Zpomalený PC

[Unkn0wn]

Dobrý den, poslední dobou se mi pc strašně zpomalil, i když jsem defragmentoval disk, vyčistil ho, atd. A k tomu mi nefunguje nabídka start (nejde rozkliknout) . (Jakoby pořád načítala). Bojím se že bych mohl mít v PC něaký vir. Díky za rady

Můj Log z Rsit:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Toméš at 2011-07-30 17:36:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 80 GB (57%) free of 141 GB
Total RAM: 2038 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:18, on 30.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\extras\ViOrb\ViOrb.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\extras\ViOrb\ViOrb.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\IMinent Toolbar\TbHelper2.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Toméš\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Toméš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Toméš\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Toméš\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ViOrb] C:\Program Files\extras\ViOrb\ViOrb.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1388
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ViOrb] C:\Program Files\extras\ViOrb\ViOrb.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Copy to &Lightning Note - C:\Program Files\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... 4.21.0.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9200 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{759215F1-683B-4A91-99DC-4AA3EE2653F3}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Toméš\Data aplikací\Mozilla\Firefox\Profiles\6kjigx01.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/#utm_source=icq&u ... um=generic"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.2.6&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\1.bin
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Toméš\Data aplikací\Mozilla\Firefox\Profiles\6kjigx01.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Documents and Settings\Toméš\Data aplikací\Mozilla\Firefox\Profiles\6kjigx01.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Toméš\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ViOrb"=C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-01-13 134656]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-01-13 166912]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-01-13 135680]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1388 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-04-26 399736]
"ViOrb"=C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-06-29 124216]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-01-13 205824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Toméš\Dokumenty\Stažené soubory\SweetImSetup.exe"="C:\Documents and Settings\Toméš\Dokumenty\Stažené soubory\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FMVC"=fmcodec.dll

