Browser presmerovava na jine stranky, pc celkove pomalejsi

[pra3tor]

Ahoj, pokazde kdyz clicknu na odkaz, tak me browser hodi na nejake stranky, nejlepe nejakeho malware removeru. Pocitac je celkove pomalejsi. Diky za pomoc.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Dominicka at 2010-07-17 11:22:36
Microsoft® Windows Vista™ Home Premium
System drive C: has 4 GB (3%) free of 144 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:23:47, on 17.7.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dominicka\Desktop\gms\RSIT.exe
C:\Program Files\trend micro\Dominicka.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9841 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-06-03 1404928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2007-09-20 671744]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-02-26 1006264]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2007-09-20 8497696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2007-09-20 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
C:\Windows\system32\nvsvc.dll [2007-09-20 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2007-10-01 181544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-07-17 11:22:37 ----D---- C:\Program Files\trend micro
2010-07-17 11:22:36 ----D---- C:\rsit
2010-07-15 14:09:06 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-07-15 14:09:06 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-07-15 14:09:05 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-07-15 14:09:04 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-07-15 14:09:02 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-07-15 14:09:02 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-07-15 14:09:01 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-07-15 14:08:59 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-07-15 14:08:59 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-07-15 14:08:58 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-07-15 14:08:57 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-07-15 14:08:57 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-07-15 14:08:56 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-07-15 14:08:56 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-15 14:08:55 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-07-15 14:08:54 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-07-15 14:08:50 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-07-15 14:08:50 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-07-15 14:08:49 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-07-15 14:08:48 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-07-15 14:08:45 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-15 14:08:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-15 14:08:41 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-15 14:08:39 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-15 14:08:39 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-15 14:08:38 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-15 14:08:36 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-15 14:08:36 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-15 14:08:33 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-15 14:08:32 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-15 14:08:31 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-15 14:08:29 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-15 14:08:28 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-15 14:08:27 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-15 14:08:26 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-15 14:08:22 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-15 14:08:20 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-15 14:08:19 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-15 14:08:16 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-13 18:17:17 ----A---- C:\Windows\system32\npi.dll
2010-07-13 18:17:17 ----A---- C:\Windows\system32\drivers\npi.sys
2010-07-12 18:58:19 ----D---- C:\Program Files\etax2010
2010-07-06 11:09:48 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-07-06 11:08:33 ----D---- C:\ProgramData\Rosetta Stone
2010-07-06 11:08:33 ----D---- C:\Program Files\Rosetta Stone

======List of files/folders modified in the last 1 months======

2010-07-17 11:22:56 ----D---- C:\Windows\Prefetch
2010-07-17 11:22:37 ----RD---- C:\Program Files
2010-07-17 11:17:51 ----SHD---- C:\System Volume Information
2010-07-17 11:17:38 ----D---- C:\Windows\Temp
2010-07-17 10:54:20 ----D---- C:\Users\Dominicka\AppData\Roaming\BitTorrent
2010-07-16 10:00:26 ----D---- C:\Program Files\Google
2010-07-16 00:19:20 ----SHD---- C:\Windows\Installer
2010-07-16 00:17:08 ----D---- C:\ProgramData\Google
2010-07-16 00:16:10 ----D---- C:\ProgramData\PopCap Games
2010-07-15 14:09:08 ----D---- C:\Windows\system32\directx
2010-07-15 14:09:07 ----D---- C:\Windows\System32
2010-07-15 14:07:04 ----HD---- C:\Windows\msdownld.tmp
2010-07-15 14:01:28 ----D---- C:\Windows
2010-07-15 13:30:33 ----D---- C:\filmy
2010-07-14 18:33:38 ----D---- C:\Windows\inf
2010-07-14 18:33:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-14 18:31:18 ----D---- C:\Windows\system32\LogFiles
2010-07-14 11:25:14 ----D---- C:\Windows\system32\drivers\etc
2010-07-14 10:26:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-07-14 10:26:06 ----D---- C:\ProgramData\NVIDIA
2010-07-14 10:24:39 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-07-14 02:01:26 ----D---- C:\Windows\system32\drivers
2010-07-14 01:46:45 ----D---- C:\Windows\Minidump
2010-07-14 01:34:42 ----D---- C:\Users\Dominicka\AppData\Roaming\Skype
2010-07-14 00:01:14 ----D---- C:\Users\Dominicka\AppData\Roaming\skypePM
2010-07-06 11:09:48 ----D---- C:\Program Files\Common Files
2010-07-06 11:08:33 ----HD---- C:\ProgramData
2010-07-03 19:17:54 ----D---- C:\Windows\system32\catroot2
2010-06-24 12:47:27 ----D---- C:\etax2009

