HJT - Preventivka Vyřešeno

[CZechBoY]

Zdravim,
může mi někdo prosím zkontrolovat log z HiJackThis ? Preventivně :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:23:43, on 17.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OO Software\DriveLED\oodled.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\OO Software\CleverCache\ooccag.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Documents and Settings\CZechBoY\Plocha\muj server\SERVER01.exe
C:\WINDOWS\system32\igfxsrvc.exe
E:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun /autorun /autorun /autorun /autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [DriveLED] C:\Program Files\OO Software\DriveLED\oodled.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Data aplikací\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C641B42D-570A-40CD-B895-55D9E003CC32}: NameServer = 192.168.15.1,192.168.68.16
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7116 bytes

[Reklama]

[pitimir]

Nazdar, pouzijeme radsej dokladnejsi RSIT...

Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".

[CZechBoY]

A k čemu je ? Ten tu nikdo neumí, myslim. Ten chtěj jen na viry.cz kde stejně houby umí.
Logfile of random's system information tool 1.06 (written by random/random)
Run by CZechBoY at 2009-09-17 18:28:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (18%) free of 20 GB
Total RAM: 2046 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:28:46, on 17.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OO Software\DriveLED\oodled.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\OO Software\CleverCache\ooccag.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Documents and Settings\CZechBoY\Plocha\muj server\SERVER01.exe
C:\WINDOWS\system32\igfxsrvc.exe
E:\RSIT.exe
E:\CZechBoY.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun /autorun /autorun /autorun /autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [DriveLED] C:\Program Files\OO Software\DriveLED\oodled.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Data aplikací\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C641B42D-570A-40CD-B895-55D9E003CC32}: NameServer = 192.168.15.1,192.168.68.16
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7252 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Chmat Tools 2.9.2009 auto.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-23 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ooccctrl.exe"=C:\Program Files\OO Software\CleverCache\ooccctrl.exe [2007-02-23 1911568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2009-04-08 2553088]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"EasyTuneVI"=C:\Program Files\GIGABYTE\ET6\ETcall.exe [2007-07-26 20480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SIDEBAR"=C:\Program Files\Desktop Sidebar\dsidebar.exe [2006-07-09 1777664]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2009-03-25 5245440]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-09-04 25623336]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"DriveLED"=C:\Program Files\OO Software\DriveLED\oodled.exe [2004-09-22 292864]
"Fraps"=C:\FRAPS\FRAPS.EXE [2009-01-03 1203880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-09-11 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSMBalloonTip"=1
"NoDriveTypeAutoRun"=323
"MemCheckBoxInRunDlg"=0
"NoAutoTrayNotify"=0
"NoResolveTrack"=0
"NoResolveSearch"=1
"NoWelcomeScreen"=1
"NoRecentDocsNetHood"=1
"NoDesktopCleanupWizard"=1
"NoSharedDocuments"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=
"NoStrCmpLogical"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Strong DC++(2.22)\StrongDC.exe"="D:\Strong DC++(2.22)\StrongDC.exe:*:Enabled:StrongDC++"
