Prosím o Kontrolku logu

[jaro3]

Bude Ti fungovat, Combofix smazal jen nákazy.Vyzkoušej, někdy se stane že se musí přeinstalovat připojení, ale to asi není Tvůj případ.
//EDIt : návod na fix:
viewtopic.php?f=70&t=5119

[Reklama]

[RicoCZE]

mno ptám se kvuli - viewtopic.php?f=3&t=35447 v dobje kdy jsem poprvé použil ComboFix tak mi to blbne

[jaro3]

PC je bez nákazy , používal jsi ComBoFix již předtím, odinstaloval jsi ho nebo jsi tam měl dva?
Jetli tam máš C:\ComboFix a C:\qoobox tak je můžeš smazat.
Co se týče stahování, zkus použít jiný prohlížeč, abysme vyloučili chybu ve win. Zadej téma do Internet a prohlížeče, kde se Ti kolegové budou věnovat.

[RicoCZE]

tam jsem pravě téma už založil ale oni neví to nejspiž bude chyba ve winu

[jaro3]

Nenapsal jsi zda to dělají všechny prohlížeče.
Zkus toto:
Stahni si SREng:

- rozbal na plochu a spusť ho
- zvol "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, ulož log na plochu a cely obsah logu zkopiruj sem.

[RicoCZE]

Ano dělaji mi to všechny prohlížeče, Mozzila i Explorer mi napišou chybu log :

Kód: Vybrat vše


2009-01-15,14:30:26

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Running Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan
    Scheduled Tasks
    API HOOK
    Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Publisher]
    <QuickTime Task><"C:\Program Files\qttask.exe" -atboottime>  [Apple Computer, Inc.]
    <BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe">  [Nero AG]
    <RocketDock><"D:\Program Files\RocketDock\RocketDock.exe">  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RunDLL32.exe NvMCTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
    <PCSuiteTrayApplication><C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup>  [Nokia]
    <QuickTime Task><"C:\Program Files\qttask.exe" -atboottime>  [Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Publisher]
    <WebCheck><%SystemRoot%\System32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><%systemroot%\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
Startup Folders
N/A

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[ATK Keyboard Service / ATKKeyboardService][Running/Auto Start]
  <C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start]
  <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Computer, Inc.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[ForceWare Intelligent Application Manager (IAM) / ForceWare Intelligent Application Manager (IAM)][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe><>
[Forceware Web Interface / ForcewareWebInterface][Running/Auto Start]
  <"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice><Apache Software Foundation>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NBService / NBService][Stopped/Manual Start]
  <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[ForceWare IP service / nSvcIp][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe><NVIDIA Corporation>
[ForceWare user log service / nSvcLog][Running/Auto Start]
  <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe><NVIDIA Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[ServiceLayer / ServiceLayer][Running/Manual Start]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[TuneUp Drive Defrag Service / TuneUp.Defrag][Stopped/Manual Start]
  <C:\WINDOWS\System32\TuneUpDefragService.exe><TuneUp Software>
[TuneUp Program Statistics Service / TuneUp.ProgramStatisticsSvc][Running/Auto Start]
  <C:\WINDOWS\System32\TUProgSt.exe><TuneUp Software>

