Preventivka

[ironman9876]

Dobry den, prosim o preventivni kontrolu logu. Dekuji.


Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2011-07-26 18:52:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 17 GB (16%) free of 106 GB
Total RAM: 3710 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:56, on 26.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\User\Downloads\RSIT.exe
C:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid\Vid.exe" -bootmode
O4 - HKCU\..\Run: [Logitech Vid HD] "C:\Program Files\Logitech\Vid\vid.exe" -bootmode
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: FreshDownload - {F7825BBE-44ED-41AF-921E-BF5DBED3D192} - D:\FreshDownload\fd.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26ACAE6F-BC95-44B4-9150-61E4D20D5C2E} (Activex Control) - http://mhd.frag.cz/loadgame_et.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 6069 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2010-10-07 1164568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-18 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-18 92704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-10-07 488728]
"Logitech Vid"=C:\Program Files\Logitech\Vid\Vid.exe [2010-05-11 6061400]
"Logitech Vid HD"=C:\Program Files\Logitech\Vid\vid.exe [2010-05-11 6061400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\65506123]
C:\PROGRA~2\65506123\65506123.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2008-04-14 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Exetender_298]
C:\Program Files\Frag Games\GPlayer.exe /schedule 300000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-11 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]
C:\PROGRA~1\Nikon\PICTUR~1\NKBMON~1.EXE [2006-11-29 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
C:\Users\User\AppData\Roaming\IMVUCL~1\IMVUQU~1.EXE --startup []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Loki\Loki.exe"="D:\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IV41"=IR41_32.AX
"vidc.asv2"=asusasv2.dll
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=ac3acm.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.lameacm"=lameACM.acm
"vidc.wmv3"=wmv9vcm.dll
"msacm.lhacm"=lhacm.acm
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-26 18:43:28 ----D---- C:\rsit
2011-07-26 18:25:47 ----D---- C:\Program Files\NortonInstaller
2011-07-26 17:55:10 ----D---- C:\Users\User\AppData\Roaming\IconChanger
2011-07-25 16:38:17 ----A---- C:\Windows\iScreensaver.ini
2011-07-25 16:38:17 ----A---- C:\Windows\BOPAR_UB_screensaver_beta3 Saver.SCR
2011-07-25 16:38:15 ----D---- C:\Windows\system32\iScreensaver
2011-07-25 16:38:08 ----D---- C:\Users\User\AppData\Roaming\iScreensaver
2011-07-23 15:13:27 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-07-21 15:04:03 ----D---- C:\Users\User\AppData\Roaming\TS3Client
2011-07-21 15:03:58 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-07-16 15:10:43 ----D---- C:\Program Files\Vertrix 3
2011-07-14 18:20:15 ----A---- C:\Windows\system32\win32k.sys
2011-07-14 18:19:54 ----A---- C:\Windows\system32\kernel32.dll
2011-07-14 18:19:52 ----A---- C:\Windows\system32\winsrv.dll
2011-07-14 18:19:52 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-12 17:38:11 ----D---- C:\Program Files\Hry.cz
2011-07-10 09:19:25 ----D---- C:\Windows\Minidump
2011-07-09 23:45:38 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-07-08 18:49:25 ----D---- C:\ProgramData\LogiShrd
2011-07-08 18:45:49 ----D---- C:\Windows\system32\logishrd
2011-07-08 18:45:31 ----D---- C:\ProgramData\Logitech
2011-07-08 18:45:25 ----D---- C:\Program Files\Common Files\LWS
2011-07-08 18:45:07 ----D---- C:\Program Files\Logitech
2011-07-08 18:45:07 ----D---- C:\Program Files\Common Files\LogiShrd
2011-06-29 14:08:29 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 month======

