Prosím o kontrolu logu Vyřešeno

[kudr8]

T-Cleaner už udělal svou práci, mažu..

Tady máš ten log z Rsitu:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Radim at 2010-07-21 23:44:52
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (10%) free of 76 GB
Total RAM: 511 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:45:22, on 21.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\hosting\apache\bin\httpd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\hosting\apache\bin\httpd.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\hosting\tomcat\bin\tomcat6.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Valve\hl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Radim\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Radim.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Seznam Bezpečný Internet - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam Bezpecny Internet\SBI.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: setup_9.0.0.722_21.07.2010_13-25.lnk = C:\Documents and Settings\Radim\Plocha\Virus Removal Tool\setup_9.0.0.722_21.07.2010_13-25\startup.exe
O4 - Global Startup: HostingClientShortcut.lnk = C:\hosting\client\HostingClient.exe
O4 - Global Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam Bezpecny Internet\SBI.dll/5034
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Hledej v &Seznamu - res://C:\Program Files\Seznam Bezpecny Internet\SBI.dll/5033
O8 - Extra context menu item: Hledej v Seznam &Fulltextu - res://C:\Program Files\Seznam Bezpecny Internet\SBI.dll/5035
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05696265-2E64-4DC0-8F18-BF9B1D6C91D1}: NameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05696265-2E64-4DC0-8F18-BF9B1D6C91D1}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\hosting\apache\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: tomcat6 - Apache Software Foundation - C:\hosting\tomcat\bin\tomcat6.exe

--
End of file - 12252 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-01 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Bezpečný Internet - C:\Program Files\Seznam Bezpecny Internet\SBI.dll [2005-01-04 585728]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
"D_V_T"=C:\\dvt.exe [2006-02-10 3584]
"Ulead AutoDetector"=C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-02-27 45056]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"CARPService"=C:\WINDOWS\system32\carpserv.exe [2002-11-19 4608]
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-13 39408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Steam"=c:\program files\steam\steam.exe [2010-07-02 1238352]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HostingClientShortcut.lnk - C:\hosting\client\HostingClient.exe
hp instant support.lnk - C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe

C:\Documents and Settings\Radim\Nabídka Start\Programy\Po spuštění
setup_9.0.0.722_21.07.2010_13-25.lnk - C:\Documents and Settings\Radim\Plocha\Virus Removal Tool\setup_9.0.0.722_21.07.2010_13-25\startup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Hry\Need for Speed Underground 2\speed2.exe"="C:\Hry\Need for Speed Underground 2\speed2.exe:*:Disabled:speed2"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\hosting\client\HostingClient.exe"="C:\hosting\client\HostingClient.exe:*:Enabled:SysApp"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-07-21 23:44:52 ----D---- C:\rsit
2010-07-21 21:55:09 ----SHD---- C:\RECYCLER
2010-07-21 21:34:43 ----A---- C:\ComboFix.txt
2010-07-21 13:11:25 ----D---- C:\WINDOWS\temp
2010-07-21 12:41:00 ----RASHD---- C:\cmdcons
2010-07-21 12:00:04 ----A---- C:\WINDOWS\system32\drivers\42574892.sys
2010-07-21 12:00:04 ----A---- C:\WINDOWS\system32\drivers\42574891.sys
2010-07-21 12:00:04 ----A---- C:\WINDOWS\system32\drivers\4257489.sys
2010-07-21 10:05:12 ----D---- C:\_OTL
2010-07-21 10:03:57 ----D---- C:\Program Files\Eset
2010-07-21 09:27:37 ----D---- C:\ComboFix(2)
2010-07-20 22:36:06 ----A---- C:\Boot.bak
2010-07-20 21:55:37 ----D---- C:\WINDOWS\ERDNT
2010-07-20 16:11:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-20 16:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-20 16:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-20 16:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-20 16:05:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-20 16:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-20 16:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-07-20 16:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-20 16:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-20 16:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-20 16:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-07-20 15:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-20 15:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-20 15:58:54 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-07-20 15:58:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-07-20 15:58:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-20 15:53:23 ----D---- C:\Program Files\MSXML 4.0
2010-07-20 15:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-20 15:51:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-07-20 15:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-20 15:44:20 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-20 15:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-20 15:44:07 ----D---- C:\Program Files\Trend Micro
2010-07-20 15:35:00 ----D---- C:\Program Files\Common Files\Java
2010-07-20 15:32:55 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-20 15:32:55 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-20 15:32:55 ----A---- C:\WINDOWS\system32\java.exe
2010-07-20 15:32:55 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-19 23:56:29 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-07-19 23:56:28 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-07-19 23:56:23 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-07-19 23:56:20 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-07-19 23:56:20 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-07-19 23:56:19 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-07-19 23:54:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-07-19 23:50:44 ----D---- C:\Program Files\Alwil Software
2010-07-19 23:50:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-07-19 21:49:08 ----D---- C:\Documents and Settings\Radim\Data aplikací\GlarySoft
2010-07-19 21:39:24 ----D---- C:\Program Files\Glary Utilities
2010-07-19 09:34:35 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-07-14 12:51:39 ----D---- C:\Program Files\EA GAMES
2010-06-29 19:00:05 ----D---- C:\Program Files\Steam
2010-06-25 20:28:19 ----A---- C:\AILog.txt
2010-06-25 19:51:37 ----D---- C:\Program Files\Metin2

