Prosím o pomoc, vir přes chat na FB

[wolf1989]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2011-07-26 15:38:16
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 125 GB (42%) free of 295 GB
Total RAM: 3000 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:38, on 2011-07-26
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jan\Desktop\anti\RSIT.exe
C:\Program Files\trend micro\Jan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RCApp] C:\Program Files\gigabyte\RCApp\U7000RCApp.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca272f44730fd0) (gupdate1ca272f44730fd0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 12000 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DVBDream Once 20100218_170351.job
C:\Windows\tasks\DVBDream Once 20100218_170355.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{3FDDB30D-3A34-4FDF-9B15-61A8842AE865}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-07-08 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-12 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-04-12 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-12 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-23 30192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-03-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-03-25 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-03-25 150552]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2008-11-05 474168]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-05 1434920]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-03-05 805384]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-12-09 74752]
"RCApp"=C:\Program Files\gigabyte\RCApp\U7000RCApp.exe [2007-04-24 625152]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-10 68856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2011-01-05 133432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Samsung Auto Backup Guage.lnk - C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe
Samsung Auto Backup Real-Time Daemon.lnk - C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
Samsung Auto Backup Scheduler.lnk - C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-03-25 210432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Public\winsvrcn.exe"="C:\Users\Public\winsvrcn.exe:*:Enabled:WindowsSysControl"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=yv12vfw.dll
"vidc.iv41"=ir41_32.ax
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-26 09:21:35 ----SHD---- C:\Config.Msi
2011-07-26 09:04:43 ----ASH---- C:\hiberfil.sys
2011-07-25 19:18:25 ----D---- C:\Program Files\CCleaner
2011-07-23 14:15:10 ----D---- C:\ProgramData\Kaspersky Lab
2011-07-23 13:34:05 ----SD---- C:\Potvurka15588P
2011-07-23 00:17:21 ----A---- C:\Windows\NIRCMD.exe
2011-07-21 21:54:25 ----D---- C:\_OTL
2011-07-21 19:39:30 ----SD---- C:\potvurka
2011-07-21 19:03:47 ----A---- C:\Windows\PEV.exe
2011-07-21 19:03:47 ----A---- C:\Windows\MBR.exe
2011-07-21 18:59:33 ----A---- C:\Windows\system32\MPFServiceFailureCount.txt
2011-07-21 18:46:51 ----A---- C:\Windows\system32\CF21753.exe
2011-07-21 18:45:14 ----A---- C:\Windows\system32\CF21440.exe
2011-07-21 18:31:27 ----A---- C:\Windows\zip.exe
2011-07-21 18:31:27 ----A---- C:\Windows\SWSC.exe
2011-07-21 18:31:27 ----A---- C:\Windows\SWREG.exe
2011-07-21 18:31:27 ----A---- C:\Windows\sed.exe
2011-07-21 18:31:27 ----A---- C:\Windows\grep.exe
2011-07-21 18:31:01 ----D---- C:\Windows\ERDNT
2011-07-21 18:31:01 ----A---- C:\Windows\system32\swsc.exe
2011-07-21 18:31:01 ----A---- C:\Windows\system32\CF18615.exe
2011-07-21 18:30:49 ----D---- C:\Qoobox
2011-07-21 16:23:47 ----D---- C:\Program Files\trend micro
2011-07-21 16:23:46 ----D---- C:\rsit
2011-06-29 20:32:26 ----SHD---- C:\found.000