2011-07-26 18:52:56 ----D---- C:\Windows\Temp
2011-07-26 18:52:54 ----D---- C:\Program Files\trend micro
2011-07-26 18:47:03 ----D---- C:\Users\User\AppData\Roaming\.purple
2011-07-26 18:37:18 ----D---- C:\Windows\Prefetch
2011-07-26 18:36:32 ----SHD---- C:\Windows\Installer
2011-07-26 18:34:38 ----D---- C:\Windows
2011-07-26 18:34:23 ----D---- C:\Windows\system32\catroot
2011-07-26 18:27:02 ----D---- C:\Windows\System32
2011-07-26 18:27:02 ----D---- C:\Windows\inf
2011-07-26 18:27:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 18:26:38 ----D---- C:\Windows\system32\drivers
2011-07-26 18:26:38 ----D---- C:\ProgramData\Norton
2011-07-26 18:26:38 ----D---- C:\Program Files
2011-07-26 18:26:36 ----D---- C:\Windows\Tasks
2011-07-26 18:25:57 ----D---- C:\Windows\system32\Tasks
2011-07-26 18:25:57 ----D---- C:\ProgramData\Symantec
2011-07-26 08:51:33 ----SHD---- C:\System Volume Information
2011-07-25 22:03:09 ----D---- C:\Users\User\AppData\Roaming\gtk-2.0
2011-07-24 19:03:55 ----D---- C:\Windows\system32\Macromed
2011-07-23 15:14:11 ----D---- C:\Program Files\DAEMON Tools Lite
2011-07-23 15:13:25 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-07-22 20:30:34 ----D---- C:\Program Files\Google
2011-07-22 20:02:57 ----D---- C:\Program Files\Pidgin
2011-07-21 16:43:04 ----RSD---- C:\Windows\assembly
2011-07-21 12:30:46 ----D---- C:\Windows\Debug
2011-07-21 12:04:27 ----D---- C:\Users\User\AppData\Roaming\ICQ
2011-07-18 21:10:44 ----D---- C:\Windows\system32\catroot2
2011-07-15 15:29:48 ----D---- C:\Windows\winsxs
2011-07-15 15:15:10 ----A---- C:\Windows\system32\mrt.exe
2011-07-12 17:38:16 ----HD---- C:\ProgramData
2011-07-08 18:47:41 ----D---- C:\Windows\twain_32
2011-07-08 18:45:25 ----D---- C:\Program Files\Common Files
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-03 19:21:56 ----D---- C:\Program Files\Microsoft Office
2011-06-30 14:41:27 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-04-16 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-23 218688]
R1 EIO;EIO Driver; C:\Windows\system32\DRIVERS\EIO.sys [2009-04-02 12800]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-22 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-22 25888]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2008-04-14 15232]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2008-04-14 30848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVUVC;Logitech Webcam C100(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-18 7379872]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 af5kdyvd;af5kdyvd; C:\Windows\system32\drivers\af5kdyvd.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 DynCal;Dynamic Calibration Service; C:\Windows\system32\drivers\Dyncal.sys [2007-11-07 12928]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-02-13 15600]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-08 16224]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-18 196608]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2008-04-14 67072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-25 651720]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S4 gupdate1ca92e9297eebe;Služba Google Update (gupdate1ca92e9297eebe); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
S4 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]

-----------------EOF-----------------

[PontifexFairy]

Asi se budete divit že píšu já ale něco už umím. Log vypadá čistý jen prosím hoď na virustotal(virustotal.com) soubory:(pokud je iScreensaver složka tak promiň )

Kód: Vybrat vše

C:\Windows\BOPAR_UB_screensaver_beta3 Saver.SCR
C:\Windows\system32\iScreensaver

Klikneš na procházet a rovnou tam můžeš napsat umístění souboru(po jednom).
URL mi sem pak hoď.

P.S. Vzorní návštěvníci, nováčci, moderátoři atd... toto je pouze můj odhad takže pokud tam něco je tak se omlouvám .