==================================
Drivers
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AE Audio Service / AEAudio][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[Enhanced Display Driver Helper Service / asuskbnt][Running/System Start]
  <system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[aswFsBlk / aswFsBlk][Running/Auto Start]
  <system32\DRIVERS\aswFsBlk.sys><ALWIL Software>
[eamon / eamon][Running/Auto Start]
  <system32\DRIVERS\eamon.sys><ESET>
[easdrv / easdrv][Running/System Start]
  <system32\DRIVERS\easdrv.sys><ESET>
[EIO / EIO][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[epfwtdir / epfwtdir][Running/System Start]
  <system32\DRIVERS\epfwtdir.sys><N/A>
[SEMC USB Flash Driver Filter / ggflt][Stopped/Manual Start]
  <system32\DRIVERS\ggflt.sys><Sony Ericsson Mobile Communications>
[SEMC USB Flash Driver / ggsemc][Stopped/Manual Start]
  <system32\DRIVERS\ggsemc.sys><Sony Ericsson Mobile Communications>
[Hamachi Network Interface / hamachi][Running/Manual Start]
  <system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[ArcNet NDIS Protocol Driver / Ndisprot][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\Ndisprot.sys><Windows (R) Codename Longhorn DDK provider>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
  <system32\drivers\nmwcd.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
  <system32\drivers\nmwcdc.sys><Nokia>
[Nokia USB Port / nmwcdcj][Stopped/Manual Start]
  <system32\drivers\nmwcdcj.sys><Nokia>
[Nokia USB Modem / nmwcdcm][Stopped/Manual Start]
  <system32\drivers\nmwcdcm.sys><Nokia>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
  <system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
  <system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Sony Ericsson Device 115 driver (WDM) / s115bus][Stopped/Manual Start]
  <system32\DRIVERS\s115bus.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Filter / s115mdfl][Stopped/Manual Start]
  <system32\DRIVERS\s115mdfl.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Modem Driver / s115mdm][Stopped/Manual Start]
  <system32\DRIVERS\s115mdm.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) / s115mgmt][Stopped/Manual Start]
  <system32\DRIVERS\s115mgmt.sys><MCCI Corporation>
[Sony Ericsson Device 115 USB WMC OBEX Interface / s115obex][Stopped/Manual Start]
  <system32\DRIVERS\s115obex.sys><MCCI Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Player Recovery Device Control Driver / StMp3Rec][Stopped/Manual Start]
  <System32\Drivers\StMp3Rec.sys><Generic>
[TVICHW32 / TVICHW32][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS><EnTech Taiwan>