======List of files/folders modified in the last 1 month======

2011-07-26 15:38:19 ----D---- C:\Windows\Temp
2011-07-26 15:03:55 ----D---- C:\Windows\System32
2011-07-26 15:03:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 15:03:54 ----D---- C:\Windows\inf
2011-07-26 14:59:56 ----D---- C:\Windows\Tasks
2011-07-26 12:28:59 ----D---- C:\Windows\system32\drivers
2011-07-26 11:07:08 ----SHD---- C:\System Volume Information
2011-07-26 09:39:30 ----D---- C:\Users\Jan\AppData\Roaming\Winamp
2011-07-26 09:38:07 ----RD---- C:\Program Files
2011-07-26 09:22:30 ----SHD---- C:\Windows\Installer
2011-07-26 09:12:52 ----D---- C:\ProgramData\McAfee
2011-07-26 09:07:19 ----D---- C:\Windows
2011-07-25 21:37:55 ----D---- C:\Windows\Prefetch
2011-07-25 19:34:33 ----D---- C:\Users\Jan\AppData\Roaming\Media Player Classic
2011-07-25 19:34:27 ----D---- C:\Windows\Minidump
2011-07-25 19:34:27 ----D---- C:\Windows\Debug
2011-07-25 11:13:27 ----D---- C:\Program Files\BS_Player
2011-07-25 11:02:39 ----D---- C:\ProgramData\Norton
2011-07-23 14:15:10 ----AHD---- C:\ProgramData
2011-07-22 20:23:33 ----D---- C:\Program Files\DAEMON Tools Lite
2011-07-22 15:33:30 ----SD---- C:\Windows\Downloaded Program Files
2011-07-22 02:45:22 ----D---- C:\Windows\system32\drivers\etc
2011-07-21 18:45:15 ----D---- C:\Windows\system32\catroot2
2011-07-21 16:33:37 ----D---- C:\Windows\system32\config
2011-07-21 16:33:27 ----D---- C:\Windows\system32\Tasks
2011-07-21 16:33:27 ----D---- C:\Windows\system32\spool
2011-07-21 16:33:27 ----D---- C:\Windows\system32\Msdtc
2011-07-21 16:33:26 ----D---- C:\Windows\system32\CodeIntegrity
2011-07-21 16:33:26 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2011-07-21 16:33:26 ----D---- C:\Users\Jan\AppData\Roaming\GHISLER
2011-07-21 16:33:26 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools
2011-07-21 16:33:19 ----D---- C:\dvbdream
2011-07-21 16:33:18 ----D---- C:\Windows\system32\wbem
2011-07-21 16:33:18 ----D---- C:\Windows\registration
2011-07-21 16:33:18 ----D---- C:\Program Files\Common Files
2011-07-21 16:33:00 ----D---- C:\ProgramData\Avira
2011-07-21 16:33:00 ----D---- C:\ProgramData\Alwil Software
2011-07-21 16:32:56 ----D---- C:\Program Files\McAfee
2011-07-21 16:32:35 ----D---- C:\Program Files\McAfee.com
2011-07-21 16:32:33 ----D---- C:\Program Files\Common Files\McAfee
2011-07-21 11:51:26 ----D---- C:\ProgramData\McAfee(41)
2011-07-21 10:28:33 ----D---- C:\ProgramData\Avira(40)
2011-07-21 10:27:06 ----D---- C:\Windows\winsxs
2011-07-21 10:00:38 ----D---- C:\ProgramData\McAfee(40)
2011-07-20 23:51:56 ----D---- C:\ProgramData\Alwil Software(40)
2011-07-20 23:14:01 ----D---- C:\ProgramData\Avira(39)
2011-07-20 23:14:01 ----D---- C:\ProgramData\Alwil Software(38)
2011-07-20 22:57:50 ----D---- C:\ProgramData\McAfee(42)
2011-07-20 21:54:16 ----D---- C:\Windows\Logs
2011-07-20 21:23:58 ----SHD---- C:\$Recycle.Bin
2011-07-20 19:26:38 ----D---- C:\Program Files\Diablo II
2011-07-18 16:43:52 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-07-14 18:32:11 ----D---- C:\Program Files\uTorrent
2011-07-13 15:52:19 ----A---- C:\Windows\system32\CmdLineExt03.dll
2011-07-11 11:27:59 ----D---- C:\Program Files\Opera
2011-06-28 00:24:58 ----A---- C:\tv3d_debug.txt
2011-06-28 00:02:40 ----D---- C:\Program Files\STARWARS_TheBattleOfYavin_v11

