.
Potom mi sem vložte log.

~~~

Po těchto mým 'zákrocích' Vám nebudou fungovat automatické aktualizace například Javy (spouštěly se zbytečně hned po startu systému a zatěžovaly RAM).
Proto doporučuji stáhnout si prográmek jménem FileHippo Update Checker, který stačit jednou týdně spustit a přehledně Vám zobrazí, který software je neaktuální.

~~~

Zkuste pročistit PC CCleanerem.
Nainstalujte, jen dávejte pozor a při instalaci odfajfkujte položku Instalovat Yahoo! Toolbar.
Spusťte.

Záložka Čistič -> nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.

Záložka Registry > klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.

CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

~~~

Po všech těchto krocích poprosím o všechny logy, o které jsem žádal + nový RSIT log.

[wolfixis]

Tak sem zpet nejak nebyl cas

Ty chyby registru sou jen vypnuty upozornovani win podle nazvu jinak to nic nenaslo.

CCleaner pouzivam porad

-------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.42
Verze databáze: 3416
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23.12.2009 23:33:36
mbam-log-2009-12-23 (23-33-33).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|I:\|J:\|)
Zkontrolované objekty: 583217
Uplynulý čas: 4 hour(s), 1 minute(s), 50 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[wolfixis]

Kua uz je to tam zase

[Unlimited_Killer]

Tak to je zvláštní...
Pokud je myš vidět jakoby pod tím, je to vadný pixel - vada monitoru. Jeden mám na monitoru taky, ale mnohem menší. Je otázka, jestli je to i Váš případ. Tkuste vyzkoušet monitor na jiném PC.

~~~

Spusťte opět OTM, ale tentokrát klikněte na 'CleanUp!' [vizte obrázek].

[wolfixis]

Nj vadny pixel ja mam crt.

Ted se to chova tak ze to de prekryt oknem - je to jakoby jen na plose - pozadi atd sem menil nema to vliv.
Ale neco to musi bejt pac to zmizelo a zase objevilo.

[Unlimited_Killer]

Fakt nevím... Můžeme ještě zkusit ComboFix...

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.

[Misha]

Zdravim ... monitorem to urcite nebude mel jsem to same ... ale nijak moc me to nezatezovalo a po reinstalaci pc to bylo fuc...

[Unlimited_Killer]

Reinstalu zrovna moc dosáhnout nechci... Co se dá ale dělat...

[wolfixis]

Zdravim,

chtel jsem napsat uz drive ale nejak to neslo.

Zjistil jsem ze se to objevi po zapnuti ICQ tak to snad nebude nic nebezpecneho.

[Unlimited_Killer]

Snad ne... Řešením je možná používat externí IM klient (Miranda, QiP..).