==================================
Browser Add-ons
[XTTBPos00 Class]
  {055FD26D-3A88-4e15-963D-DC8493744B1D} <C:\PROGRA~1\ICQTOO~1\4652\toolbaru.dll, (Signed) IE Toolbar>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[&Zdroje informací]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[ICQ6]
  {E59EB121-F339-4851-A3BA-FE49C35617C2} <D:\Program Files\ICQ6.5\ICQ.exe, (Signed) ICQ, Inc.>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
  {41564D57-9980-0010-8000-00AA00389B71} <, >
[Java Plug-in 1.6.0_07]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[XTTBPos00 Class]
  {055FD26D-3A88-4E15-963D-DC8493744B1D} <C:\PROGRA~1\ICQTOO~1\4652\toolbaru.dll, (Signed) IE Toolbar>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <D:\Program Files\Easy Editor 2005\Release\dhtmled.ocx, Microsoft Corporation>
[Ask Toolbar]
  {3041D03E-FD4B-44E0-B742-2D9B88305F98} <, >
[]
  {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} <, >
[]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >
[]
  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <, >
[]
  {4C4E7CDB-5BFC-4D74-83E2-8AE659B7EDA2} <, >
[]
  {52D06F97-5511-43FA-8FDA-C481864FD26E} <, >
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
  {855F3B16-6D32-4FE6-8A56-BBB695989046} <, >
[Webový prohlížeč společnosti Microsoft]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, (Signed) Microsoft Corporation>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
  {A057A204-BACC-4D26-9990-79A187E2698E} <, >
[]
  {A6984C00-C6EB-11D4-B4A4-080000180323} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, (Signed) N/A>
[]
  {CC59E0F9-7E43-44FA-9FAA-8377850BF205} <, >
[]
  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D9C9A8C9-460D-4343-888E-AE02BCC3CE57} <, >
[]
  {E59EB121-F339-4851-A3BA-FE49C35617C2} <, >
[]
  {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[E&xportovat do aplikace Microsoft Office Excel]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 692 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 800 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 844 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 856 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 1012 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1072 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 1356 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\uxtuneup.dll]  [TuneUp Software, 8.0.2000.35]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 1412 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 1492 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 1696 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1281, 0]
[PID: 1824 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswInteg.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswIdle.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResMes.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResNS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResOut.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResStd.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResWS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashSODBC.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\Program Files\Alwil Software\Avast4\aswRes.dll]  [ALWIL Software, 4, 8, 1281, 0]
[PID: 448 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
[PID: 596 / SYSTEM][C:\WINDOWS\ATKKBService.exe]  [ASUSTeK COMPUTER INC., 1, 0, 1, 0]
[PID: 612 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]  [Apple Computer, Inc., 1,0,3,1]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 1196 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]  [Apache Software Foundation, 2.0.47]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]  [N/A, ]
[PID: 1448 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll]  [NVIDIA, 2, 2, 0, 464]
[PID: 1396 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\MSVCP60.dll]  [Microsoft Corporation, 6.02.3104.0]
[PID: 1780 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9131]
[PID: 204 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 252 / SYSTEM][C:\WINDOWS\System32\TUProgSt.exe]  [TuneUp Software, 8.0.2000.35]
[PID: 728 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll]  [Apache Software Foundation, 0.0.0.0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll]  [Apache Software Foundation, 2.0.52]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so]  [Apache Software Foundation, 2.0.49]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so]  [Apache Software Foundation, 2.0.47]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll]  [N/A, ]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll]  [N/A, ]
[PID: 1244 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe]  [, 1, 0, 1, 0]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll]  [NVIDIA Corporation, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\SpecialCase.dll]  [NVIDIA, 2, 2, 0, 464]
    [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll]  [NVIDIA, 2, 2, 0, 464]
[PID: 1756 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AhResMai.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\Program Files\Alwil Software\Avast4\Czech\Lang.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Alwil Software\Avast4\Czech\langmai.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 256 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashBase.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\ashTask.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswAux.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\Czech\Base.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswEngin.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\Alwil Software\Avast4\aswScan.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll]  [ALWIL Software, 4, 8, 1281, 0]
[PID: 976 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
[PID: 3424 / SYSTEM][C:\Program Files\PC Connectivity Solution\ServiceLayer.exe]  [Nokia., 6, 83, 78, 3]
    [C:\Program Files\PC Connectivity Solution\NclTools.dll]  [Nokia, 6, 83, 31, 2]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLRSMM.dll]  [Nokia Corp., 6, 83, 40, 1]
    [C:\Program Files\PC Connectivity Solution\Transports\NCLUSBMM.dll]  [Nokia., 6, 83, 54, 2]
    [C:\Program Files\PC Connectivity Solution\Transports\NclMSBTMM.dll]  [Nokia Corp., 6, 83, 54, 1]
[PID: 824 / Rico][C:\WINDOWS\system32\wscntfy.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3712 / Rico][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Společnost Microsoft, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Ahead\Lib\NeroSearchBar.dll]  [Nero AG, 1, 2, 0, 13]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\NeroSearchTrayHook.dll]  [Nero AG, 1, 2, 0, 13]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\BCGCBPRO800u.dll]  [BCGSoft Ltd, 8, 00, 0, 0]