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-14 691696]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-29 952832]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-03-17 452096]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-03-25 4569088]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-30 25088]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-04-07 50176]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-05 205360]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S3 a7vinj78;a7vinj78; C:\Windows\system32\drivers\a7vinj78.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-02-06 23040]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-02-06 507392]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-02-06 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-04-20 84256]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-04-20 106784]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-20 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-04-20 17056]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-04-22 25280]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
S3 mod7700;DiBcom based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-01-26 401536]
S3 MODRC;DiBcom Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2006-11-14 13056]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-03-23 4232704]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-06 62464]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-04-13 578848]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-12-29 266327]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-12-29 110677]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 88176]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-10 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R2 MSR Service;Virtual Disk Service Manager; C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe [2010-03-13 114688]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2006-12-29 262247]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe []
S2 gupdate1ca272f44730fd0;Služba Google Update (gupdate1ca272f44730fd0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-27 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27 194032]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-23 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-27 133104]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S4 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

[motji]

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:files
C:\ProgramData\Kaspersky Lab
C:\Potvurka15588P
C:\Windows\NIRCMD.exe
C:\potvurka
C:\Windows\PEV.exe
 C:\Windows\MBR.exe
C:\Windows\system32\CF21753.exe
C:\Windows\system32\CF21440.exe
 C:\Windows\zip.exe
 C:\Windows\SWSC.exe
 C:\Windows\SWREG.exe
 C:\Windows\sed.exe
 C:\Windows\grep.exe
C:\Windows\system32\swsc.exe
C:\Windows\system32\CF18615.exe
C:\Qoobox
C:\Users\Public
C:\Windows\system32\DRIVERS\avipbb.sys 
C:\Windows\system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
C:\ProgramData\Norton
C:\ProgramData\Avira
 C:\ProgramData\Alwil Software
C:\ProgramData\Alwil Software(40)
C:\ProgramData\Avira(39)
C:\ProgramData\Alwil Software(38)

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Public\winsvrcn.exe"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

:services
AntiVirService
AntiVirSchedulerService
Avgio
a7vinj78
avgntflt
ssmdrv
avipbb
:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

[wolf1989]

Je snad v něčem ještě nějaký problém?

