prestal mi fungovat control panel..

[van Bellen]

mal som nainstalovany avast antivir ale zacal mi nejak spomalovat ntb s vistamy tak som nahodil nod32.naslo 4viry ale aj po precisteni to nejak blbne.ked chcem spustit control panel,nabehne ale hned sa aj vypne.ked zapnem ie,tak zmiznu vsetky ikony aj dolna lista.pomaha cez total commander spustenie explorer.exe...na ntb mam oem vista home premium,bojim sa moc do toho zasahovat tak sa radsej poradim pred tym nez nieco urobim

v msconfig som si vsimol ze sa spustaju nejake kniznice v adresay user/temp aj potom ako ich zrusim.tu je hijack log

Logfile of HijackThis v1.99.1
Scan saved at 9:56:04, on 8. 3. 2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)

Running processes:
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\PERUN\AppData\Local\Temp\pmnkh.dll,c
O4 - HKCU\..\Run: [2a9e456c] rundll32.exe "C:\Users\PERUN\AppData\Local\Temp\brwsngeo.dll",b
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash to GetFlash - res://C:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [!AGetFlash] GetFlash
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} (JOJ_Explorer_Player Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

[Baron Prášil]

na visty ale už opravdu nový hijackthis,prosím
http://www.trendsecure.com/portal/en-US ... ckThis.exe

[van Bellen]

tak este raz...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:23, on 8. 3. 2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\explorer.exe
C:\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\PERUN\AppData\Local\Temp\pmnkh.dll,c
O4 - HKCU\..\Run: [2a9e456c] rundll32.exe "C:\Users\PERUN\AppData\Local\Temp\brwsngeo.dll",b
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash to GetFlash - res://C:\Program Files\Superhunter\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - C:\Program Files\Superhunter\GetFlash\GetFlash.dll (HKCU)
O11 - Options group: [!AGetFlash] GetFlash
O13 - Gopher Prefix:
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} (JOJ_Explorer_Player Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

[Baron Prášil]

Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log, který se ti zobrazí, jinak ho najdeš zde: C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah+nový log z hijackthis

[van Bellen]

spustim som combofix z plochy.loadovalo to a potom vyskocilo modre okno a v nom:

System nemuze nalezt text zpravy cislo 0x8 v souboru zprav pro system.

[Baron Prášil]

Stáhni si Deckard's System Scanner a ulož ho na plochu.
- Zavři všechna spuštěná okna a spusť program, potvrď licenční podmínky a postupuj podle pokynů. Začne scanování.
- Až skončí tak by měl vytvořit 2 logy proto se ti 2krát otevře notepad. Jeden log bude mít název main.txt a druhý extra.txt. Tak sem zkopíruj pouze ten main.txt

a použij i sdfix
SDFix
a spusť ho,vybalí se do vlastní složky (bude asi na C:\SDfix).

Poté restartuj PC do nouzového režimu.Otevři složku kde je vybalený SDFix a spusť soubor RunThis.bat a stiskni Y pro zahájení čistícího procesu.
Pro dokončení bude třeba stisknout libovolnou klávesu a počítač se restartuje.
Při nabíhání operačního systému budeš muset po vyzvání stisknout libovolnou klávesu pro vstup do do Win.

Po naběhnutí OS by ti měl zobrazit výpis SDFixu tak ho sem zkopíruj. pokud ti nevyběhne tak je umístěný ve své vlastní složce jako Report.txt+ pošli nový HJT log.

[van Bellen]

takze najprv som pouzil dss a tu je log.control panel uz funguje takze explorer opat funguje...

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: Other (0405) - see http://preview.tinyurl.com/mhhp6

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-56
Percentage of Memory in Use: 67%
Physical Memory (total/avail): 1022.38 MiB / 334.27 MiB
Pagefile Memory (total/avail): 2295.41 MiB / 1281.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.04 MiB