======List of files/folders modified in the last 1 months======

2010-07-21 23:39:09 ----D---- C:\WINDOWS
2010-07-21 23:38:41 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-21 23:31:21 ----D---- C:\Documents and Settings\Radim\Data aplikací\Skype
2010-07-21 21:55:51 ----D---- C:\Program Files\Valve
2010-07-21 21:22:00 ----A---- C:\WINDOWS\system.ini
2010-07-21 21:21:24 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-21 21:19:57 ----RD---- C:\Program Files
2010-07-21 21:19:55 ----SD---- C:\WINDOWS\Tasks
2010-07-21 21:08:50 ----D---- C:\WINDOWS\system32
2010-07-21 21:08:49 ----D---- C:\WINDOWS\system32\drivers
2010-07-21 21:08:49 ----D---- C:\WINDOWS\AppPatch
2010-07-21 21:08:44 ----D---- C:\Program Files\Common Files
2010-07-21 20:56:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-21 18:39:58 ----D---- C:\Documents and Settings\Radim\Data aplikací\Software Informer
2010-07-21 18:32:01 ----D---- C:\Documents and Settings\Radim\Data aplikací\skypePM
2010-07-21 13:32:08 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-21 13:26:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2010-07-21 13:22:09 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-21 13:10:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-21 12:41:07 ----RASH---- C:\boot.ini
2010-07-21 12:21:46 ----D---- C:\Documents and Settings\Radim\Data aplikací\ICQ
2010-07-21 12:03:01 ----HD---- C:\WINDOWS\inf
2010-07-21 10:25:04 ----D---- C:\Program Files\ICQ6.5
2010-07-21 10:06:23 ----D---- C:\WINDOWS\system32\config
2010-07-21 10:05:43 ----D---- C:\WINDOWS\system32\wbem
2010-07-21 10:05:41 ----D---- C:\WINDOWS\Registration
2010-07-20 16:38:53 ----D---- C:\Program Files\TweakNow RegCleaner Std
2010-07-20 16:22:25 ----D---- C:\WINDOWS\system32\Setup
2010-07-20 16:22:23 ----D---- C:\Config.Msi
2010-07-20 16:13:19 ----A---- C:\WINDOWS\imsins.BAK
2010-07-20 16:08:47 ----D---- C:\Program Files\Outlook Express
2010-07-20 16:03:46 ----D---- C:\WINDOWS\ServicePackFiles
2010-07-20 16:03:08 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-20 15:55:57 ----D---- C:\WINDOWS\system32\cs-cz
2010-07-20 15:55:57 ----D---- C:\Program Files\Internet Explorer
2010-07-20 15:55:02 ----D---- C:\WINDOWS\ie7updates
2010-07-20 15:54:10 ----SHD---- C:\WINDOWS\Installer
2010-07-20 15:54:04 ----D---- C:\WINDOWS\WinSxS
2010-07-20 15:44:10 ----SD---- C:\Documents and Settings\Radim\Data aplikací\Microsoft
2010-07-20 15:32:41 ----D---- C:\Program Files\Java
2010-07-20 09:57:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-20 00:16:08 ----D---- C:\Documents and Settings\Radim\Data aplikací\Free Download Manager
2010-07-19 23:58:52 ----D---- C:\Program Files\Google
2010-07-19 12:02:09 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-19 09:34:27 ----D---- C:\WINDOWS\Debug
2010-07-19 07:54:25 ----D---- C:\WINDOWS\Prefetch
2010-07-16 21:07:56 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-07-15 15:30:59 ----A---- C:\drivertimer.txt
2010-07-14 13:09:54 ----D---- C:\Downloads
2010-07-14 12:51:16 ----D---- C:\WINDOWS\system32\DirectX
2010-07-05 20:57:42 ----A---- C:\WINDOWS\ACROREAD.INI
2010-07-05 18:44:02 ----A---- C:\WINDOWS\Ulead32.ini
2010-06-30 12:46:27 ----D---- C:\Program Files\Mozilla Firefox
2010-06-29 22:00:04 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 42574892;42574892 Boot Guard Driver; C:\WINDOWS\system32\DRIVERS\42574892.sys [2009-10-22 37392]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-06 43528]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R1 42574891;42574891; C:\WINDOWS\system32\DRIVERS\42574891.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2005-10-01 82380]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 setup_9.0.0.722_21.07.2010_13-25drv;setup_9.0.0.722_21.07.2010_13-25drv; C:\WINDOWS\system32\DRIVERS\4257489.sys [2009-10-09 315408]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2002-11-07 11011]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\System32\DRIVERS\strmdisp.sys [2002-11-19 22400]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-06-29 1241088]
R3 catchme;catchme; \??\C:\DOCUME~1\Radim\LOCALS~1\Temp\catchme.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-03-22 114944]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-03-22 835636]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-03-22 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-03-22 211724]
R3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2005-09-26 8576]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-03-22 156604]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-03-22 991656]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-11-19 1067008]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2002-11-19 166144]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-03-22 195432]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-03 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-11-19 585472]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-02-04 717296]
S2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCCP106;CIF USB Camera (2110A); C:\WINDOWS\system32\DRIVERS\cccp106.sys [2003-04-28 227200]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CoachAud;Coach Audio; C:\WINDOWS\system32\DRIVERS\CoachAud.sys [2004-11-24 10368]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys []
S3 CoachVc;Coach Video Capture; C:\WINDOWS\system32\DRIVERS\CoachVc.sys []
S3 Devx;Devx; C:\WINDOWS\system32\drivers\Devx.sys [2001-09-06 4448]
S3 eusk3usb;SmartKey 3 USB; C:\WINDOWS\System32\Drivers\eusk3usb.sys [2004-11-18 45534]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2002-02-15 50960]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2002-03-21 16112]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2002-03-08 22512]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 mbr;mbr; \??\C:\DOCUME~1\Radim\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-03-26 12800]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-03-26 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-03-26 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VtPr;VtPr; C:\WINDOWS\system32\drivers\VtPr.sys [2001-10-10 3328]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ; C:\WINDOWS\system32\DRIVERS\mrv8ka51.sys [2004-05-20 258560]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Apache2.2;Apache2.2; C:\hosting\apache\bin\httpd.exe [2009-09-28 24645]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-29 376832]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2006-02-10 507904]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 tomcat6;tomcat6; C:\hosting\tomcat\bin\tomcat6.exe [2007-07-20 57344]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-06-28 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-31 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-06 183280]
S2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2009-10-17 181312]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-03-15 81920]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------