======File associations======

.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-30 17:36:12 ----D---- C:\Program Files\trend micro
2011-07-30 17:36:11 ----D---- C:\rsit
2011-07-29 23:39:02 ----D---- C:\90d96364cad27abff6
2011-07-29 21:39:39 ----ASH---- C:\pagefile.sys
2011-07-29 19:35:04 ----RASH---- C:\BOOTSECT.BAK
2011-07-29 19:34:58 ----SHD---- C:\Boot
2011-07-29 19:24:57 ----D---- C:\$WINDOWS.~LS
2011-07-29 19:07:10 ----D---- C:\Documents and Settings\Toméš\Data aplikací\Canneverbe Limited
2011-07-29 19:06:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2011-07-29 19:04:03 ----D---- C:\Documents and Settings\Toméš\Data aplikací\DeepBurner Pro
2011-07-29 19:03:32 ----D---- C:\Program Files\Astonsoft
2011-07-29 18:56:41 ----D---- C:\Program Files\Microsoft.NET
2011-07-29 18:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-07-29 15:47:44 ----A---- C:\WINDOWS\system32\difxapi.dll
2011-07-29 15:20:41 ----D---- C:\WINDOWS\system32\CSY
2011-07-29 15:20:41 ----A---- C:\WINDOWS\system32\Imsmudlg.exe
2011-07-29 15:20:21 ----D---- C:\Program Files\Intel
2011-07-29 15:20:21 ----D---- C:\Documents and Settings\Toméš\Data aplikací\InstallShield
2011-07-29 13:50:10 ----D---- C:\$WIN_NT$.~BT
2011-07-29 13:50:10 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-07-29 13:50:09 ----D---- C:\WINDOWS\setup.pss
2011-07-29 13:49:48 ----D---- C:\WINDOWS\setupupd
2011-07-29 01:51:33 ----D---- C:\5e6c1a00960a63e6e9c5784d4c7d17
2011-07-28 01:14:53 ----D---- C:\0c3701ed777cd924bde730f60b
2011-07-27 00:58:22 ----D---- C:\9ea3ea3b00eca8a4aa27e8b801a705
2011-07-26 00:27:25 ----D---- C:\9f6f221c81549aba0f6da405f1cd6693
2011-07-25 01:41:31 ----D---- C:\b605cf289a76d0c30be34cc99d6e92
2011-07-24 00:48:28 ----D---- C:\67e55852b7aa7a88a153c57ef1eae299
2011-07-23 00:19:14 ----D---- C:\91ad5bf46a8a4054d4c9
2011-07-22 18:55:39 ----D---- C:\Documents and Settings\Toméš\Data aplikací\ICQ
2011-07-22 18:55:30 ----D---- C:\Program Files\ICQ7.5
2011-07-22 03:03:50 ----D---- C:\ad910f627ff3bb007938efef021d
2011-07-21 03:16:53 ----D---- C:\2387a48df60409a59db7cb47
2011-07-19 01:10:42 ----D---- C:\28a9df21a3307d5e49
2011-07-18 01:27:19 ----D---- C:\7592bc6fdd1b3009a2d5a92eaae0
2011-07-18 00:20:14 ----D---- C:\Program Files\Zrychleni Pocitace
2011-07-18 00:20:05 ----D---- C:\Documents and Settings\Toméš\Data aplikací\OpenCandy
2011-07-17 00:46:03 ----D---- C:\1e4edaba50ec7ca2183005496ea36b
2011-07-15 14:47:34 ----D---- C:\cef30098c3e822c034e547a1df9e01
2011-07-14 22:56:08 ----D---- C:\89237a62622f93e3600a
2011-07-14 08:13:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 22:45:15 ----D---- C:\55e37461ea2d20501d5490e2856c
2011-07-13 22:45:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-12 23:05:38 ----D---- C:\1514dc2a2598d3c8b0dad1d44ab9
2011-07-11 23:39:55 ----D---- C:\f059adaffa0715f908
2011-07-09 14:19:28 ----D---- C:\697c3c5ac81389bea41d
2011-07-09 03:37:00 ----D---- C:\567bcaad7ef788fde69db4119f3e80
2011-07-09 03:25:58 ----D---- C:\b4c337cea7784dae4a004b9078
2011-07-09 03:17:15 ----D---- C:\5b3ba6ca2caad1cd32328d76
2011-07-08 10:28:05 ----D---- C:\41b731d95692c98d857f
2011-07-08 01:28:11 ----D---- C:\1db5cef4f7be8908ff16c88cfc86
2011-07-06 23:00:45 ----D---- C:\61fda7699809684626b1
2011-07-05 23:27:16 ----D---- C:\ea19e77e47a9673c3ee47e
2011-07-05 03:22:03 ----D---- C:\02e84783cfa2b49504d0f4
2011-07-03 23:52:58 ----D---- C:\5b9797f7cfb58a8e11d2b18f
2011-07-03 18:46:53 ----D---- C:\6d566aa2549b4fc7e9fb8d184157
2011-07-03 01:51:24 ----D---- C:\48398beced8e4f5a39
2011-07-03 01:33:50 ----D---- C:\Documents and Settings\Toméš\Data aplikací\Toolbar4
2011-07-02 00:38:30 ----D---- C:\1e521fdb7ad7643d395fdb2b0b8ce0
2011-07-02 00:26:36 ----SHD---- C:\RECYCLER
2011-07-01 16:59:34 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-01 16:59:34 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-01 16:59:33 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-01 16:59:22 ----A---- C:\WINDOWS\avastSS.scr
2011-07-01 16:59:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-01 16:59:08 ----D---- C:\Program Files\AVAST Software
2011-07-01 16:59:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-01 16:35:15 ----A---- C:\ComboFix.txt
2011-07-01 16:24:52 ----A---- C:\Boot.bak
2011-07-01 16:24:48 ----RASHD---- C:\cmdcons
2011-07-01 16:19:45 ----A---- C:\WINDOWS\zip.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\SWSC.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\SWREG.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\sed.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\PEV.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\MBR.exe
2011-07-01 16:19:45 ----A---- C:\WINDOWS\grep.exe
2011-07-01 16:19:38 ----D---- C:\WINDOWS\ERDNT
2011-07-01 15:21:13 ----D---- C:\Qoobox
2011-07-01 15:13:35 ----D---- C:\7531ce62173739da1d7c5865938f
2011-07-01 15:11:27 ----ASH---- C:\hiberfil.sys
2011-07-01 11:01:42 ----SHD---- C:\WINDOWS\CSC
2011-07-01 10:43:17 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-07-01 09:41:45 ----D---- C:\found.000

