MOTJI Prosim o kontolu(moc dekuji)

[limcak1]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Limcak at 2011-01-26 09:46:40
Microsoft Windows 7 Ultimate
System drive C: has 45 GB (59%) free of 76 GB
Total RAM: 2046 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:47:03, on 26/01/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Installer\MSI6DE9.tmp
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Kodak\AiO\center\KodakSvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\oodag.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Kodak\AiO\Center\EKDiscovery.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Limcak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Limcak\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Limcak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=41.234.204.32:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\Program Files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSI6DE9.tmp
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKDiscovery.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\AiO\center\KodakSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 8947 bytes

======Scheduled tasks folder======

C:\Windows\tasks\At1.job
C:\Windows\tasks\At2.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630328902-3916507609-3807365351-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1630328902-3916507609-3807365351-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"EKIJ5000StatusMonitor"=C:\Program Files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe [2009-04-07 1511424]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-12-24 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-12-17 395640]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conime]
C:\Windows\system32\conime.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
C:\Program Files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe [2009-04-07 1511424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-10-27 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\Windows\system32\hkcmd.exe [2005-09-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\Windows\system32\igfxpers.exe [2005-09-20 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\Windows\system32\igfxtray.exe [2005-09-20 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-09-21 55824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Windows\system32\oodtray.exe [2009-04-08 2553088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor]
C:\Windows\Philips\SPC230NC\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor]
C:\Windows\Philips\SPC230NC\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-12-24 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-12-17 395640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinClicker.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin230.lnk]
C:\PROGRA~1\Philips\PHILIP~1\TRAYMI~1.EXE [2007-12-14 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
C:\PROGRA~1\MICROS~2\Office12\GROOVE.EXE [2006-10-27 338216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mobiola Web Camera for S60.lnk]
C:\PROGRA~1\MOBIOL~1\webcam.exe [2008-06-17 1077626]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"NoSecCpl"=0
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispCpl"=0
"NoDispScrSavPage"=0
"NoDispAppearancePage"=0
"NoDispSettingsPage"=0
"NoVisualStyleChoice"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0x00000000
"NoDesktop"=0
"HideClock"=0
"NoDriveTypeAutoRun"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-26 09:46:40 ----D---- C:\rsit
2011-01-26 09:46:40 ----D---- C:\Program Files\trend micro
2011-01-24 13:16:50 ----D---- C:\Windows\system32\Side 9 Screensaver dir
2011-01-15 22:23:50 ----D---- C:\Windows\Sun
2011-01-15 22:23:16 ----D---- C:\ProgramData\Sun
2011-01-15 22:23:06 ----D---- C:\Program Files\Common Files\Java
2011-01-15 22:22:07 ----A---- C:\Windows\system32\javaws.exe
2011-01-15 22:22:07 ----A---- C:\Windows\system32\javaw.exe
2011-01-15 22:22:07 ----A---- C:\Windows\system32\java.exe
2011-01-15 22:22:07 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-15 22:21:20 ----D---- C:\Program Files\Java
2011-01-08 16:15:19 ----A---- C:\Windows\expstart.exe
2011-01-08 16:14:18 ----D---- C:\Windows\W7SOC
2011-01-08 16:14:18 ----A---- C:\Windows\explorer.backup.exe
2011-01-04 10:54:10 ----D---- C:\Program Files\PokerStars
2010-12-29 20:09:30 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8