    [D:\Program Files\RocketDock\RocketDock.dll]  [N/A, ]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 2, 7, 0]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [D:\Program Files\WinRAR\rarlng.dll]  [N/A, ]
    [C:\Program Files\7-Zip\7-zip.dll]  [N/A, ]
    [D:\Program Files\PhotoImpression\share\pihook.dll]  [N/A, ]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll]  [ALWIL Software, 4, 8, 1281, 0]
    [C:\Program Files\TuneUp Utilities 2009\SDShelEx-win32.dll]  [TuneUp Software, 8.0.2000.35]
[PID: 2088 / Rico][C:\WINDOWS\system32\RunDLL32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMCTray.dll]  [NVIDIA Corporation, 6.14.10.9131]
    [C:\WINDOWS\system32\NVRSCS.DLL]  [NVIDIA Corporation, 6.14.10.9131]
[PID: 3460 / Rico][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 61]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4400, 9]
[PID: 708 / Rico][C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.70.6]
[PID: 2132 / Rico][C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE]  [Nokia, 6, 81, 61, 4]
    [C:\Program Files\PC Connectivity Solution\ConnAPI.DLL]  [Nokia., 6, 83, 80, 4]
    [C:\PROGRA~1\Nokia\NOKIAP~1\PCSCM.dll]  [Nokia, 6, 81, 68, 0]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll]  [Nokia, 6, 0, 0, 2]
    [C:\WINDOWS\system32\msxml4.dll]  [Microsoft Corporation, 4.20.9818.0]
    [C:\PROGRA~1\Nokia\NOKIAP~1\Lang\LaunchApplication_cze.NLR]  [Nokia, 6, 81, 60, 0]
[PID: 2724 / Rico][C:\Program Files\qttask.exe]  [Apple Computer, Inc., 7.1.3]
[PID: 2188 / Rico][C:\Program Files\Messenger\msmsgs.exe]  [Microsoft Corporation, 4.7.3000]
[PID: 3608 / Rico][C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe]  [Nero AG, 1, 2, 0, 13]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll]  [Nero AG, 3,15,2, 6900]
    [C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll]  [Nero AG, 1, 2, 0, 13]
    [C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll]  [Nero AG, 1, 2, 0, 13]
[PID: 3616 / Rico][D:\Program Files\RocketDock\RocketDock.exe]  [N/A, ]
    [D:\Program Files\RocketDock\RocketDock.dll]  [N/A, ]
[PID: 4080 / Rico][D:\Program Files\ICQ6.5\ICQ.exe]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MKernel.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MUtils.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Program Files\ICQ6.5\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\ICQ6.5\coolcore49.dll]  [AOL LLC, 4.9.0.5711]
    [D:\Program Files\ICQ6.5\xprt6.dll]  [AOL LLC, 6.6.6.5927]
    [D:\Program Files\ICQ6.5\MDb.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MCoreLib.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MUIUtils.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MUICoreLib.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\AOLSvcMgr.dll]  [AOL LLC, 15.5.1.2]
    [d:\program files\icq6.5\services\boxelyrenderer\ver3_6_8_1\boxelyRenderer.dll]  [AOL LLC, 3.6.8.1]
    [D:\Program Files\ICQ6.5\ICQDevilImg.ocx]  [ICQ Ltd., 1, 0, 0, 1]
    [D:\Program Files\ICQ6.5\MBContainer.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MCore.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MReport.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\MISB.dll]  [ICQ, Inc., 6.0.0.5011]
    [D:\Program Files\ICQ6.5\MUICore.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\PhotoImpression\share\pihook.dll]  [N/A, ]
    [D:\Program Files\RocketDock\RocketDock.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [D:\Program Files\ICQ6.5\FlashPlayerControl.dll]  [Softanics, 2, 1, 7, 0]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\PROGRA~1\COMMON~1\ArcSoft\MPEGEN~1\mpgaudio.ax]  [ArcSoft Inc., 2, 4, 1, 0]
    [C:\PROGRA~1\COMMON~1\ArcSoft\MPEGEN~1\AdavAudioDec.dll]  [ArcSoft (HZ), 2, 4, 1, 0]
    [C:\WINDOWS\System32\l3codecx.ax]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 5, 0, 50]
    [C:\WINDOWS\system32\Macromed\Common\SwSupport.dll]  [Adobe Systems, Inc., 10.4r25]
    [D:\Program Files\ICQ6.5\MUIMessage.dll]  [ICQ, Inc., 6.5.0.104]
    [D:\Program Files\ICQ6.5\SSCE5532.dll]  [Wintertree Software Inc., 5.16.6.0]
[PID: 2224 / Rico][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.9.0.5]
    [C:\Program Files\Mozilla Firefox\xul.dll]  [Mozilla Foundation, 1.9.0.5]
    [C:\Program Files\Mozilla Firefox\sqlite3.dll]  [sqlite.org, 3.5.9]
    [C:\Program Files\Mozilla Firefox\MOZCRT19.dll]  [Mozilla Foundation, 8.00.0000]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssutil3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Mozilla Foundation, 4.7.1]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.9.0.5]
    [D:\Program Files\RocketDock\RocketDock.dll]  [N/A, ]
    [C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll]  [Mozilla Foundation, 1.9.0.5]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll]  [Mozilla Foundation, 1.9.0.5]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssdbm3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.12.2.0 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.72]
[PID: 3172 / Rico][C:\Documents and Settings\Rico\Plocha\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 3076 / Rico][C:\Documents and Settings\Rico\Plocha\SRE6066c463.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [D:\Program Files\RocketDock\RocketDock.dll]  [N/A, ]
    [C:\Documents and Settings\Rico\Plocha\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Computer, Inc., 1,0,3,1]
    [C:\WINDOWS\system32\nvappfilter.dll]  [NVIDIA, 1, 0, 2, 0]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
    C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
    C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
    C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)
NVIDIA App Filter
    C:\WINDOWS\system32\nvappfilter.dll(NVIDIA, NVIDIA IAM LSP)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 596, C:\WINDOWS\ATKKBSERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1448, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCIP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1396, C:\PROGRAM FILES\NVIDIA CORPORATION\NETWORKACCESSMANAGER\BIN\NSVCLOG.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3424, C:\PROGRAM FILES\PC CONNECTIVITY SOLUTION\SERVICELAYER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2132, C:\PROGRA~1\NOKIA\NOKIAP~1\LAUNCH~1.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2724, C:\PROGRAM FILES\QTTASK.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3608, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3616, D:\PROGRAM FILES\ROCKETDOCK\ROCKETDOCK.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3172, C:\DOCUMENTS AND SETTINGS\RICO\PLOCHA\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] Úklid 1 kliknutím.job
        C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
[Enabled] AppleSoftwareUpdate.job
        C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[Enabled] 1-Click Maintenance.job
        C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