[Reklama]

[bledulka]

Fajn, tak jestli budeš mít ty vánoce, chci dáreček

[kudr8]

najdu si tě a za odměnu dostaneš pusu

[kudr8]

To co mi našel malwarebytes mám smazat že????
Tady máš ten poslednui log:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4336

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

22.7.2010 6:59:04
mbam-log-2010-07-22 (06-59-04).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 290793
Uplynulý čas: 4 hodina(y), 10 minuta(y), 21 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com/) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Radim\Plocha\michal\programy\HLC_v1_setup.exe (Worm.Magania) -> No action taken.
C:\Program Files\DesetiPrsty\patch.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Radim\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\Radim\Data aplikací\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken.

[bledulka]

V mbamu to smaž.

Odinstaluj AVPtool.

Odinstaluj Daemon tools toolbar


Spustíš program HJT
-klikni na tlačítko Do a system scan and save a logfile
-Vyběhne tabulka, na začátku každého řádku je čtvereček.
-U řádku , který jsem označila, dáš do čtverečku
fajfku

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: setup_9.0.0.722_21.07.2010_13-25.lnk = C:\Documents and Settings\Radim\Plocha\Virus Removal Tool\setup_9.0.0.722_21.07.2010_13-25\startup.exe
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)



-nakonec zmáčkneš tlačítko Fix checked


Stahni OTC
www.itxassociates.com/OT-Tools/OTC.exe
-spusť
-počítač se restartuje
-tímto programem se vyčistí tempy a zbytky po programech
-po použití ho můžeš vymazat

****************
Start spustit - napiš
sc delete amon
enter


Ještě bych Ti doporučila doinstalovat sp3. A taky ten firewall ve windopws nahradit nečím jiným, mě osobně se zamlouvá Zone alarm.

Pokud nejsou problémy, máme hotovo a můžeš dát vyřešeno , zelenou fajfku.

[kudr8]

Ten Zone alarm mám jen stáhnout a nainstalovat???? A co je sp3??

[kudr8]

Jo aha, service pack 3 že? Pošleš mi prosím nějaký link?

[guest]

Nevím, jestli je ten link ještě funkční, nicméně SP3 zde je link.

Nicméně: http://lmgtfy.com/?q=XPSP3

[kudr8]

díky.. a pomůžeš mi prosím co stím Zone alarm?? jen stáhnout a nainstalovat?

[guest]

S nastavením ti neporadím, protože jsem zo ani neviděl, nicméně zde je hojně používán a chválen.

Stáhni a nainstaluj. Pokud si neporadíš s nastavením (většinou to ale bývá základně nastaveno), tak si založ nové téma !!! a tam požádej o pomoc s nastavením. Někdo ti jistě poradí.

[kudr8]

dobré, už to mám nainstalované a nastavené... díky moc za všechno, hlavně Bledulce :-)

označuji toto téma za vyřešené