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-21 43872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-10-13 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 NPI;NPI; \??\C:\Windows\system32\drivers\NPI.sys [2010-07-13 32128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-22 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-06 761856]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-10 176640]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-20 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-02-26 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-02-26 132864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
S3 aeva1489;aeva1489; C:\Windows\system32\drivers\aeva1489.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-14 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-14 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-14 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-09-18 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-09-18 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-09-18 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2007-09-20 299008]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-20 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 npii;npii; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-10-01 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-10-01 112016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-06 658432]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-21 183280]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[stell]

Zdravim
ano mas tam smejda.
odinstaluj C:\Program Files\Spybot - Search & Destroy
PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe



- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.

[pra3tor]

Dekuji za odpoved. Jen jsem mel mensi problem s Nod32, windows a combofix hlasil, ze nod32 ma porad spusteny residentni stit, antivir ochranu a malware ochranu, nicmene ja ani nevedel, ze je nod32 nainstalovany v pocitaci, nemohl jsem ho najit nikde na disku a zadny program ho neukazoval ze bezi. Nicmene jsem spustil combofix a zatim vse vypada v poradku, tady je log. Jeste jednou diky!!

ComboFix 10-07-16.02 - Dominicka 19.07.2010 13:03:45.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.2046.1472 [GMT 8:00]
Spuštěný z: c:\users\Dominicka\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Dominicka\AppData\Local\0535049569854.xxe
c:\users\Dominicka\AppData\Local\05352975110249.xxe
c:\users\Dominicka\AppData\Local\rdr_1279016229.exe
c:\windows\bk23567.dat
c:\windows\fdgg34353edfgdfdf
c:\windows\lgo
c:\windows\system32\drivers\npi.sys
c:\windows\system32\KBL.LOG
c:\windows\system32\npi.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPI
-------\Service_NPI
-------\Service_npii


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-19 do 2010-07-19 )))))))))))))))))))))))))))))))
.

2010-07-17 04:50 . 2010-07-17 04:50 4806 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-07-17 04:49 . 2010-07-17 04:49 -------- d-----w- c:\users\Dominicka\AppData\Local\Downloaded Installations
2010-07-17 04:23 . 2010-07-17 05:10 -------- d-----w- c:\program files\Electronic Arts
2010-07-17 03:22 . 2010-07-17 03:23 -------- d-----w- c:\program files\trend micro
2010-07-17 03:22 . 2010-07-17 03:23 -------- d-----w- C:\rsit
2010-07-15 06:09 . 2010-06-01 20:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-07-15 06:09 . 2010-06-01 20:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-07-15 06:09 . 2010-06-01 20:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-07-15 06:09 . 2010-05-26 03:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-07-15 06:09 . 2010-05-26 03:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-07-15 06:09 . 2010-05-26 03:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-07-15 06:09 . 2010-05-26 03:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-07-13 12:25 . 2010-07-13 16:26 42 ----a-w- c:\windows\bk20856.dat
2010-07-12 10:58 . 2010-07-15 16:19 -------- d-----w- c:\program files\etax2010
2010-07-06 03:09 . 2010-07-06 03:09 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-07-06 03:08 . 2010-07-08 07:00 -------- d-----w- c:\programdata\Rosetta Stone
2010-07-06 03:08 . 2010-07-06 03:08 -------- d-----w- c:\program files\Rosetta Stone

