strasne zpomalene pc

[flip.]

Caues,
posledni dobou mi jede PC strasne pomalu... jak start, tak je pomale i pri pouzivani...
prikladam log z RSIT...
projel jsem to avastem, ccleanerem i ad-awarem, updaty z windows update mam taky.. ted jeste neco updatuju pomoci secunie, ale uz nevim co dal udelat...

a mimo to mam trochu problem s jednim souborem na plose... killboxem jsem ji chtel smazat, ale reklo mi to, ze neexistuje...

log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Dan at 2010-10-23 17:54:23
Microsoft Windows 7 Ultimate
System drive C: has 140 GB (46%) free of 302 GB
Total RAM: 3070 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:58:35, on 23.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dan\Downloads\RSIT.exe
C:\Program Files\trend micro\Dan.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 10955 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-01-27 1312848]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2010-05-02 133368]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
C:\Windows\system32\nvHotkey.dll [2010-03-16 88168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
C:\PROGRA~1\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-01-29 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-10-23 17:54:24 ----D---- C:\Program Files\trend micro
2010-10-23 17:54:23 ----D---- C:\rsit
2010-10-23 17:50:02 ----D---- C:\Program Files\Secunia
2010-10-23 17:48:38 ----D---- C:\!KillBox
2010-10-23 17:23:38 ----D---- C:\Program Files\Xvid CZ
2010-10-23 17:13:35 ----D---- C:\Program Files\CCleaner
2010-10-23 17:13:13 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-10-23 17:13:13 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-10-23 17:11:03 ----A---- C:\Windows\system32\wmp.dll
2010-10-23 17:11:02 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-23 17:10:58 ----A---- C:\Windows\system32\comctl32.dll
2010-10-23 17:10:48 ----A---- C:\Windows\system32\tzres.dll
2010-10-23 17:10:43 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-23 17:10:43 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-23 17:10:43 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-23 17:10:42 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-23 17:10:33 ----A---- C:\Windows\system32\mshtml.dll
2010-10-23 17:10:33 ----A---- C:\Windows\system32\iertutil.dll
2010-10-23 17:10:32 ----A---- C:\Windows\system32\ieframe.dll
2010-10-23 17:10:31 ----A---- C:\Windows\system32\urlmon.dll
2010-10-23 17:10:31 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-23 17:10:30 ----A---- C:\Windows\system32\wininet.dll
2010-10-23 17:10:30 ----A---- C:\Windows\system32\mstime.dll
2010-10-23 17:10:30 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-23 17:10:30 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-23 17:10:29 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-23 17:10:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-23 17:10:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-23 17:10:29 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-23 17:10:29 ----A---- C:\Windows\system32\ieui.dll
2010-10-23 17:10:29 ----A---- C:\Windows\system32\iepeers.dll
2010-10-23 17:10:26 ----A---- C:\Windows\system32\win32k.sys
2010-10-23 17:10:24 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-23 17:10:24 ----A---- C:\Windows\system32\mfc40.dll
2010-10-23 17:10:20 ----A---- C:\Windows\system32\spoolsv.exe
2010-10-23 17:10:16 ----A---- C:\Windows\system32\ole32.dll
2010-10-23 17:10:15 ----A---- C:\Windows\system32\t2embed.dll
2010-10-23 17:10:11 ----A---- C:\Windows\system32\schannel.dll
2010-10-23 17:09:49 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-23 17:07:01 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-22 18:50:34 ----D---- C:\Users\Dan\AppData\Roaming\DLC2
2010-10-22 18:50:07 ----D---- C:\Program Files\NetEnt
2010-10-12 20:51:23 ----A---- C:\Windows\system32\lsdelete.exe
2010-10-12 20:35:36 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-10-12 20:35:34 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-10-12 20:29:52 ----HDC---- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-10-12 20:29:37 ----D---- C:\ProgramData\Lavasoft
2010-10-12 20:29:37 ----D---- C:\Program Files\Lavasoft