[ironman9876]

děkuju, zkusím to
jo je to slozka a ten soubor, je screensaver, kterej sem si vcera stahnul, jako darek od xzone k zakoupenej hre, jen nechapu co to dela ve windowsech

[ironman9876]

http://www.virustotal.com/file-scan/rep ... 1311708248

[PontifexFairy]

Ve windowsech to být musí, je to ten spořič jinak by nejel .


+ Malá rada na konec - máš málo místa na disku tak ti doporučuju odinstalovat IMVU, mě zabral 40GB.(Je to jen rada, dělat to nemusíš .)
Kdyby něco napiš, toto fórum ti pomůže vždy.

[ironman9876]

jo dekuju na disku D mam jeste 190 GB takze je to zatim v pohode

[motji]

Dobrý večer
Ale já tam vidím breberku, nebo její mrtvolku

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[ironman9876]

Posílám log z combofixu

ComboFix 11-07-26.03 - User 27.07.2011 9:27.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3710.2709 [GMT 2:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\users\User\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf
c:\users\User\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif
c:\windows\desktop
c:\windows\desktop\2188%3Apolicajti-z-predmesti-1x01-tvrip-xvid-repriza-avi_201MB.FDPART
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\system32\settings.ini
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 07:25 . 2011-07-27 07:25 -------- d-----w- C:\32788R22FWJFW
2011-07-26 16:43 . 2011-07-26 16:44 -------- d-----w- C:\rsit
2011-07-26 16:37 . 2011-07-26 16:37 -------- d-----w- c:\users\User\AppData\Local\LogiShrd
2011-07-26 16:35 . 2011-07-26 16:35 53248 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-07-26 15:55 . 2011-07-26 15:55 -------- d-----w- c:\users\User\AppData\Roaming\IconChanger
2011-07-26 06:42 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{83086203-8D9F-49D8-880A-4FA300B8027F}\mpengine.dll
2011-07-25 14:38 . 2011-07-25 14:38 5063009 ----a-w- c:\windows\BOPAR_UB_screensaver_beta3 Saver.SCR
2011-07-25 14:38 . 2011-07-25 14:38 -------- d-----w- c:\windows\system32\iScreensaver
2011-07-25 14:38 . 2011-07-25 14:38 -------- d-----w- c:\users\User\AppData\Roaming\iScreensaver
2011-07-23 13:13 . 2011-07-23 13:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-22 05:33 . 2011-07-22 05:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-21 14:43 . 2011-07-21 14:59 -------- d-----w- c:\users\User\AppData\Local\ArmA 2 Free
2011-07-21 13:04 . 2011-07-21 17:51 -------- d-----w- c:\users\User\AppData\Roaming\TS3Client
2011-07-21 13:03 . 2011-07-21 13:04 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-07-16 13:10 . 2011-07-25 17:13 -------- d-----w- c:\program files\Vertrix 3
2011-07-14 16:20 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-14 16:19 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-14 16:19 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-12 15:38 . 2011-07-21 09:45 -------- d-----w- c:\program files\Hry.cz
2011-07-09 21:45 . 2011-07-09 21:45 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-07-08 16:49 . 2011-07-08 16:49 -------- d-----w- c:\programdata\LogiShrd
2011-07-08 16:45 . 2011-07-27 07:32 -------- d-----w- c:\windows\system32\logishrd
2011-07-08 16:45 . 2011-07-08 16:45 -------- d-----w- c:\programdata\Logitech
2011-07-08 16:45 . 2011-07-08 16:45 -------- d-----w- c:\program files\Common Files\LWS
2011-07-08 16:45 . 2011-07-26 16:35 -------- d-----w- c:\program files\Logitech
2011-07-08 16:45 . 2011-07-26 16:35 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-06-29 12:08 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 11:43 . 2011-05-01 08:23 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-05-01 08:23 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-01 08:23 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-05-01 08:23 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-05-01 08:23 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-05-01 08:23 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-05-01 08:23 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-05-01 08:23 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-24 17:14 . 2009-12-30 15:28 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-09 14:06 . 1999-09-14 17:43 163644 ----a-w- c:\windows\system32\drivers\SECDRV.SYS
2011-05-02 17:16 . 2011-06-16 13:27 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:25 . 2011-06-16 13:27 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-16 13:27 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-16 13:27 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-16 13:27 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-16 13:27 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2008-04-14 10:45 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-11 18:26 135664 ----atw- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-05-11 14:43 6061400 ----a-w- c:\program files\Logitech\Vid\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid HD]
2010-05-11 14:43 6061400 ----a-w- c:\program files\Logitech\Vid\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2010-05-07 16:35 165208 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\Dyncal.sys [2007-11-07 12928]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R4 gupdate1ca92e9297eebe;Služba Google Update (gupdate1ca92e9297eebe);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-04-16 717296]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-23 218688]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-11 18:07]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-11 18:07]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-02 18:26]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-02 18:26]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
IE: {{F7825BBE-44ED-41AF-921E-BF5DBED3D192} - d:\freshdownload\fd.exe
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
DPF: {26ACAE6F-BC95-44B4-9150-61E4D20D5C2E} - hxxp://mhd.frag.cz/loadgame_et.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{942CD1D4-9CC1-4D31-876A-EA8F489F7A59} - (no file)
HKU-Default-Run-Exetender_298 - c:\program files\Frag Games\GPlayer.exe
MSConfigStartUp-65506123 - c:\progra~2\65506123\65506123.exe
MSConfigStartUp-Exetender_298 - c:\program files\Frag Games\GPlayer.exe
MSConfigStartUp-ICQ - c:\program files\ICQ7.5\ICQ.exe
AddRemove-Tzar - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-27 09:33
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\## aswSnx private storage
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4792)
c:\windows\system32\ieframe.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-07-27 09:37:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 07:37
.
Před spuštěním: Volných bajtů: 17 248 526 336
Po spuštění: Volných bajtů: 16 925 958 144
.
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - CE5E115CEB5A4AFF0C84E514BC4C1BFC