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-19 05:18 . 2008-05-14 10:44 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-19 04:37 . 2008-07-14 08:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-17 02:54 . 2010-06-03 03:14 -------- d-----w- c:\users\Dominicka\AppData\Roaming\BitTorrent
2010-07-16 04:04 . 2008-12-07 12:09 680 ----a-w- c:\users\Dominicka\AppData\Local\d3d9caps.dat
2010-07-16 02:00 . 2008-07-14 08:07 -------- d-----w- c:\program files\Google
2010-07-15 16:16 . 2010-05-11 10:13 -------- d-----w- c:\programdata\PopCap Games
2010-07-14 10:33 . 2008-02-26 01:24 81404 ----a-w- c:\windows\system32\perfc005.dat
2010-07-14 10:33 . 2008-02-26 01:24 473598 ----a-w- c:\windows\system32\perfh005.dat
2010-07-14 08:56 . 2008-07-13 23:10 27715 ----a-w- c:\users\Dominicka\AppData\Roaming\nvModes.dat
2010-07-14 02:26 . 2008-05-14 11:13 -------- d-----w- c:\programdata\NVIDIA
2010-07-13 17:34 . 2008-07-14 08:00 -------- d-----w- c:\users\Dominicka\AppData\Roaming\Skype
2010-07-13 16:01 . 2008-07-14 17:57 -------- d-----w- c:\users\Dominicka\AppData\Roaming\skypePM
2010-06-13 08:48 . 2009-10-09 06:05 -------- d-----w- c:\users\Dominicka\AppData\Roaming\Apple Computer
2010-06-03 03:13 . 2010-06-03 03:13 -------- d-----w- c:\program files\BitTorrent
2010-05-26 03:41 . 2010-07-15 06:08 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-21 06:14 . 2009-10-02 17:43 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-14 04:50 . 2009-10-14 12:01 3358720 ----a-w- c:\users\Dominicka\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2008-02-26 01:52 . 2008-02-26 01:41 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-02-26 1006264]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
PHOTOfunSTUDIO HD Edition.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2010-3-17 44176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 14:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 15:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-09-19 20:05 8497696 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-09-19 20:05 81920 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-09-19 20:05 86016 ----a-w- c:\windows\System32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-09-30 17:34 181544 ----a-w- c:\program files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2006-11-02 12:34 2159104 ----a-w- c:\windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-10-13 717296]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
npii REG_MULTI_SZ npii

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com.au/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-19 15:47
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3856931583-1309589307-1375266797-1000\Software\SecuROM\License information*]
"datasecu"=hex:09,b8,37,f4,d5,63,a8,05,b6,9d,0b,ce,86,c8,b5,d7,ff,2d,55,fa,02,
a5,1c,c8,05,d8,e7,15,75,1d,83,19,bc,b6,3c,20,2d,2e,df,97,80,fe,98,d2,0b,54,\
"rkeysecu"=hex:b7,f1,41,45,8c,30,88,a1,26,9a,e4,ff,f8,a5,82,28

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(644)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(2904)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\System32\bgsvcgen.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\conime.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2010-07-19 15:54:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-19 07:54

Před spuštěním: Volných bajtů: 12 656 611 328
Po spuštění: 8 626 995 200

- - End Of File - - FE778803BDC1EE67B20A1E0CDD7BA97E

[stell]

no ani ja nevidim NOD v systeme len combofix hlasi,,ze je tam,,a ak to hlasi tak urcite je tam,,potom to odstranim,ale vloz sem novy log z RSIT,nakolko nevidim tam to co som videl v logu RSIT.
Odinstaluj C:\Program Files\Spybot - Search & Destroy