======List of files/folders modified in the last 1 months======

2011-01-26 09:46:59 ----D---- C:\Windows\Temp
2011-01-26 09:46:56 ----D---- C:\Windows\Prefetch
2011-01-26 09:46:40 ----RD---- C:\Program Files
2011-01-26 09:46:27 ----D---- C:\Users\Limcak\AppData\Roaming\uTorrent
2011-01-26 08:32:08 ----D---- C:\Windows\system32\Tasks
2011-01-24 21:17:58 ----D---- C:\Windows\System32
2011-01-24 21:17:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-24 21:17:57 ----D---- C:\Windows\inf
2011-01-24 21:05:58 ----D---- C:\Users\Limcak\AppData\Roaming\Skype
2011-01-23 10:58:27 ----D---- C:\Windows\system32\config
2011-01-20 23:41:14 ----SHD---- C:\System Volume Information
2011-01-19 21:51:53 ----D---- C:\Windows
2011-01-19 19:21:21 ----D---- C:\Windows\system32\catroot2
2011-01-19 10:09:29 ----SHD---- C:\Windows\Installer
2011-01-19 10:09:27 ----D---- C:\Program Files\Mozilla Firefox
2011-01-19 09:21:03 ----D---- C:\Users\Limcak\AppData\Roaming\Mozilla
2011-01-17 17:33:35 ----D---- C:\Users\Limcak\AppData\Roaming\Temp
2011-01-15 22:23:16 ----HD---- C:\ProgramData
2011-01-15 22:23:06 ----D---- C:\Program Files\Common Files
2011-01-14 21:30:48 ----D---- C:\Users\Limcak\AppData\Roaming\Winamp
2011-01-14 18:48:07 ----D---- C:\Users\Limcak\AppData\Roaming\TeamViewer
2011-01-14 18:45:46 ----D---- C:\Program Files\TeamViewer
2011-01-14 16:12:34 ----D---- C:\Users\Limcak\AppData\Roaming\PC Suite
2011-01-13 16:27:44 ----D---- C:\Users\Limcak\AppData\Roaming\Media Player Classic
2011-01-12 17:59:34 ----D---- C:\Windows\system32\wdi
2011-01-12 16:39:19 ----D---- C:\Windows\system32\FxsTmp
2011-01-09 11:54:17 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-09-07 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2010-09-07 190416]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-08-26 20616]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-06 691696]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2010-09-07 99792]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-09-07 340048]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-13 159232]
R3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-12-20 20952]
R3 PAEAFLT.sys;USB Composite Device; C:\Windows\system32\DRIVERS\PAEAFLT.sys [2007-09-26 8576]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-13 8192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-24 191008]
R3 smwdm;smwdm; C:\Windows\system32\drivers\smwdm.sys [2005-11-29 260224]
R3 SPC230NC;Philips SPC230NC Webcam; C:\Windows\system32\DRIVERS\SPC230NC.SYS [2007-12-31 461056]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-03-03 48640]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCAMDRV;Mobiola Web Camera driver; C:\Windows\system32\DRIVERS\BTCamDrv.sys [2006-11-01 219264]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-13 34816]
S3 BthPan;Zarízení Bluetooth (sít PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 93696]
S3 BTHPORT;Ovladac portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-13 392704]
S3 BTHUSB;Ovladac rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-13 58880]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2009-08-26 29192]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zarízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 129536]
S3 RimUsb;zarízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladac skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-13 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-13 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler; C:\Windows\Installer\MSI6DE9.tmp [2010-06-28 86016]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKDiscovery.exe [2009-05-04 279960]
R2 KodakSvc;Kodak AiO Device Service; C:\Program Files\Kodak\AiO\center\KodakSvc.exe [2009-04-17 32768]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe [2009-04-08 1377536]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S4 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-07 435016]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]

-----------------EOF-----------------

[motji]

Ahoj

Něco tam bude

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[limcak1]

ComboFix 11-01-25.03 - Limcak 26/01/2011 10:53:16.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1029.18.2046.1413 [GMT 0:00]
Running from: c:\users\Limcak\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: avast! Internet Security *Disabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}
SP: avast! Internet Security *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\filesubmit
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Arrow.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Beam.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull BUSY.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Cross.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Dia 1.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Dia 2.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull EW.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Help.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Link.cur
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Moving.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull NO.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull NS.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Pen.cur
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Up.ani
c:\program files\filesubmit\skullscur\Skull Cursors\Skull Working .ani
c:\program files\filesubmit\smokingguncur\internal-flame-ws.jpg
c:\program files\filesubmit\smokingguncur\internal-flame-ws.zip
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Arrow.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Beam.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Busy.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Cross.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Dia 1.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Dia 2.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\EW.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Help.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Install Cursors.txt
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Link.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Moving.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\No.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\NS.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Pen.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\UP.ani
c:\program files\filesubmit\smokingguncur\Smoking Gun Cursors\Working.ani
c:\program files\filesubmit\smokingguncur\smokingguncur.zip
c:\users\Limcak\AppData\Roaming\Desktopicon

.
((((((((((((((((((((((((( Files Created from 2010-12-26 to 2011-01-26 )))))))))))))))))))))))))))))))
.