[motji]

Jak to vypadá s počítačem?

[ironman9876]

Funguje zdá se normálně, můžu se jenom zeptat co a kde se Vám nezdálo?

[motji]

Jeden klíč byl takový podivný

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[ironman9876]

Posilam RSIT log, PC se zda v poradku, dekuju za pomoc


Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2011-07-27 10:19:14
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 17 GB (16%) free of 106 GB
Total RAM: 3710 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:19:23, on 27.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Users\User\Downloads\RSIT.exe
C:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: FreshDownload - {F7825BBE-44ED-41AF-921E-BF5DBED3D192} - D:\FreshDownload\fd.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26ACAE6F-BC95-44B4-9150-61E4D20D5C2E} (Activex Control) - http://mhd.frag.cz/loadgame_et.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 4866 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249281557-4271535110-1229840780-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2010-10-07 1164568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-18 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-18 92704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-10-07 488728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2008-04-14 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-11 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Vid\Vid.exe [2010-05-11 6061400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid HD]
C:\Program Files\Logitech\Vid\vid.exe [2010-05-11 6061400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]
C:\PROGRA~1\Nikon\PICTUR~1\NKBMON~1.EXE [2006-11-29 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
C:\Users\User\AppData\Roaming\IMVUCL~1\IMVUQU~1.EXE --startup []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Loki\Loki.exe"="D:\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IV41"=IR41_32.AX
"vidc.asv2"=asusasv2.dll
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=ac3acm.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.lameacm"=lameACM.acm
"vidc.wmv3"=wmv9vcm.dll
"msacm.lhacm"=lhacm.acm
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-27 10:19:14 ----D---- C:\rsit
2011-07-27 09:37:52 ----D---- C:\Windows\temp
2011-07-27 09:37:00 ----SHD---- C:\$RECYCLE.BIN
2011-07-27 09:25:42 ----AD---- C:\Qoobox
2011-07-26 17:55:10 ----D---- C:\Users\User\AppData\Roaming\IconChanger
2011-07-25 16:38:17 ----A---- C:\Windows\iScreensaver.ini
2011-07-25 16:38:17 ----A---- C:\Windows\BOPAR_UB_screensaver_beta3 Saver.SCR
2011-07-25 16:38:15 ----D---- C:\Windows\system32\iScreensaver
2011-07-25 16:38:08 ----D---- C:\Users\User\AppData\Roaming\iScreensaver
2011-07-23 15:13:27 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-07-21 15:04:03 ----D---- C:\Users\User\AppData\Roaming\TS3Client
2011-07-21 15:03:58 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-07-16 15:10:43 ----D---- C:\Program Files\Vertrix 3
2011-07-14 18:20:15 ----A---- C:\Windows\system32\win32k.sys
2011-07-14 18:19:54 ----A---- C:\Windows\system32\kernel32.dll
2011-07-14 18:19:52 ----A---- C:\Windows\system32\winsrv.dll
2011-07-14 18:19:52 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-12 17:38:11 ----D---- C:\Program Files\Hry.cz
2011-07-10 09:19:25 ----D---- C:\Windows\Minidump
2011-07-09 23:45:38 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-07-08 18:49:25 ----D---- C:\ProgramData\LogiShrd
2011-07-08 18:45:49 ----D---- C:\Windows\system32\logishrd
2011-07-08 18:45:31 ----D---- C:\ProgramData\Logitech
2011-07-08 18:45:25 ----D---- C:\Program Files\Common Files\LWS