C: is Fixed (NTFS) - 104.92 GiB total, 49.75 GiB free.
D: is Fixed (NTFS) - 6.86 GiB total, 2.43 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MHW2120BH ATA Device - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 104.92 GiB - C:
\PARTITION1 - Installable File System - 6.86 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: ESET NOD32 Antivirus 3.0 v3.0 (Eset, spol. s r. o.)
AS: ESET NOD32 Antivirus 3.0 v3.0 (Eset, spol. s r. o.)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\PERUN\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PERUNICA
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\PERUN
LOCALAPPDATA=C:\Users\PERUN\AppData\Local
LOGONSERVER=\\PERUNICA
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;c:\Program Files\Bioscrypt\VeriSoft\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4802
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\PERUN\AppData\Local\Temp
TMP=C:\Users\PERUN\AppData\Local\Temp
USERDOMAIN=PERUNICA
USERNAME=PERUN
USERPROFILE=C:\Users\PERUN
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

PERUN
MAJKA


-- Add/Remove Programs ---------------------------------------------------------

1.1.13.574 --> "C:\Program Files\Umíme ve Flashi\unins000.exe"
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
ACDSee 9 Photo Manager --> MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AuthenTec Fingerprint Sensor Minimum Install --> MsiExec.exe /I{B61B6668-A674-4A06-8405-51944D5CCDDD}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IQv30CFza.inf
CorelDRAW Graphics Suite X4 --> MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW Graphics Suite X4 - Capture --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM --> MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang EN --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF100}
CorelDRAW Graphics Suite X4 - PP --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA --> MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW(R) Graphics Suite X4 --> c:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension --> c:\Program Files\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension --> MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Easy CD-DA Extractor 10 --> "C:\Windows\Easy CD-DA Extractor\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 10\irunin.xml"
Enigma --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9 -removeonly
ESET NOD32 Antivirus --> MsiExec.exe /I{A79C6670-3E17-4CCD-AF7C-18D0837E253F}
ESU for Microsoft Vista --> MsiExec.exe /X{D312D4F0-36AE-4257-B7CD-EF10E38B47AC}
Flash Designer 5 (5.0.22. --> C:\PROGRA~1\Selteco\FLASHD~1\Setup.exe /remove
GetFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AECFC8C-1721-4F74-9C60-6A726067D028}\Setup.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Active Support Library 32 bit components --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 8.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Doc Viewer --> MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP Help and Support --> MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
HP Imaging Device Functions 8.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Integrated Module with Bluetooth wireless technology 6.0.1.4900 --> MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
HP OCR Software 8.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart Essential 2.0 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart.All-In-One Driver Software 8.0 .A --> C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Quick Launch Buttons 6.20 B1 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0005 uninst
HP QuickPlay 3.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Solution Center 8.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0057 --> MsiExec.exe /I{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}
HP Wireless Assistant --> MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
HPSSupply --> MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
ChessBase Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6330700-4083-48DD-A03C-E209674E7836}\setup.exe" -l0x9 -removeonly
ICQ6 --> "C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
M-Audio Series II MIDI --> C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe -runfromtemp -l0x0009 -removeonly
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8 --> MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Microsoft Office Access MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007 --> MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007 --> MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007 --> MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007 --> MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works --> MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
MSCU for Microsoft Vista --> MsiExec.exe /X{5BE3CB1F-54CA-4E7B-BCAE-CE7ED108E7B2}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MyPhoneExplorer --> C:\Program Files\MyPhoneExplorer\uninstall.exe
Nero 7 Lite 7.7.5.1 --> "C:\Program Files\Nero\unins000.exe"
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Playchess --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}\setup.exe" -l0x1b -removeonly
PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
QuickTime Alternative 1.76 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
RadLight 4.0 FINAL --> C:\Program Files\RadLight Company\RadLight 4.0\uninst.exe
Roxio Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive --> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartAudio --> C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio /F1"C:\Program Files\InstallShield Installation Information\{E621DCAF-82F7-4F6D-B563-B6A4004B2397}\setup.iss" /S
Sony Noise Reduction Plug-In 2.0e --> MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}
Sony Sound Forge 9.0 --> MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}
Sothink SWF Decompiler --> "C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander (Remove or Repair) --> c:\totalcmd\tcuninst.exe
VeriSoft Access Manager --> rundll32.exe "c:\Program Files\Bioscrypt\VeriSoft\Bin\SetupHelper.dll",ExecMain /Uninstall {0ABA40AF-288D-41F1-B735-C5155692CD7D}
Vista Battery Saver --> MsiExec.exe /I{8C7D7ED8-2854-4ABA-9A89-CFB7857B9084}
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
WirelessMon V2.1 --> "C:\Program Files\WirelessMon\unins000.exe"
WorldPokerTour --> C:\Windows\system32\UnPoker.exe WorldPokerTour


-- Application Event Log -------------------------------------------------------

Event Record #/Type7095 / Success
Event Submitted/Written: 03/08/2008 10:46:27 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type7094 / Success
Event Submitted/Written: 03/08/2008 10:46:25 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type7088 / Success
Event Submitted/Written: 03/08/2008 10:45:32 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Služba Licencování softwaru byla spuštěna.