======List of files/folders modified in the last 1 months======

2010-10-23 17:58:35 ----SHD---- C:\Windows\Installer
2010-10-23 17:58:35 ----HD---- C:\Config.Msi
2010-10-23 17:58:19 ----D---- C:\Windows\Temp
2010-10-23 17:54:24 ----RD---- C:\Program Files
2010-10-23 17:50:16 ----D---- C:\Windows\system32\Tasks
2010-10-23 17:50:02 ----D---- C:\Windows\system32\drivers
2010-10-23 17:41:23 ----D---- C:\Windows\Tasks
2010-10-23 17:41:08 ----RSD---- C:\Windows\assembly
2010-10-23 17:41:08 ----D---- C:\Windows\Microsoft.NET
2010-10-23 17:38:12 ----D---- C:\Users\Dan\AppData\Roaming\ICQ
2010-10-23 17:37:46 ----D---- C:\Windows\Prefetch
2010-10-23 17:36:55 ----D---- C:\Windows\winsxs
2010-10-23 17:36:17 ----D---- C:\Windows\system32\config
2010-10-23 17:36:14 ----D---- C:\Windows
2010-10-23 17:34:34 ----D---- C:\Windows\system32\migration
2010-10-23 17:34:34 ----D---- C:\Windows\system32\en-US
2010-10-23 17:34:34 ----D---- C:\Windows\System32
2010-10-23 17:34:34 ----D---- C:\Program Files\Internet Explorer
2010-10-23 17:34:33 ----D---- C:\Windows\inf
2010-10-23 17:34:33 ----D---- C:\Program Files\Windows Media Player
2010-10-23 17:23:57 ----A---- C:\Windows\NeroDigital.ini
2010-10-23 17:20:11 ----D---- C:\Windows\Minidump
2010-10-23 17:20:11 ----D---- C:\Windows\debug
2010-10-23 17:19:07 ----D---- C:\Program Files\CamStudio
2010-10-23 17:13:13 ----HD---- C:\ProgramData
2010-10-23 17:12:18 ----D---- C:\Windows\system32\catroot
2010-10-23 17:11:41 ----SHD---- C:\System Volume Information
2010-10-23 17:09:59 ----D---- C:\Windows\system32\catroot2
2010-10-23 17:09:01 ----D---- C:\Program Files\HP
2010-10-23 17:08:17 ----D---- C:\Windows\system32\appmgmt
2010-10-23 17:06:16 ----D---- C:\Program Files\Yahoo!
2010-10-23 02:27:15 ----D---- C:\Users\Dan\AppData\Roaming\Skype
2010-10-23 00:09:11 ----D---- C:\Users\Dan\AppData\Roaming\skypePM
2010-10-22 19:04:05 ----SD---- C:\Users\Dan\AppData\Roaming\Microsoft
2010-10-21 17:01:38 ----D---- C:\Users\Dan\AppData\Roaming\Juce VST Host
2010-10-16 19:11:39 ----D---- C:\Windows\system32\wdi
2010-10-12 23:16:52 ----SD---- C:\ProgramData\Microsoft
2010-10-12 20:35:36 ----DC---- C:\Windows\system32\DRVSTORE
2010-10-07 10:46:20 ----A---- C:\Windows\system32\MRT.exe
2010-10-06 16:57:19 ----D---- C:\Windows\system32\FxsTmp
2010-10-06 16:57:00 ----D---- C:\Windows\ModemLogs
2010-10-03 18:22:02 ----D---- C:\Casino
2010-09-29 20:00:09 ----D---- C:\ProgramData\Norton
2010-09-29 20:00:07 ----D---- C:\ProgramData\Symantec
2010-09-29 18:07:01 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-09-26 23:10:24 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-03 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 nltdi;nltdi; \??\C:\Program Files\NetLimiter 3\nltdi.sys [2010-05-25 5281672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-11-10 35984]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-11-10 37392]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 aiv7ek7x;aiv7ek7x; C:\Windows\system32\drivers\aiv7ek7x.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-09-20 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-12 1357464]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nlsvc;NetLimiter 3 Service; C:\Program Files\NetLimiter 3\nlsvc.exe [2010-05-24 1085440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 129640]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-21 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-01-29 292944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]