"E:\Hry\Chmat-MystiX\chmatakov15.exe"="E:\Hry\Chmat-MystiX\chmatakov15.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\Documents and Settings\CZechBoY\Plocha\muj server\SERVER01.exe"="C:\Documents and Settings\CZechBoY\Plocha\muj server\SERVER01.exe:*:Enabled:SERVER01"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet\LiveUpdate.exe"="C:\Program Files\FlashGet\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet\LiveUpdateEx.exe"="C:\Program Files\FlashGet\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"E:\Hry\Assassins's Creed Cz\AssassinsCreed_Dx9.exe"="E:\Hry\Assassins's Creed Cz\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"E:\Hry\Assassins's Creed Cz\AssassinsCreed_Dx10.exe"="E:\Hry\Assassins's Creed Cz\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"E:\Hry\Assassins's Creed Cz\AssassinsCreed_Launcher.exe"="E:\Hry\Assassins's Creed Cz\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\Hry\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\Hry\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\Hry\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Hry\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-09-17 18:28:45 ----D---- C:\rsit
2009-09-16 07:59:01 ----AD---- C:\WINDOWS\VDLL.DLL
2009-09-16 07:59:01 ----AD---- C:\WINDOWS\RUNDL132.EXE
2009-09-16 07:59:01 ----AD---- C:\WINDOWS\logo_1.exe
2009-09-15 18:21:58 ----D---- C:\WINDOWS\system32\js
2009-09-15 18:21:58 ----D---- C:\WINDOWS\system32\images
2009-09-15 18:21:58 ----D---- C:\WINDOWS\system32\html
2009-09-15 18:21:58 ----D---- C:\WINDOWS\system32\css
2009-09-15 18:21:58 ----D---- C:\Program Files\Business Objects
2009-09-15 18:18:16 ----D---- C:\Program Files\MSXML 6.0
2009-09-15 18:15:54 ----D---- C:\Program Files\Microsoft SQL Server
2009-09-15 18:15:35 ----D---- C:\Program Files\Microsoft Device Emulator
2009-09-15 18:14:57 ----D---- C:\Program Files\Windows Mobile 5.0 SDK R2
2009-09-15 18:14:33 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-09-15 18:14:33 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-15 18:09:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\PreEmptive Solutions
2009-09-15 18:06:16 ----D---- C:\WINDOWS\symbols
2009-09-15 18:05:19 ----D---- C:\Program Files\Microsoft.NET
2009-09-15 18:05:19 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-09-15 18:05:19 ----D---- C:\Program Files\Microsoft SDKs
2009-09-15 18:05:19 ----D---- C:\Program Files\HTML Help Workshop
2009-09-15 18:05:19 ----D---- C:\Program Files\Common Files\Merge Modules
2009-09-15 18:05:19 ----D---- C:\Program Files\CE Remote Tools
2009-09-15 18:04:18 ----D---- C:\Program Files\Microsoft Web Designer Tools
2009-09-15 18:04:06 ----RHD---- C:\MSOCache
2009-09-14 15:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-14 15:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-10 20:11:50 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Opera
2009-09-10 20:11:22 ----D---- C:\Program Files\Opera
2009-09-10 17:39:21 ----SHD---- C:\Config.Msi
2009-09-09 20:15:16 ----A---- C:\WINDOWS\system32\VBoxNetFltNotify.dll
2009-09-07 18:28:14 ----D---- C:\Program Files\Sun
2009-09-07 14:15:03 ----D---- C:\Program Files\CPUID
2009-09-04 15:23:57 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Sony Creative Software
2009-09-03 19:43:19 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Publish Providers
2009-09-03 19:34:57 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Sony
2009-09-03 19:31:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2009-09-03 19:31:51 ----D---- C:\Program Files\Sony
2009-09-03 18:18:24 ----D---- C:\Program Files\Hamachi2
2009-09-03 18:14:53 ----D---- C:\Program Files\Smart Port Forwarding
2009-09-03 18:10:35 ----D---- C:\Program Files\Hamachi
2009-09-02 21:29:35 ----D---- C:\CT Backups
2009-09-02 19:32:48 ----D---- C:\Program Files\SpeedFan
2009-09-02 17:12:09 ----D---- C:\Program Files\Camtech
2009-08-31 18:35:54 ----AD---- C:\WINDOWS\rundll16.exe
2009-08-31 18:35:54 ----AD---- C:\WINDOWS\rundl132.dll
2009-08-31 18:35:54 ----AD---- C:\WINDOWS\logo1_.exe
2009-08-27 08:08:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2009-08-27 03:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-26 15:48:14 ----A---- C:\WINDOWS\klient.ini
2009-08-24 16:42:39 ----D---- C:\Program Files\EACom
2009-08-23 19:09:39 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\RealVNC
2009-08-23 18:50:32 ----A---- C:\WINDOWS\system32\vncmirror.dll
2009-08-23 18:50:30 ----D---- C:\Program Files\RealVNC