2011-07-08 18:45:07 ----D---- C:\Program Files\Logitech
2011-07-08 18:45:07 ----D---- C:\Program Files\Common Files\LogiShrd
2011-06-29 14:08:29 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 month======

2011-07-27 10:19:23 ----D---- C:\Windows\Prefetch
2011-07-27 10:19:23 ----D---- C:\Program Files\trend micro
2011-07-27 10:16:13 ----D---- C:\Windows
2011-07-27 10:15:04 ----D---- C:\Users\User\AppData\Roaming\.purple
2011-07-27 09:39:21 ----D---- C:\Windows\System32
2011-07-27 09:39:21 ----D---- C:\Windows\inf
2011-07-27 09:39:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-27 09:37:53 ----D---- C:\Windows\system32\drivers
2011-07-27 09:33:19 ----A---- C:\Windows\system.ini
2011-07-27 09:33:07 ----D---- C:\Windows\system32\drivers\etc
2011-07-27 09:29:33 ----D---- C:\Windows\AppPatch
2011-07-27 09:29:32 ----D---- C:\Program Files\Common Files
2011-07-27 09:17:39 ----D---- C:\ProgramData\CanonIJPLM
2011-07-27 09:07:11 ----D---- C:\Program Files
2011-07-26 18:36:32 ----SHD---- C:\Windows\Installer
2011-07-26 18:34:23 ----D---- C:\Windows\system32\catroot
2011-07-26 18:26:38 ----D---- C:\ProgramData\Norton
2011-07-26 18:26:36 ----D---- C:\Windows\Tasks
2011-07-26 18:25:57 ----D---- C:\Windows\system32\Tasks
2011-07-26 18:25:57 ----D---- C:\ProgramData\Symantec
2011-07-26 08:51:33 ----SHD---- C:\System Volume Information
2011-07-25 22:03:09 ----D---- C:\Users\User\AppData\Roaming\gtk-2.0
2011-07-24 19:03:55 ----D---- C:\Windows\system32\Macromed
2011-07-23 15:14:11 ----D---- C:\Program Files\DAEMON Tools Lite
2011-07-23 15:13:25 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-07-22 20:30:34 ----D---- C:\Program Files\Google
2011-07-22 20:02:57 ----D---- C:\Program Files\Pidgin
2011-07-21 16:43:04 ----RSD---- C:\Windows\assembly
2011-07-21 12:30:46 ----D---- C:\Windows\Debug
2011-07-21 12:04:27 ----D---- C:\Users\User\AppData\Roaming\ICQ
2011-07-18 21:10:44 ----D---- C:\Windows\system32\catroot2
2011-07-15 15:29:48 ----D---- C:\Windows\winsxs
2011-07-15 15:15:10 ----A---- C:\Windows\system32\mrt.exe
2011-07-12 17:38:16 ----D---- C:\ProgramData
2011-07-08 18:47:41 ----D---- C:\Windows\twain_32
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-03 19:21:56 ----D---- C:\Program Files\Microsoft Office
2011-06-30 14:41:27 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-04-16 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-23 218688]
R1 EIO;EIO Driver; C:\Windows\system32\DRIVERS\EIO.sys [2009-04-02 12800]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-22 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-22 25888]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2008-04-14 15232]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2008-04-14 30848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVUVC;Logitech Webcam C100(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-18 7379872]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 aalf3dxd;aalf3dxd; C:\Windows\system32\drivers\aalf3dxd.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 DynCal;Dynamic Calibration Service; C:\Windows\system32\drivers\Dyncal.sys [2007-11-07 12928]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-02-13 15600]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-08 16224]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-18 196608]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2008-04-14 67072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-25 651720]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S4 gupdate1ca92e9297eebe;Služba Google Update (gupdate1ca92e9297eebe); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-11 133104]
S4 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]