[jaro3]

Pokus si odinstaloval ComboFix , tak si ho zase stáhni a dej na plochu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\program files\AskBardis

File::
c:\windows\system32\drivers\Ndisprot.sys

Driver::
Ndisprot

Registry::
[-HKEY_CLASSES_ROOT\clsid\{d9c9a8c9-460d-4343-888e-ae02bcc3ce57}]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[RicoCZE]

log z ComboFix:

ComboFix 09-01-13.04 - Rico 2009-01-15 17:30:18.8 - NTFSx86
Spuštěný z: c:\documents and settings\Rico\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Rico\Plocha\CFScript.txt

FILE ::
c:\windows\system32\drivers\Ndisprot.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBardis
c:\program files\AskBardis\bar\Settings\prevCfg2.htm
c:\windows\system32\drivers\Ndisprot.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NDISPROT
-------\Service_Ndisprot


((((((((((((((((((((((((( Soubory vytvořené od 2008-12-15 do 2009-01-15 )))))))))))))))))))))))))))))))
.

2009-01-11 20:26 . 2009-01-11 20:26 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2009-01-10 15:16 . 2009-01-10 15:17 <DIR> d-------- C:\Downloads
2009-01-10 13:02 . 2009-01-10 13:03 <DIR> d-------- c:\program files\Native Instruments
2009-01-06 21:05 . 2009-01-06 21:05 <DIR> d-------- c:\program files\Smart WAV Converter
2009-01-06 20:52 . 2009-01-06 20:55 <DIR> d-------- c:\program files\ACE-HIGH MP3 WAV WMA OGG Converter
2009-01-06 20:52 . 2002-11-13 11:14 1,703,936 --a------ c:\windows\system32\NCTAudioFile.dll
2009-01-06 20:52 . 2002-11-06 15:12 360,448 --a------ c:\windows\system32\NCTWMAFile.dll
2009-01-06 20:52 . 2001-08-08 21:00 40,960 --a------ c:\windows\system32\DGPNorm.ocx
2009-01-06 15:45 . 2009-01-06 15:45 <DIR> d-------- c:\documents and settings\LocalService\Plocha
2009-01-04 18:05 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-01-04 18:05 . 2009-01-04 18:05 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-04 18:05 . 2009-01-04 18:05 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2009-01-04 17:57 . 2009-01-04 17:57 1,107,296 --a------ c:\windows\system32\WdfCoInstaller01007.dll
2009-01-04 17:57 . 2009-01-04 17:57 22,368 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-01-04 17:57 . 2009-01-04 17:57 10,976 --a------ c:\windows\system32\drivers\ggflt.sys
2009-01-03 16:47 . 2009-01-03 16:47 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-01-03 16:47 . 2009-01-03 16:47 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-01-03 16:47 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-01-03 16:45 . 2009-01-03 16:51 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-03 16:42 . 2009-01-03 16:42 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-01-03 16:42 . 2009-01-03 16:42 <DIR> d--hs---- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-25 19:43 . 2008-12-30 15:53 <DIR> d-------- c:\documents and settings\Rico\Data aplikací\uTorrent
2008-12-23 12:10 . 2008-12-23 12:10 <DIR> d-------- c:\program files\ICQ6Toolbar
2008-12-23 12:10 . 2008-12-23 12:10 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ICQ
2008-12-22 14:23 . 2008-12-22 14:23 <DIR> d-------- c:\documents and settings\Rico\Data aplikací\Panasonic
2008-12-21 09:01 . 2008-12-21 09:01 <DIR> d-------- c:\program files\QTComponents
2008-12-21 08:56 . 2005-03-07 19:44 45,056 --a------ c:\windows\system32\PhDi2.sys
2008-12-21 08:55 . 2008-12-21 08:55 <DIR> d-------- c:\program files\Panasonic
2008-12-21 08:54 . 2008-12-21 08:54 <DIR> d-------- c:\program files\Common Files\ArcSoft
2008-12-21 08:54 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\system32\gdiplus.dll
2008-12-21 08:54 . 2004-03-10 01:59 143,360 --a------ c:\windows\system32\PhotoBase Screen Saver.scr
2008-12-21 08:54 . 2003-09-19 16:45 21,248 --a------ c:\windows\system32\drivers\pfc.sys