======List of files/folders modified in the last 1 months======

2009-09-17 18:28:37 ----A---- C:\WINDOWS\wincmd.ini
2009-09-17 18:27:15 ----D---- C:\Program Files
2009-09-17 18:27:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-17 18:27:03 ----D---- C:\WINDOWS\system32\drivers
2009-09-17 18:20:35 ----D---- C:\WINDOWS
2009-09-17 18:20:28 ----D---- C:\WINDOWS\Temp
2009-09-17 17:56:04 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Skype
2009-09-17 05:30:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-16 23:23:30 ----RSD---- C:\WINDOWS\assembly
2009-09-16 23:22:18 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-16 21:07:21 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Hamachi
2009-09-16 21:07:15 ----A---- C:\WINDOWS\WpePro_0delay.INI
2009-09-16 19:57:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-16 19:56:47 ----D---- C:\WINDOWS\system32
2009-09-16 19:56:43 ----D---- C:\Fraps
2009-09-16 19:56:17 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-09-16 14:37:41 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\FileZilla
2009-09-16 07:43:00 ----D---- C:\Program Files\Mozilla Firefox
2009-09-16 07:31:26 ----A---- C:\WINDOWS\vbaddin.ini
2009-09-15 18:49:45 ----ASH---- C:\boot.ini
2009-09-15 18:24:36 ----SHD---- C:\WINDOWS\Installer
2009-09-15 18:22:24 ----A---- C:\WINDOWS\ODBC.INI
2009-09-15 18:21:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-15 18:20:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-09-15 18:16:12 ----D---- C:\WINDOWS\Registration
2009-09-15 18:15:30 ----RSD---- C:\WINDOWS\Fonts
2009-09-15 18:12:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-09-15 18:12:37 ----SD---- C:\Documents and Settings\CZechBoY\Data aplikací\Microsoft
2009-09-15 18:12:37 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-09-15 18:11:08 ----D---- C:\WINDOWS\WinSxS
2009-09-15 18:06:35 ----D---- C:\Program Files\MSBuild
2009-09-15 18:06:07 ----D---- C:\WINDOWS\system32\1033
2009-09-15 18:05:19 ----D---- C:\Program Files\Common Files
2009-09-14 21:20:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2009-09-14 19:02:03 ----D---- C:\WINDOWS\Debug
2009-09-14 19:00:29 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\Desktop Sidebar
2009-09-14 15:28:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-14 15:28:31 ----HD---- C:\WINDOWS\inf
2009-09-14 15:28:26 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-10 17:39:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-09 19:14:45 ----A---- C:\WINDOWS\GMouse.ini
2009-09-08 21:07:13 ----D---- C:\Program Files\FileZilla FTP Client
2009-09-07 16:51:49 ----D---- C:\WINDOWS\Prefetch
2009-09-07 14:35:28 ----A---- C:\WINDOWS\system32\lpcio.dll
2009-09-04 15:40:03 ----D---- C:\WINDOWS\system32\config
2009-09-03 18:18:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-03 18:11:44 ----D---- C:\Program Files\CamStudio
2009-09-03 16:10:55 ----D---- C:\Program Files\API-Guide
2009-09-03 15:11:52 ----D---- C:\GMouse20
2009-09-02 16:59:16 ----SD---- C:\WINDOWS\Tasks
2009-08-31 21:04:19 ----D---- C:\WINDOWS\Media
2009-08-28 23:38:20 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-27 08:08:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-27 08:08:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-27 08:08:47 ----D---- C:\Program Files\GIGABYTE
2009-08-27 08:08:47 ----D---- C:\Program Files\Common Files\InstallShield
2009-08-24 12:50:58 ----D---- C:\Documents and Settings\CZechBoY\Data aplikací\dvdcss
2009-08-24 08:03:07 ----D---- C:\WINDOWS\system32\oodag
2009-08-23 20:15:32 ----D---- C:\Program Files\Burn4Free

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-06-09 97608]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-27 96104]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-09-09 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-09-09 41424]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-02-26 99856]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-03 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-07-30 110080]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 OOTextMode;OOTextMode; C:\WINDOWS\System32\drivers\oobctm.sys [2009-04-07 37896]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-05-09 47360]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-09-09 91856]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-09-09 100368]
R3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-07-25 4608]
S3 arn2pg4w;arn2pg4w; C:\WINDOWS\system32\drivers\arn2pg4w.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\c:\Program Files\MediaCoder\SysInfo.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-09-11 6047904]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PSSDK42;PSSDK42; \??\C:\WINDOWS\system32\Drivers\pssdk42.sys []
S3 PSSDKLBF;PSSDKLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirFirewallService;Avira Firewall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-06-09 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-06-09 194817]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-06-09 434945]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-23 152984]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2009-04-08 1377536]
R2 OOCleverCacheAgent;O&O CleverCache Agent; C:\Program Files\OO Software\CleverCache\ooccag.exe [2007-01-28 391952]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2009-07-25 1492344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

[pitimir]

A k čemu je ? Ten tu nikdo neumí, myslim.

To, ze to niekto nevie, je vyzitka jeho samotneho...
A naco je? No povedzme ze na primarny scan PC. Je dokladnejsi ako zastaraly HJT (ktory v dnesnej dobe zachyti minimalne pecento infekcii a je dobry akurat tak na fixovanie neplatnych poloziek a ktory ti ukaze ti iba cast toho, co potrebujem vediet).

Ten chtěj jen na viry.cz kde stejně houby umí.

LOL, k tomuto sa vyjadrovat radsej nebudem...nepotrebujem ziaden flame. Ale isto ide o fundovany nazor odbornika, ktory pozna zahranicne ASAPacke weby :)


K logu: relativne casto pouzivas MWAV, je tak?

1) Start -> Spustit -> (napis) "E:\CZechBoY.exe"
Enter. Otvori sa premenovany HJT, v nom fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &SHOUTcast Search - C:\Documents and Settings\All Users\Data aplikací\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

2) Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).


3) Nevidim ziaden firewall a antispyware - doinstaluj ich. Ale inak OK.

[CZechBoY]

Fixnuto, MWAV tak jednou za 14dní jak si vzpomenu, mám Aviru, Firewall+AntiSpam+Web+Antivir ale to tam asi není, je to v obou logách :)

[pitimir]

Potom by to mohlo byt OK, s Avirou si nie som nikdy isty

[CZechBoY]

Tak dík za prohlídnutí, podezříval jsem tě že si nějaký začátečník a nevíš :)
avwebguard.exe je avira