2011-01-26 11:23 . 2011-01-26 11:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-26 09:46 . 2011-01-26 09:47 -------- d-----w- c:\program files\trend micro
2011-01-24 13:16 . 2011-01-24 13:16 -------- d-----w- c:\windows\system32\Side 9 Screensaver dir
2011-01-24 13:11 . 2011-01-24 13:16 520192 ----a-w- c:\windows\system32\Side 9 Screensaver.scr
2011-01-15 22:23 . 2011-01-15 22:23 -------- d-----w- c:\windows\Sun
2011-01-15 22:23 . 2011-01-15 22:23 -------- d-----w- c:\program files\Common Files\Java
2011-01-15 22:22 . 2011-01-15 22:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-15 22:21 . 2011-01-15 22:21 -------- d-----w- c:\program files\Java
2011-01-15 02:37 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{720CF537-C367-46BB-B3A6-C00891270D7A}\mpengine.dll
2011-01-11 21:20 . 2011-01-11 21:24 -------- d-----w- c:\users\Limcak\AppData\Local\DOSBox
2011-01-08 16:15 . 2011-01-08 16:14 916480 ----a-w- c:\windows\expstart.exe
2011-01-08 16:14 . 2011-01-08 16:19 -------- d-----w- c:\windows\W7SOC
2011-01-08 16:14 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.backup.exe
2011-01-04 10:54 . 2011-01-04 10:54 -------- d-----w- c:\users\Limcak\AppData\Local\PokerStars
2011-01-04 10:54 . 2011-01-04 11:18 -------- d-----w- c:\program files\PokerStars
2010-12-29 20:09 . 2011-01-19 10:09 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-24 09:21 . 2010-02-06 20:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-24 09:21 . 2010-02-06 20:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-12-23 13:39 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2010-12-23 13:39 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2010-12-23 13:39 . 2009-07-13 23:39 2755072 ----a-w- c:\windows\system32\themeui.dll
2010-12-20 18:09 . 2010-02-07 09:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 18:08 . 2010-02-07 09:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-08 09:34 . 2010-12-08 09:30 356352 ----a-w- c:\windows\eSellerateEngine.DLL
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-09-07 16:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-17 395640]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"EKIJ5000StatusMonitor"="c:\program files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe" [2009-04-07 1511424]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-12-24 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0aswBoot.exe /M:67cd39985

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin230.lnk]
backup=c:\windows\pss\TrayMin230.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
backup=c:\windows\pss\Microsoft Office Groove.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mobiola Web Camera for S60.lnk]
backup=c:\windows\pss\Mobiola Web Camera for S60.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
backup=c:\windows\pss\OpenOffice.org 2.4.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Limcak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
2009-04-07 17:27 1511424 ----a-w- c:\program files\Kodak\AiO\PrinterDriver\i386\EKIJ5000MUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-10-27 12:20 133432 ----a-w- c:\program files\ICQ7.0\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-09-20 10:32 77824 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-09-20 10:36 114688 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-09-20 10:35 94208 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-09-21 03:10 55824 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-12-20 18:08 443728 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2009-04-08 00:39 2553088 ----a-w- c:\windows\System32\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
2008-04-01 01:54 507904 ----a-w- c:\program files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 09:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 16:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-12-24 09:21 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-12-17 08:38 395640 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-04-10 17:29 37888 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Limcak\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Conime"=%windir%\system32\conime.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
R3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\DRIVERS\BTCamDrv.sys [2006-11-01 219264]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-08-26 29192]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2010-09-07 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-08-26 20616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-06 691696]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\Installer\MSI6DE9.tmp [2010-06-28 86016]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKDiscovery.exe [2009-05-04 279960]
S2 KodakSvc;Kodak AiO Device Service;c:\program files\Kodak\AiO\center\KodakSvc.exe [2009-04-17 32768]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\DRIVERS\PAEAFLT.sys [2007-09-26 8576]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-24 191008]
S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\DRIVERS\SPC230NC.SYS [2007-12-31 461056]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-09-13 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-09-13 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2011-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1630328902-3916507609-3807365351-1000Core.job
- c:\users\Limcak\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-07 07:04]