2008-12-21 08:53 . 1995-07-31 12:44 212,480 --a------ c:\windows\PCDLIB32.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 19:30 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-11 09:47 --------- d-----w c:\documents and settings\Rico\Data aplikací\HLSW
2009-01-10 14:30 --------- d-----w c:\documents and settings\Rico\Data aplikací\ICQ
2009-01-03 12:00 --------- d-----w c:\documents and settings\Rico\Data aplikací\Hamachi
2009-01-02 17:39 --------- d-----w c:\program files\Ryso HandyLook
2008-12-23 11:09 --------- d-----w c:\program files\ICQ6
2008-12-21 08:01 --------- d-----w c:\program files\Plugins
2008-12-19 14:25 --------- d-----w c:\documents and settings\Rico\Data aplikací\FileZilla
2008-12-09 19:40 --------- d-----w c:\program files\WM Converter
2008-12-09 05:58 --------- d-----w c:\program files\Nokia
2008-12-01 11:48 --------- d-----w c:\documents and settings\Rico\Data aplikací\teamspeak2
2008-11-27 15:50 --------- d-----w c:\program files\FreeUndelete
2008-11-18 20:59 --------- d-----w c:\documents and settings\Ladislava\Data aplikací\PC Suite
2008-11-16 17:14 --------- d-----w c:\documents and settings\LocalService\Data aplikací\PC Suite
2008-11-16 17:12 --------- d-----w c:\program files\Common Files\PCSuite
2008-11-16 17:12 --------- d-----w c:\program files\Common Files\Nokia
2008-03-10 18:42 1,729 ----a-w c:\program files\Adobe Reader 8.lnk
2008-03-10 18:38 23,454,528 ----a-w c:\program files\AdbeRdr812_en_US.exe
2006-09-01 16:26 562,760 ----a-w c:\program files\QTPlugin.ocx
2006-09-01 16:26 5,580,360 ----a-w c:\program files\QuickTimePlayer.exe
2006-09-01 15:46 712,704 ----a-w c:\program files\QTOControl.dll
2006-09-01 15:46 675,840 ----a-w c:\program files\QTOLibrary.dll
2006-09-01 15:46 598,016 ----a-w c:\program files\QTInfo.exe
2006-09-01 15:45 303,104 ----a-w c:\program files\QTUIPanelControl.dll
2006-09-01 15:16 483,328 ----a-w c:\program files\PictureViewer.exe
2006-09-01 14:57 282,624 ----a-w c:\program files\qttask.exe
2006-08-03 14:51 8,161 ----a-w c:\program files\QuickTime Read Me.htm
2005-09-27 11:13 55,622 ----a-w c:\program files\Sample.mov
2005-09-27 11:13 18,663 ----a-w c:\program files\Sample.qtif
.

((((((((((((((((((((((((((((( snapshot@2009-01-15_17.00.54.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-01-15 16:32:58 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_730.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-17 1667584]
"QuickTime Task"="c:\program files\qttask.exe" [2006-09-01 282624]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"RocketDock"="d:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376]
"QuickTime Task"="c:\program files\qttask.exe" [2006-09-01 282624]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 c:\windows\system32\nvmctray.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"d:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"d:\\Program Files\\Valve\\hl.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\Hamachi\\hamachi.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Test server\\samp-server.exe"=
"d:\\Soldat\\Soldat.exe"=
"d:\\zaloha\\Rico\\Moje Album\\HLSW\\hlsw.exe"=
"d:\\zaloha\\Rico\\Moje Album\\pawno\\server\\samp-server.exe"=
"d:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Valve\\Steam\\steamapps\\ricocze\\counter-strike\\hl.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Valve\\Steam\\steamapps\\ricocze\\condition zero\\hl.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Valve\\Steam\\Steam.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Valve\\Steam\\steamapps\\ricocze\\counter-strike beta\\hl.exe"=
"d:\\zaloha\\Rico\\Moje Album\\Valve\\Steam\\steamapps\\ricocze\\dedicated server\\hlds.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9139:TCP"= 9139:TCP:BitComet 9139 TCP
"9139:UDP"= 9139:UDP:BitComet 9139 UDP