Event Record #/Type7080 / Warning
Event Submitted/Written: 03/08/2008 10:43:56 AM
Event ID/Source: 1530 / profsvc
Event Description:
Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-94094056-71339764-3328806708-1001_Classes:
Process 1028 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-94094056-71339764-3328806708-1001_CLASSES

Event Record #/Type7079 / Warning
Event Submitted/Written: 03/08/2008 10:43:55 AM
Event ID/Source: 1530 / profsvc
Event Description:
Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-94094056-71339764-3328806708-1001:
Process 1028 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-94094056-71339764-3328806708-1001



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type41330 / Error
Event Submitted/Written: 03/08/2008 10:46:53 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058

Event Record #/Type41280 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 11 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41279 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 14 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41278 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 13 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41277 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 12 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.



-- End of Deckard's System Scanner: finished at 2008-03-08 12:57:58 ------------

[van Bellen]

takze najprv som pouzil dss a tu je log.control panel uz funguje takze explorer opat funguje...

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: Other (0405) - see http://preview.tinyurl.com/mhhp6

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-56
Percentage of Memory in Use: 67%
Physical Memory (total/avail): 1022.38 MiB / 334.27 MiB
Pagefile Memory (total/avail): 2295.41 MiB / 1281.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.04 MiB

C: is Fixed (NTFS) - 104.92 GiB total, 49.75 GiB free.
D: is Fixed (NTFS) - 6.86 GiB total, 2.43 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MHW2120BH ATA Device - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 104.92 GiB - C:
\PARTITION1 - Installable File System - 6.86 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: ESET NOD32 Antivirus 3.0 v3.0 (Eset, spol. s r. o.)
AS: ESET NOD32 Antivirus 3.0 v3.0 (Eset, spol. s r. o.)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\PERUN\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PERUNICA
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\PERUN
LOCALAPPDATA=C:\Users\PERUN\AppData\Local
LOGONSERVER=\\PERUNICA
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;c:\Program Files\Bioscrypt\VeriSoft\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4802
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\PERUN\AppData\Local\Temp
TMP=C:\Users\PERUN\AppData\Local\Temp
USERDOMAIN=PERUNICA
USERNAME=PERUN
USERPROFILE=C:\Users\PERUN
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