2011-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1630328902-3916507609-3807365351-1000UA.job
- c:\users\Limcak\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-07 07:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyServer = http=41.234.204.32:8080
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pridat do Anti-Banner
FF - ProfilePath - c:\users\Limcak\AppData\Roaming\Mozilla\Firefox\Profiles\vbackuia.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Fasterfox Lite: FasterFox_Lite@BigRedBrent - %profile%\extensions\FasterFox_Lite@BigRedBrent
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
FF - Ext: NASA Night Launch: nasanightlaunch@example.com - %profile%\extensions\nasanightlaunch@example.com
FF - Ext: Google Translator for Firefox: translator@zoli.bod - %profile%\extensions\translator@zoli.bod
FF - Ext: 1-Click Videos Downloader: {F609665F-00F9-4656-867C-801ADA40844B} - %profile%\extensions\{F609665F-00F9-4656-867C-801ADA40844B}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: České slovníky pro kontrolu pravopisu: cs@dictionaries.addons.mozilla.org - %profile%\extensions\cs@dictionaries.addons.mozilla.org
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -

Notify-LBTWlgn - (no file)
MSConfigStartUp-Conime - c:\windows\system32\conime.exe
MSConfigStartUp-WinClicker - (no file)



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HyperDeskCustomThemeEnabler]
"ImagePath"="\"c:\windows\Installer\MSI6DE9.tmp\" -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1630328902-3916507609-3807365351-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4A452909-FB5D-C674-43C9-315B1E998D82}*]
"iamllpndehgpihmlod"=hex:6a,61,66,6b,66,68,67,69,6b,6a,67,66,68,6e,70,67,65,6b,
6e,63,00,00
"hacdnpkcijomalge"=hex:6a,61,66,6b,66,68,67,69,6b,6a,67,66,68,6e,70,67,65,6b,
6e,63,00,00