[wolf1989]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\ProgramData\Kaspersky Lab folder moved successfully.
C:\Potvurka15588P\N_ folder moved successfully.
C:\Potvurka15588P\en-US folder moved successfully.
C:\Potvurka15588P\cs-CZ folder moved successfully.
C:\Potvurka15588P folder moved successfully.
C:\Windows\NIRCMD.exe moved successfully.
C:\potvurka\N_ folder moved successfully.
C:\potvurka\en-US folder moved successfully.
C:\potvurka\cs-CZ folder moved successfully.
C:\potvurka folder moved successfully.
C:\Windows\PEV.exe moved successfully.
C:\Windows\MBR.exe moved successfully.
C:\Windows\system32\CF21753.exe moved successfully.
C:\Windows\system32\CF21440.exe moved successfully.
C:\Windows\zip.exe moved successfully.
C:\Windows\SWSC.exe moved successfully.
C:\Windows\SWREG.exe moved successfully.
C:\Windows\sed.exe moved successfully.
C:\Windows\grep.exe moved successfully.
C:\Windows\system32\swsc.exe moved successfully.
C:\Windows\system32\CF18615.exe moved successfully.
C:\Qoobox\TestC folder moved successfully.
C:\Qoobox\Test folder moved successfully.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
C:\Qoobox\LastRun folder moved successfully.
C:\Qoobox\BackEnv folder moved successfully.
C:\Qoobox folder moved successfully.
C:\Users\Public\Videos\Sample Videos folder moved successfully.
C:\Users\Public\Videos\Recorded TV folder moved successfully.
C:\Users\Public\Videos folder moved successfully.
C:\Users\Public\Recorded TV\TempRec\TempSBE folder moved successfully.
C:\Users\Public\Recorded TV\TempRec folder moved successfully.
C:\Users\Public\Recorded TV\Sample Media folder moved successfully.
C:\Users\Public\Recorded TV folder moved successfully.
C:\Users\Public\Pictures\Sample Pictures folder moved successfully.
C:\Users\Public\Pictures folder moved successfully.
C:\Users\Public\Music\Sample Music folder moved successfully.
C:\Users\Public\Music\Recorded Radio folder moved successfully.
C:\Users\Public\Music folder moved successfully.
C:\Users\Public\Favorites folder moved successfully.
C:\Users\Public\Downloads folder moved successfully.
C:\Users\Public\Documents\Obrázky folder moved successfully.
C:\Users\Public\Documents\My Videos folder moved successfully.
C:\Users\Public\Documents\My Pictures folder moved successfully.
C:\Users\Public\Documents\My Music folder moved successfully.
C:\Users\Public\Documents\microsoft\IdentityCRL\production folder moved successfully.
C:\Users\Public\Documents\microsoft\IdentityCRL folder moved successfully.
C:\Users\Public\Documents\microsoft folder moved successfully.
C:\Users\Public\Documents\MCE Logs folder moved successfully.
C:\Users\Public\Documents\Hudba folder moved successfully.
C:\Users\Public\Documents\Filmy folder moved successfully.
C:\Users\Public\Documents\DAEMON Tools Images folder moved successfully.
C:\Users\Public\Documents\Acer folder moved successfully.
C:\Users\Public\Documents folder moved successfully.
C:\Users\Public\Desktop folder moved successfully.
Folder move failed. C:\Users\Public scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DRIVERS\avipbb.sys scheduled to be moved on reboot.
C:\Windows\system32\DRIVERS\ssmdrv.sys moved successfully.
File move failed. C:\Windows\system32\DRIVERS\avgntflt.sys scheduled to be moved on reboot.
C:\ProgramData\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963} folder moved successfully.
C:\ProgramData\Norton folder moved successfully.
C:\ProgramData\Avira\AntiVir Desktop\LOGFILES folder moved successfully.
C:\ProgramData\Avira\AntiVir Desktop\CONFIG folder moved successfully.
C:\ProgramData\Avira\AntiVir Desktop folder moved successfully.
C:\ProgramData\Avira folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\sounds folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\report folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\moved folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\log folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\journal folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\integ folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\HtmlData folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\fw folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\chest folder moved successfully.
C:\ProgramData\Alwil Software\Avast5\backup folder moved successfully.
C:\ProgramData\Alwil Software\Avast5 folder moved successfully.
C:\ProgramData\Alwil Software folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\report folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\moved folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\log folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\journal folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\integ folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\fw folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\chest folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5\backup folder moved successfully.
C:\ProgramData\Alwil Software(40)\Avast5 folder moved successfully.
C:\ProgramData\Alwil Software(40) folder moved successfully.
C:\ProgramData\Avira(39)\AntiVir Desktop\LOGFILES folder moved successfully.
C:\ProgramData\Avira(39)\AntiVir Desktop\EVENTDB folder moved successfully.
C:\ProgramData\Avira(39)\AntiVir Desktop folder moved successfully.
C:\ProgramData\Avira(39) folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\report folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\moved folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\log folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\journal folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\integ folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\fw folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\chest folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5\backup folder moved successfully.
C:\ProgramData\Alwil Software(38)\Avast5 folder moved successfully.
C:\ProgramData\Alwil Software(38) folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Users\Public\winsvrcn.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
========== SERVICES/DRIVERS ==========
Service AntiVirService stopped successfully!
Service AntiVirService deleted successfully!
Service AntiVirSchedulerService stopped successfully!
Service AntiVirSchedulerService deleted successfully!
Service Avgio stopped successfully!
Service Avgio deleted successfully!
Error: No service named a7vinj78 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a7vinj78 deleted successfully.
Error: Unable to stop service avgntflt!
Unable to delete service\driver key avgntflt.
Service ssmdrv stopped successfully!
Service ssmdrv deleted successfully!
Service avipbb stopped successfully!
Service avipbb deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jan
->Temp folder emptied: 115426 bytes
->Temporary Internet Files folder emptied: 5785273 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 21893983 bytes
->Flash cache emptied: 2559 bytes