PERUN
MAJKA


-- Add/Remove Programs ---------------------------------------------------------

1.1.13.574 --> "C:\Program Files\Umíme ve Flashi\unins000.exe"
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
ACDSee 9 Photo Manager --> MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AuthenTec Fingerprint Sensor Minimum Install --> MsiExec.exe /I{B61B6668-A674-4A06-8405-51944D5CCDDD}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IQv30CFza.inf
CorelDRAW Graphics Suite X4 --> MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW Graphics Suite X4 - Capture --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM --> MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang EN --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF100}
CorelDRAW Graphics Suite X4 - PP --> MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA --> MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW(R) Graphics Suite X4 --> c:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension --> c:\Program Files\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension --> MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Easy CD-DA Extractor 10 --> "C:\Windows\Easy CD-DA Extractor\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 10\irunin.xml"
Enigma --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9 -removeonly
ESET NOD32 Antivirus --> MsiExec.exe /I{A79C6670-3E17-4CCD-AF7C-18D0837E253F}
ESU for Microsoft Vista --> MsiExec.exe /X{D312D4F0-36AE-4257-B7CD-EF10E38B47AC}
Flash Designer 5 (5.0.22. --> C:\PROGRA~1\Selteco\FLASHD~1\Setup.exe /remove
GetFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AECFC8C-1721-4F74-9C60-6A726067D028}\Setup.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Active Support Library 32 bit components --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 8.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Doc Viewer --> MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP Help and Support --> MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
HP Imaging Device Functions 8.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Integrated Module with Bluetooth wireless technology 6.0.1.4900 --> MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
HP OCR Software 8.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart Essential 2.0 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart.All-In-One Driver Software 8.0 .A --> C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Quick Launch Buttons 6.20 B1 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0005 uninst
HP QuickPlay 3.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Solution Center 8.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0057 --> MsiExec.exe /I{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}
HP Wireless Assistant --> MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
HPSSupply --> MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
ChessBase Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6330700-4083-48DD-A03C-E209674E7836}\setup.exe" -l0x9 -removeonly
ICQ6 --> "C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
M-Audio Series II MIDI --> C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe -runfromtemp -l0x0009 -removeonly
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8 --> MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Microsoft Office Access MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007 --> MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007 --> MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007 --> MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007 --> MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007 --> MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works --> MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
MSCU for Microsoft Vista --> MsiExec.exe /X{5BE3CB1F-54CA-4E7B-BCAE-CE7ED108E7B2}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MyPhoneExplorer --> C:\Program Files\MyPhoneExplorer\uninstall.exe
Nero 7 Lite 7.7.5.1 --> "C:\Program Files\Nero\unins000.exe"
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Playchess --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}\setup.exe" -l0x1b -removeonly
PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
QuickTime Alternative 1.76 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
RadLight 4.0 FINAL --> C:\Program Files\RadLight Company\RadLight 4.0\uninst.exe
Roxio Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive --> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartAudio --> C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio /F1"C:\Program Files\InstallShield Installation Information\{E621DCAF-82F7-4F6D-B563-B6A4004B2397}\setup.iss" /S
Sony Noise Reduction Plug-In 2.0e --> MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}
Sony Sound Forge 9.0 --> MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}
Sothink SWF Decompiler --> "C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander (Remove or Repair) --> c:\totalcmd\tcuninst.exe
VeriSoft Access Manager --> rundll32.exe "c:\Program Files\Bioscrypt\VeriSoft\Bin\SetupHelper.dll",ExecMain /Uninstall {0ABA40AF-288D-41F1-B735-C5155692CD7D}
Vista Battery Saver --> MsiExec.exe /I{8C7D7ED8-2854-4ABA-9A89-CFB7857B9084}
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
WirelessMon V2.1 --> "C:\Program Files\WirelessMon\unins000.exe"
WorldPokerTour --> C:\Windows\system32\UnPoker.exe WorldPokerTour


-- Application Event Log -------------------------------------------------------

Event Record #/Type7095 / Success
Event Submitted/Written: 03/08/2008 10:46:27 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type7094 / Success
Event Submitted/Written: 03/08/2008 10:46:25 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type7088 / Success
Event Submitted/Written: 03/08/2008 10:45:32 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Služba Licencování softwaru byla spuštěna.

Event Record #/Type7080 / Warning
Event Submitted/Written: 03/08/2008 10:43:56 AM
Event ID/Source: 1530 / profsvc
Event Description:
Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-94094056-71339764-3328806708-1001_Classes:
Process 1028 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-94094056-71339764-3328806708-1001_CLASSES

Event Record #/Type7079 / Warning
Event Submitted/Written: 03/08/2008 10:43:55 AM
Event ID/Source: 1530 / profsvc
Event Description:
Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-94094056-71339764-3328806708-1001:
Process 1028 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-94094056-71339764-3328806708-1001



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type41330 / Error
Event Submitted/Written: 03/08/2008 10:46:53 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058

Event Record #/Type41280 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 11 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41279 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 14 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41278 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 13 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Event Record #/Type41277 / Error
Event Submitted/Written: 03/08/2008 10:45:02 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici PCI 12 s funkcí 0.
Obraťte se na prodejce systému s žádostí o odbornou pomoc.



-- End of Deckard's System Scanner: finished at 2008-03-08 12:57:58 ------------

[Baron Prášil]

hele,já visty nemam a netušim jak kooperujou s dss ale mě na xpčkách to vyhazuje jenom main.txt a ten se dá najít na céčku ve složce Deckard.
měl by začínat právě logem z hijackthis.
chybí mi lepší popis momentálního chování počítače a sekundárně i log z SDFixu a následnej hijackthis po restartu.
takže,prosím

[van Bellen]

no ntb sa choval tak ze blbol explorer.po skenovani dss sa vycistil temp a explorer zacal fngovat.lenze pri restarte vypise chybu odkazujucu na jeden dll subor v tempe,ktory sa nezmazal.pot som zapol hijackthis a su tam stale vykricniky ohladom tych dll,ktore su problemove..kebyze sa mi to stalo na desktope,kde mam xp,tak tie chyby bud fixnem pomocou hijackthis alebo ccleaner..lenze je to moj prvy ntb tak sa aj trochu bojim a chcem sa vyhnut nejakej chybe.ktora by viedla k reinstalu..ten sdfix nepoznam a neviem co to robi.skor by som pouzil ccleaner ale neviem ci mozem.