[HKEY_USERS\S-1-5-21-1630328902-3916507609-3807365351-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AC77D588-9A2A-C1D3-1614-851B09B2168C}*]
"habgdpijhkahdnog"=hex:6a,61,65,69,6b,66,6f,6b,69,63,6b,66,6f,63,6c,69,68,69,
67,67,00,00
"iahhijkdahnemfkfei"=hex:6a,61,65,69,6b,66,6f,6b,69,63,6b,66,6f,63,6c,69,68,69,
67,67,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="DAE3443BABB826D9D991FC17FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67949DB7CE019D40AA5CA9C6AECB7A5D14077A32CA74BF50A34B19ACEE0BA86767761AFB68BB4AC7BA2F02780BEACD0455206E76C9F972B16753E6616033C5D273AE78E459CD25C377F61EA85C7A1643E1E4859BCD7F65FDE150944B3FE920B67662C6D13349D7735FDFDE4E2A82B2C8CD7BDA7182A955A073BDC7142D7315265600DC662AB27AB4FE6A6327DBE69959E7937AEEA55B3467501F9C8B5B54AE19CC797FEA064FD4C5B39A439270CFEE1DD463E7AD88BDA48382F8202512D7306A67C4EC4B23AB694B32780516782911248D2218EA133F7F0DE5D45775AB8B0F5B87DD53967196E6CFFE8EA7DA18240E5EDA8D7689BE9051FD2CC0B93999C1730CE2C3D8817523363DF7EC1B2E8BB32B215FE5DF0F99A6DBB4D94F30505C913D0784F713E3C729F0E4C8A8C3001D11DDA50E6F2725C6BA1273C6149ABA0D53FB354902903915C2657CF5D6FC66AF37D10AAD741299FB491EE0A0AA4C22D6A675E7636BCEA21DCE171B541491983867674FDA3F5ADF82945B0768AF8C4F786CA4D058C3446233723C3C1280C2F43FA5B25A8522AD0C3BA15A55F14594B2C44CB509819ED6E0C0923E42AAC0477B6339F976F0F02F5995395F1C671096DE25300A0B0D90E32BC15C3C7072F9C6D1D42FB9CEB484F3A399676413C33BB28912C4B7B6FC353B6F47BC0AEF90D95E41595720753EB9066F618094D5D9F3810F9C7C88CEA62BA0837469AC4CFE0F9E35CAC512E04BF0E460999550DFCC6B8DED670F7AFAB394CBDD8157DFF50CCD0EBF95D2A7E8F01080428783AD9695565649A9F53D47A31A6999BC4211425C4D24953A9AA9CC167D40027E64F33E0271CE67AFEEB7A1C56499F8832B6368E449CF0FD07D9A2C76A6FCB16A9B1F8231F6DCB3577C03DE41A1705ECBD12C85718270297F1FAC8CA37E8606C9CD61701A2BDB3C94E3ECB58F86F4D11EC0F71A20BA5B8505E6C6D8FEF59DDAAC621E7C04529C35EEB0F6C2FEC824001540040A633B59683204855DC109F8ADBC09ED7B8B36607580B0560330A26DB76362C39E044EA8BB6DE238CB7732429FB1329EA8A2A45F76FA75745B9952B56D4B77DB039A44F80B2EBA6239FE7217F7DA12ADA10C6F42D71F547014051D53B82618A84996F06F078402BB1F0ECE899E1AA2D3E8E3EB2B5D456999D6904614D5DF1FB8E33BABA6078E74AEDAAAD0A0226620F5659374AB6CD89276B4AD1B38A5F7ACCC2D9E512A0282935B2E31835535C80D32615DE5C9915970C09FA168722A05A25D60AC3FFA142B23163E5178162EE0AE590B562282FAD9EAE5EE8781EA0DACA8931DA25A0F0065AAE5948FC34584600C"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-01-26 11:29:22
ComboFix-quarantined-files.txt 2011-01-26 11:29

Pre-Run: Volných bajtu: 46,496,153,600
Post-Run: Volných bajtu: 46,474,133,504

- - End Of File - - B6610068FE7FFBA9728D13B91BE28F2E

[motji]

Tuhle složku, co Ti smazal combofix, znáš?
c:\program files\filesubmit

[limcak1]

Neee nic mi to nerika! k cemu to bylo? Byl tam tedy nejaky problem?

[motji]

Combofix ji celou smazal, tak by mě zajímalo, jestli o ní víš, neměl jsi tam nějaké svoje soubory.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[limcak1]

No urcita ja tam nic neukladal a jestly se tam neco nainstalovalo to nevim i po smaani jde vse jak ma! dost casto neco stahuji a instaluji a mazu takze nemam moc prehled jinak bylo vse ok?

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Reglock
[HKEY_USERS\S-1-5-21-1630328902-3916507609-3807365351-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4A452909-FB5D-C674-43C9-315B1E998D82}*]
[HKEY_USERS\S-1-5-21-1630328902-3916507609-3807365351-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AC77D588-9A2A-C1D3-1614-851B09B2168C}*]

DDS::
uStart Page = hxxp://start.icq.com/

Firefox::
FF - ProfilePath - c:\users\Limcak\AppData\Roaming\Mozilla\Firefox\Profiles\vbackuia.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/sli ... pab&query=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci



Používáš proxy?
uInternet Settings,ProxyServer = http=41.234.204.32:8080


Tyto ulohy sis plánoval sám?
2010-09-13 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-09-13 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

[limcak1]

proxy jsem parkrat pouzil a to casovane vypnuti taky! nejak se mi do toho jiz nechce radeji vrtat pokud to neni nezbytne! vse fungovalo a funguje perfektne jen jsem se ptal preventivne! takze pokud tam neni vazny problem tema bych uzavrel! moc a moc dekuji!

[motji]

Ok

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?