-----------------EOF-----------------

DEKUJI

[flip.]

p.s.: nejvic me stve, ze kdyz mam pustene kasino, tak se mi seka mys a je nepresna apod., proste to to PC nejak nezvlada (predevsim kdyz do toho jeste natacim plochu camcoderem)

[Roli]

Zdravím, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

HJT najdeš zde :

C:\Program Files\trend micro\Dan.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Google Update Service

Google Updater Service

ICQ Service

Nero BackItUp Scheduler 3

NMIndexingService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Odinstaluj nikoliv smaž ICQ6Toolbar.


Dále použij Mbam z mého podpisu a dej mi sem z něj log dříve než něco smažeš.

[flip.]

vse jsem udelal, diky!
jen by me zajimalo (jakozto clovek co se v tomhle moc nevyzna), k cemu je mazani danych veci v HJT, kdyz se jedna o relativne bezne veci jako napr. ICQ, Divxupdate, nero, apod.? je to proto, protoze jsou tyto veci zbytecne a zpomaluji pc?

jinak zde log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4929

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.10.2010 21:13:54
mbam-log-2010-10-23 (21-13-54).txt

Scan type: Quick scan
Objects scanned: 142190
Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Dan\downloads\SetupCasino_efd96b_en (1).exe (Adware.Casino) -> No action taken.
C:\Users\Dan\downloads\SetupCasino_fa3861.exe (Adware.Casino) -> No action taken.
C:\Users\Dan\downloads\SetupCasino_7706a5_en.exe (Adware.Casino) -> No action taken.
C:\Users\Dan\downloads\SetupCasino_79a7.exe (Adware.Casino) -> No action taken.

[Roli]

vse jsem udelal, diky!
jen by me zajimalo (jakozto clovek co se v tomhle moc nevyzna), k cemu je mazani danych veci v HJT, kdyz se jedna o relativne bezne veci jako napr. ICQ, Divxupdate, nero, apod.? je to proto, protoze jsou tyto veci zbytecne a zpomaluji pc?

Je to proto že čím víc softíků se po startu spouští tím je vše pomalejší, HJT je nesmaže z PC pouze zakáže jejich automatické spuštění.

Samozřejmě jdou kdykoliv spustit jejich ikonou.

Také jsme nefixli ICQ jako takové ale pouze ICQToolBar, který dokáže s PC dělat psí kusy.


To co Mbam našel nech smazat, jedná se právě o problémové kasino.


Dále použijeme větší kalibr, tak že pozorně číst, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

[flip.]

tak tady to je:

ComboFix 10-10-22.05 - Dan 23.10.2010 23:14:00.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2217 [GMT 2:00]
Running from: c:\users\Dan\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-09-23 to 2010-10-23 )))))))))))))))))))))))))))))))
.