======List of files/folders modified in the last 1 month======

2011-07-30 17:36:16 ----D---- C:\WINDOWS\Temp
2011-07-30 17:36:12 ----D---- C:\Program Files
2011-07-30 17:27:12 ----D---- C:\WINDOWS\Prefetch
2011-07-30 17:25:47 ----SHD---- C:\WINDOWS\Installer
2011-07-30 17:25:47 ----D---- C:\WINDOWS\system32
2011-07-30 17:25:47 ----D---- C:\Config.Msi
2011-07-30 17:25:19 ----D---- C:\Program Files\Common Files
2011-07-30 17:24:58 ----SD---- C:\WINDOWS\Tasks
2011-07-30 17:24:40 ----D---- C:\Program Files\Glary Utilities
2011-07-30 17:23:49 ----D---- C:\Program Files\Ask.com
2011-07-30 17:23:26 ----D---- C:\WINDOWS
2011-07-30 17:23:26 ----D---- C:\Program Files\WildTangent
2011-07-30 17:23:11 ----D---- C:\WINDOWS\system32\drivers
2011-07-30 17:17:40 ----D---- C:\WINDOWS\Debug
2011-07-30 16:58:26 ----D---- C:\WINDOWS\Registration
2011-07-30 16:58:22 ----D---- C:\Documents and Settings\Toméš\Data aplikací\uTorrent
2011-07-30 09:12:14 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-30 09:02:34 ----RSD---- C:\WINDOWS\assembly
2011-07-30 09:02:29 ----D---- C:\WINDOWS\WinSxS
2011-07-29 19:35:31 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-29 19:00:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-29 18:56:52 ----D---- C:\WINDOWS\system32\en-us
2011-07-29 18:56:20 ----D---- C:\WINDOWS\system32\CatRoot
2011-07-29 18:54:57 ----HD---- C:\WINDOWS\inf
2011-07-29 18:54:52 ----D---- C:\WINDOWS\system32\mui
2011-07-29 18:54:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-29 15:47:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-29 15:47:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-07-29 15:47:30 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-29 13:50:24 ----RASH---- C:\boot.ini
2011-07-23 11:42:21 ----D---- C:\Program Files\ICQ6Toolbar
2011-07-22 18:56:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-07-18 17:15:31 ----D---- C:\Documents and Settings\Toméš\Data aplikací\Mozilla
2011-07-18 17:14:31 ----D---- C:\Program Files\Mozilla Firefox
2011-07-18 00:19:43 ----D---- C:\Program Files\DsNET Corp
2011-07-14 08:11:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-13 08:38:18 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-12 22:44:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-03 00:01:08 ----D---- C:\Program Files\PC Connectivity Solution
2011-07-03 00:00:38 ----D---- C:\Program Files\Opera
2011-07-02 23:30:20 ----D---- C:\Program Files\DVD Photo Slideshow Professional
2011-07-01 16:31:06 ----A---- C:\WINDOWS\system.ini
2011-07-01 16:30:43 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-01 16:29:30 ----D---- C:\WINDOWS\system32\config
2011-07-01 16:27:16 ----D---- C:\WINDOWS\AppPatch
2011-07-01 16:17:13 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-01 15:42:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-07-01 10:32:22 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 iastor78;iastor78; C:\WINDOWS\system32\drivers\iastor78.sys [2008-12-29 308248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-30 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-01-13 1730272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-26 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aljd0rp9;aljd0rp9; C:\WINDOWS\system32\drivers\aljd0rp9.sys []
S3 catchme;catchme; \??\C:\654654654\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
S3 XDva352;XDva352; \??\C:\WINDOWS\system32\XDva352.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-12-26 58880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2009-06-04 354840]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-02-20 192512]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-10 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-10 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Toméš\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Toméš\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... IwQy0zN1RT"&"inst=NzctNjY1NTM2ODE5LVNQMSsxLVNQMVRCKzEtU1VEKzEtRDM4MUwrNi1TMUkrMS1TVTMrMS1UVUcrMy1MU0QrMi1ERFQrMA"&"prod=55"&"ver=10.0.1388
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Toméš.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

[Unkn0wn]

Díky Moc !

Tady je Log:

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

30.7.2011 20:21:51
mbam-log-2011-07-30 (20-21-51).txt

Typ: Rychlá kontrola
Kontrolované objekty: 159386
Uplynulý čas: 6 minut, 16 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Roli]

Hm a nepsal jsem náhodou předem nic nemazat ?

No nic už se stalo a máš štěstí že se Mbam nespletl.

Nyní ale použijeme větší kalibr tak že pozorně čti, protože tenhle softík chyby netoleruje.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.