-----------------EOF-----------------

[motji]

Něco lehce doladíme .

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Qoobox
C:\Users\User\AppData\Roaming\IMVUCL~1\IMVUQU~1.EXE --startup 
C:\Program Files\DAEMON Tools Toolbar

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[Reboot]

-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

[ironman9876]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3841.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6604.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7439.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7CFF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8104.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI16EA.tmp moved successfully.
C:\WINDOWS\Installer\MSI76E.tmp moved successfully.
C:\WINDOWS\Installer\MSI77DC.tmp moved successfully.
C:\WINDOWS\Installer\MSI785B.tmp moved successfully.
C:\WINDOWS\Installer\MSI7B2D.tmp moved successfully.
C:\WINDOWS\Installer\MSI7F47.tmp moved successfully.
C:\WINDOWS\Installer\MSI9006.tmp moved successfully.
C:\WINDOWS\Installer\MSI91F3.tmp moved successfully.
C:\WINDOWS\Installer\MSIF8F5.tmp moved successfully.
C:\WINDOWS\Installer\MSIFA59.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt1664.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt280D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt2CA0.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt4973.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt5C97.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt5CD3.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt6923.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt6BC2.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt76AA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt8EAD.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt9F6E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltA604.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltD388.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltEEE5.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltF50C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltFF99.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\215797f52b5604ee7967662256a8322e\BITA66C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4232c867b86af6284fedd5de576bd2f9\BIT402B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\620e304bd9b91f1ded9634bf34c8c856\BIT3977.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8ea6b9e3fc3dabbcb3d1d761ce247747\BITD3A4.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\984ad063ac51fe9d0c306f0c15d78151\BITCBC.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a5ef998608d2652af598482a3caa4025\BIT6FB3.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\ccca51174987a0baaf1b65b74a75a35d\BIT492F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f4dbae4f89ea0ff18e551635fa1ccc74\BIT33FB.tmp moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
File/Folder C:\Users\User\AppData\Roaming\IMVUCL~1\IMVUQU~1.EXE --startup not found.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: User
->Temp folder emptied: 115537307 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 123202 bytes
->Google Chrome cache emptied: 264538593 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 61628 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1264 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33239 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 363,00 mb


Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.18.0 log created on 07282011_105448

Files moved on Reboot...
File C:\Qoobox\BackEnv not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[motji]

:arrow:Otevřete znovu Otm a klikněte na tlačítko CleanUp,potvrďte ok

Poprosím už o uplně poslední log ze rsitu.