2010-10-23 21:19 . 2010-10-23 21:41 -------- d-----w- c:\users\Dan\AppData\Local\temp
2010-10-23 21:19 . 2010-10-23 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-23 21:03 . 2010-10-23 21:04 -------- d-----w- C:\32788R22FWJFW
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\users\Dan\AppData\Roaming\Malwarebytes
2010-10-23 19:05 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\programdata\Malwarebytes
2010-10-23 19:05 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-23 16:08 . 2010-10-23 16:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-23 16:06 . 2010-10-23 16:07 -------- d-----w- c:\program files\iTunes
2010-10-23 16:06 . 2010-10-23 16:06 -------- d-----w- c:\program files\iPod
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-10-23 16:03 . 2010-10-23 16:04 -------- d-----w- c:\program files\QuickTime
2010-10-23 16:01 . 2010-10-23 16:01 -------- d-----w- c:\program files\Bonjour
2010-10-23 15:54 . 2010-10-23 19:01 -------- d-----w- c:\program files\trend micro
2010-10-23 15:54 . 2010-10-23 15:58 -------- d-----w- C:\rsit
2010-10-23 15:50 . 2010-10-23 15:50 -------- d-----w- c:\program files\Secunia
2010-10-23 15:48 . 2010-10-23 15:48 -------- d-----w- C:\!KillBox
2010-10-23 15:23 . 2010-10-23 15:23 -------- d-----w- c:\program files\Xvid CZ
2010-10-23 15:13 . 2010-10-23 15:13 -------- d-----w- c:\program files\CCleaner
2010-10-23 15:13 . 2010-10-23 15:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-10-23 15:13 . 2010-10-23 15:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-23 15:11 . 2010-09-01 04:26 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-23 15:11 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-23 15:09 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-23 15:07 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-10-22 16:50 . 2010-10-22 16:50 -------- d-----w- c:\users\Dan\AppData\Roaming\DLC2
2010-10-22 16:50 . 2010-10-22 16:50 -------- d-----w- c:\program files\NetEnt
2010-10-12 18:51 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-12 18:35 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-10-12 18:35 . 2010-10-12 18:35 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-12 18:30 . 2010-10-12 18:30 -------- d-----w- c:\users\Dan\AppData\Local\Sunbelt Software
2010-10-12 18:29 . 2010-10-12 18:29 -------- dc-h--w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-10-12 18:29 . 2010-10-12 18:35 -------- d-----w- c:\programdata\Lavasoft
2010-10-12 18:29 . 2010-10-12 18:29 -------- d-----w- c:\program files\Lavasoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-22 14:06 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-05-02 17:23 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-05-02 17:24 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-05-02 17:24 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-05-02 17:24 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-05-02 17:24 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-05-02 17:24 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-22 18:34 . 2010-08-22 18:34 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-08-22 18:34 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-07-29 06:30 . 2010-08-12 14:05 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 14:05 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-05-02 133368]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Users^Dan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2010-03-16 18:46 88168 ----a-w- c:\windows\System32\nvhotkey.dll

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-08-12 15008]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 136176]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-03 691696]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S1 aswSP;aswSP; [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2010-05-25 5281672]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-12 1357464]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-10-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 18:35]

2010-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 21:54]

2010-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 21:54]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
AddRemove-William Hill CASINO CLUB - c:\casino\William Hill CASINO CLUB\_SetupCasino_efd96b_en.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-10-23 23:50:22
ComboFix-quarantined-files.txt 2010-10-23 21:50

Pre-Run: 145,587,412,992 bytes free
Post-Run: 145,336,774,656 bytes free

- - End Of File - - B8D2F23ED714C760F135E44668587A07

jinak celkove ten scan trval rozhodne mnohem dele nez 10 min...

a diky za pomoc=)

[flip.]

tak tady to je:

ComboFix 10-10-22.05 - Dan 23.10.2010 23:14:00.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2217 [GMT 2:00]
Running from: c:\users\Dan\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-09-23 to 2010-10-23 )))))))))))))))))))))))))))))))
.