User: other
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: TEMP

User: TEMP.Jan-PC

User: TEMP.Jan-PC.000

User: TEMP.Jan-PC.001

User: TEMP.Jan-PC.002

User: TEMP.Jan-PC.003

User: TEMP.Jan-PC.004

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6486 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 27.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Jan
->Flash cache emptied: 0 bytes

User: other
->Flash cache emptied: 0 bytes

User: Public

User: TEMP

User: TEMP.Jan-PC

User: TEMP.Jan-PC.000

User: TEMP.Jan-PC.001

User: TEMP.Jan-PC.002

User: TEMP.Jan-PC.003

User: TEMP.Jan-PC.004

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07262011_193726

Files\Folders moved on Reboot...
Folder move failed. C:\Users\Public scheduled to be moved on reboot.
C:\Windows\system32\DRIVERS\avipbb.sys moved successfully.
C:\Windows\system32\DRIVERS\avgntflt.sys moved successfully.
File\Folder C:\Windows\temp\mcmsc_kzWZKFrXIalVhes not found!
File\Folder C:\Windows\temp\sqlite_b9tmMuk2agFbZB4 not found!
File\Folder C:\Windows\temp\sqlite_fAZR1q2rqUoehgI not found!
File\Folder C:\Windows\temp\sqlite_fZViUEwqvCg2gFI not found!

Registry entries deleted on Reboot...

[motji]

Vám už se o OTL musí asi i zdát,že .
Problém není.

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

Jestli už nejsou problémy, je to vše

[wolf1989]

Spustil jsem OTL, dal jsem vyčistit a následně se restartoval počítač, ale z plochy mi to smazalo ikony k některým programům, je to normální nebo nějaká chybička?

[wolf1989]

Jinak problémy krom těch zmizelých ikon z plochy nejsou, vir už je konečně mrtev. A já vám velice děkuji za vaši obětavou pomoc. Moc jste mi pomohla a zachránila počítač. Děkuji.

[motji]

Které ikony Vám zmizely? Pokud to bylo po odvirovávacích utilitách, tak je to v pořádku.

[wolf1989]

Ty se taky smazaly, ale sebou vzaly k programům, které obvykle používám. ( s určitostí vím, že to byl Nero, Microsoft Office -ti denní verze, ). Ale po chvíli hledání jsem zjistil, že programy v pc jsou, jen ty ikony z plochy zmizely, ale to není zas tak velký problém, mám tu teď více místa, stačí spustit průzkumníka a hned požadovaný program naleznu, z té plochy jsem je stejnak nespouštěl.

[wolf1989]

Myslíte, že by nějak pomohlo obnovení systému?
Bylo by to obnoveno na dnešní datum na 09:24, tehdy už byl jistě vir pryč a vše fungovalo bez problému.

[wolf1989]

Bez problému, vytvořím si nové zástupce na ploše.
Přeji příjemný zbytek noci a užijte si léto.

[motji]

Zástupce dáte nové.
Není zač, Vám také hezké léto .

[Jarin]

Dobry den,

chtel jsem se zeptat, mam stejny problem jako Pan wolf1989. Vcera pri komunikaci na FCB pritelkyni prisla zprava s odkazem na to falesne YouTube a pokracovalo to stejne jako u Pana wolf1989.. (ntb se po nainstalovani "FlasPlayeru" sam od sebe restartoval ale nabehl)
Ntb se ted nachazi ve stavu kdy je v normalni rezimu dalo by se rict ze zatim vsechno funguje az na NOD32 u kteryho to hlasi tu stejnou hlasku a kdyz se chce pripojit na stranku www.facebook.com tak to zahlasi chybu a nejde se prihlasit. Chtel jsem se zeptat jestli mohu pouzit stejny postup co tu radila motji ,nebo mam zalozit nove tema ??

Dekuju za odpoved.

[Danstahr]

Dobré dopoledne,

založte nové téma.