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-01-04 10976]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [2008-10-10 23600]
S1 aswSP;avast! Self Protection; [x]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-12 20560]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-03 603904]
S3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2004-08-03 69120]


--- Ostatní služby/ovladace v pameti ---

*Deregistered* - Aavmker4
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - asuskbnt
*Deregistered* - aswFsBlk
*Deregistered* - aswMon2
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - aswUpdSv
*Deregistered* - ATKKeyboardService
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - avast! Antivirus
*Deregistered* - avast! Mail Scanner
*Deregistered* - avast! Web Scanner
*Deregistered* - Beep
*Deregistered* - BITS
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - Dnscache
*Deregistered* - eamon
*Deregistered* - easdrv
*Deregistered* - EIO
*Deregistered* - epfwtdir
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - ForceWare Intelligent Application Manager (IAM)
*Deregistered* - ForcewareWebInterface
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - hamachi
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - nSvcIp
*Deregistered* - nSvcLog
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - NVSvc
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Schedule
*Deregistered* - Spooler
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - TuneUp.ProgramStatisticsSvc
*Deregistered* - Update
*Deregistered* - UxTuneUp
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WS2IFSL
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-01-15 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2008-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 14:21]

2009-01-15 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: {52FB17E9-AF75-47A1-90B4-6C2C25A73E3E} = 77.48.95.1,77.48.95.5
FF - ProfilePath - c:\documents and settings\Rico\Data aplikací\Mozilla\Firefox\Profiles\fflcxhv4.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://rico.hu.cz/news.php
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - plugin: c:\program files\Plugins\npqtplugin.dll
FF - plugin: c:\program files\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\Plugins\npqtplugin5.dll
FF - plugin: c:\program files\Plugins\npqtplugin6.dll
FF - plugin: c:\program files\Plugins\npqtplugin7.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 17:33:30
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(860)
c:\windows\system32\nvappfilter.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Celkový čas: 2009-01-15 17:36:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-01-15 16:36:18

Před spuštěním: 4 093 296 640
Po spuštění: 4,022,517,760

342 --- E O F --- 2008-03-18 13:07:37








Log z HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:44, on 15.1.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
D:\Program Files\RocketDock\RocketDock.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\4652\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-21-682003330-1060284298-725345543-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-682003330-1060284298-725345543-1004\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime (User '?')
O4 - HKUS\S-1-5-21-682003330-1060284298-725345543-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-682003330-1060284298-725345543-1004\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{52FB17E9-AF75-47A1-90B4-6C2C25A73E3E}: NameServer = 77.48.95.1,77.48.95.5
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 7714 bytes

[jaro3]

Najdi a manuálně smaž : C:\Program Files\qttask.exe
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime
O4 - HKUS\S-1-5-21-682003330-1060284298-725345543-1004\..\Run: [QuickTime Task] "C:\Program Files\qttask.exe" -atboottime (User '?')

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u
Znovu vyčisti CCleanerem.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Napiš jak , je to se stahováním.

[RicoCZE]

já tam select all found nemám já tam mám jen select all a to mi smaže všechno ne ?

[jaro3]

Smaže Ti jen zbytky po špatně odinstalovaných programech , žádný strach.

[RicoCZE]

napsalo mi to u Mozzily:

C:\Documents and Settings\Rico\Plocha\Fighter FX 666 Special Edition.rar.part nemohl být uložen, protože nemohl být přečten zdrojový soubor.

Zkuste to prosím za chvíli znovu nebo kontaktujte administrátora serveru.


soubor ktery jsem stahoval z jinčího webu už není, byl vymazan a našel jsem si jinči, soubor je to stejný akorát na jinčím webu : http://www.4shared.com/get/58704476/19b ... 4843.dc115