2010-10-23 21:19 . 2010-10-23 21:41 -------- d-----w- c:\users\Dan\AppData\Local\temp
2010-10-23 21:19 . 2010-10-23 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-23 21:03 . 2010-10-23 21:04 -------- d-----w- C:\32788R22FWJFW
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\users\Dan\AppData\Roaming\Malwarebytes
2010-10-23 19:05 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-23 19:05 . 2010-10-23 19:05 -------- d-----w- c:\programdata\Malwarebytes
2010-10-23 19:05 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-23 16:08 . 2010-10-23 16:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-23 16:06 . 2010-10-23 16:07 -------- d-----w- c:\program files\iTunes
2010-10-23 16:06 . 2010-10-23 16:06 -------- d-----w- c:\program files\iPod
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-10-23 16:04 . 2010-10-23 16:04 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-10-23 16:03 . 2010-10-23 16:04 -------- d-----w- c:\program files\QuickTime
2010-10-23 16:01 . 2010-10-23 16:01 -------- d-----w- c:\program files\Bonjour
2010-10-23 15:54 . 2010-10-23 19:01 -------- d-----w- c:\program files\trend micro
2010-10-23 15:54 . 2010-10-23 15:58 -------- d-----w- C:\rsit
2010-10-23 15:50 . 2010-10-23 15:50 -------- d-----w- c:\program files\Secunia
2010-10-23 15:48 . 2010-10-23 15:48 -------- d-----w- C:\!KillBox
2010-10-23 15:23 . 2010-10-23 15:23 -------- d-----w- c:\program files\Xvid CZ
2010-10-23 15:13 . 2010-10-23 15:13 -------- d-----w- c:\program files\CCleaner
2010-10-23 15:13 . 2010-10-23 15:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-10-23 15:13 . 2010-10-23 15:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-23 15:11 . 2010-09-01 04:26 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-23 15:11 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-23 15:09 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-23 15:07 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-10-22 16:50 . 2010-10-22 16:50 -------- d-----w- c:\users\Dan\AppData\Roaming\DLC2
2010-10-22 16:50 . 2010-10-22 16:50 -------- d-----w- c:\program files\NetEnt
2010-10-12 18:51 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-12 18:35 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-10-12 18:35 . 2010-10-12 18:35 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-12 18:30 . 2010-10-12 18:30 -------- d-----w- c:\users\Dan\AppData\Local\Sunbelt Software
2010-10-12 18:29 . 2010-10-12 18:29 -------- dc-h--w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-10-12 18:29 . 2010-10-12 18:35 -------- d-----w- c:\programdata\Lavasoft
2010-10-12 18:29 . 2010-10-12 18:29 -------- d-----w- c:\program files\Lavasoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-22 14:06 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-05-02 17:23 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-05-02 17:24 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-05-02 17:24 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-05-02 17:24 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-05-02 17:24 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-05-02 17:24 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-22 18:34 . 2010-08-22 18:34 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-08-22 18:34 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-07-29 06:30 . 2010-08-12 14:05 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 14:05 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-05-02 133368]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Users^Dan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2010-03-16 18:46 88168 ----a-w- c:\windows\System32\nvhotkey.dll

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-08-12 15008]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 136176]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-03 691696]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S1 aswSP;aswSP; [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2010-05-25 5281672]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-12 1357464]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2010-05-25 5230088]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-10-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 18:35]

2010-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 21:54]

2010-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 21:54]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
AddRemove-William Hill CASINO CLUB - c:\casino\William Hill CASINO CLUB\_SetupCasino_efd96b_en.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-10-23 23:50:22
ComboFix-quarantined-files.txt 2010-10-23 21:50

Pre-Run: 145,587,412,992 bytes free
Post-Run: 145,336,774,656 bytes free

- - End Of File - - B8D2F23ED714C760F135E44668587A07

jinak celkove ten scan trval rozhodne mnohem dele nez 10 min...

a diky za pomoc=)

[flip.]

nevim jak je to mozne, ale PC se mi seka snad jeste vice:( internet i bezne programy maji silenou odezvu... (pritom internet je v poradku - jak ping, tak mereni rychlosti jako takove)

je mi jasne, ze nejlepsi by byl format, ale do toho se mi opravdu nechce...
dokonce i psani tehle zpravy se seka

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Odinstaluj Spybot - S&D a Ad-Aware kteří už jsou za zenitem.


Dále použij Cure It z mého podpisu a dej vědět jak to dopadlo.

[flip.]

vse jsem udelal, cure it nic nenasel...

[Roli]

Bezva a jak je na tom PC ?

[flip.]

mno, musim rict, ze lepe:)

uz asi neni moc co dale resit...
kazdopadne diky moc!
nevim co by si bez vas mnoho uzivatelu pocalo...

[Roli]

Není zač.