[Baron Prášil]

takže na rovinu,panáčku.pokud chceš odvirovat komp,tak musíš do puntíku dělat co napíšu.už takto je to celkem umění odvirovat takhle zasranej komp jako máš ty,přes fórum.
nechci tě opravdu nijak urazit,ale je očividné že nemáš ani základní pojem o tom co máš v systému a jestli se bojíš fixovat(což by v tomto případě stejně nikam nevedlo) tak to rovnou někam odnes nebo si na to někoho zavolej.

takže napiš jestli chceš pokračovat či ne.

[van Bellen]

"panacku" ja viem co mam v systeme a som pisal,ze som to uz robil ale nie vo vistach a navyse na stranke sdfix je jasne napisane,ze urceny pre w2000/xp only a ty sipisal,ze nemas vistu.preto mam z toho obavy tak nehraj chytreho.

[Baron Prášil]

no zrovna sdfix je deně aktualizovanej a mě nebaví pořád zjišťovat na jakej systém co de a co ne.takže by to maximálně nešlo,ale nic by se nestalo.
jako rádce mam samozřejmě největší vykřičníky v ohledech na bezpečnost
akce(ale jistě nejsi tak hloupí,aby si nechápal,že každá tato akce je více či méně riskantní a kolabs se vyloučit zcela nedá)
takže budu opět osočen z machrování,ale z nějakejch 1500 odvirovanejch kompů si nepamatuji,že bych nějaký svou chybou zbořil

(ale můžeš si zagůglit,ale spíš si na to někoho najmi)
(och,zas to machrování):-D

[van Bellen]

ja ti tvoje skusenosti neberiem,ale nechcem sa pustat do niecoho o com nie som presvedceny na sto pro.ten dss mi ciastocne pomohol,ale ked dam skontrolovat hijackthis log na hijackthis.de tak vyskakuje uz len jeden z tych kritickych bodov.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:35, on 9. 3. 2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\totalcmd\TOTALCMD.EXE
C:\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\PERUN\AppData\Local\Temp\pmnkh.dll,c
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: (no name) - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} (JOJ_Explorer_Player Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

-----------------------------------------------------------------------
toto:

O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\PERUN\AppData\Local\Temp\pmnkh.dll,c

ten subor nejde zmazat a stale sa spusta.ani ked ho zrusim cez msconfig.

[Baron Prášil]

fajn,zkusíme to nejjemnější co mě napadá
použij smitfraudfix http://www.viry.cz/forum/viewtopic.php?t=16475
pošli z něho log a novej log z hijackthis

[van Bellen]

SmitFraudFix v2.300

Scan done at 11:56:38,29, ne 09. 03. 2008
Run from c:\Temp\SmitfraudFix
OS: Microsoft Windows [Verze 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost
::1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{99A2508D-691E-462B-9028-28C1B1B335FB}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{99A2508D-691E-462B-9028-28C1B1B335FB}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{99A2508D-691E-462B-9028-28C1B1B335FB}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Reboot

C:\Windows\system32\systems.txt Please, Reboot and Run SmitfraudFix option 2 once again.


»»»»»»»»»»»»»»»»»»»»»»»» End
----------------------------------------------------------------------------------------------------------

-----------------------------------------------------------------------------------------------------------Loggfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:28, on 9. 3. 2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Opera\Opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: (no name) - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} (JOJ_Explorer_Player Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
no vyzera to tak,ze to pomohlo,subor zmazany.dokonca uz ani neswapuje disk..vdaka

[Baron Prášil]

nu-štěstí že tam byl jenom ten smitfraud(nejspíš)

takže jestli nejsou problémy,tak vyčisti systém CCleanerem a RegCleanerem
a použij iT-Cleaner smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

není zač.kdyby něco opět se ozvi