spomalené PC + trojan,agent

[Stormhide]

přeji pěkný den, cca měsíc mám velmi spomalené PC, kaýdý týden po antivirové kontrole je tu pořád to samé (agent,trojan) i přes to že vše mažu, nemůžu se toho zbavit a prosím vás o pomoc.
------------------------------------------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by uživatel at 2011-06-03 16:55:40
Microsoft Windows 7 Home Premium Service Pack 2
System drive C: has 84 GB (36%) free of 231 GB
Total RAM: 3061 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:50, on 3.6.2011
Platform: Windows 7 SP2 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\daemon\DAEMON Tools Lite\DTLite.exe
C:\Users\uživatel\Program Files\DNA\btdna.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Users\uživatel\AppData\Roaming\uTorrent\utorrent.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\uživatel\Downloads\RSIT.exe
C:\Program Files\trend micro\uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: 88.103.146.133 wenever.servegame.com
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\daemon\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\uživatel\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-21-3670137199-2938631228-624182700-1014\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3670137199-2938631228-624182700-1014\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: {DLL_Str}
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: MySQL4 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: MySQL41 - Unknown owner - D:\MySQL\bin\mysqld-nt (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 12505 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\ctbr.dll [2011-04-01 1232520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-04-12 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-04-12 520192]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2011-04-01 1232520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-15 8120864]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-10 1578280]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UpdatePDRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-07-21 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-07-22 2176512]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\daemon\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-07-22 3037696]
"BitTorrent DNA"=C:\Users\uživatel\Program Files\DNA\btdna.exe [2010-03-07 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APLangApp]
C:\Program Files\AnyPC Client\APLangApp.exe [2009-11-20 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\uživatel\Program Files\DNA\btdna.exe [2010-03-07 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fsi]
C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe [2009-09-09 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-15 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\hry2\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2010-03-08 1217872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-12 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-10-02 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe /silent []

C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="{DLL_Str}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-06-03 16:55:40 ----D---- C:\rsit
2011-06-02 18:30:04 ----A---- C:\windows\War3Unin.pif
2011-06-02 18:30:04 ----A---- C:\windows\War3Unin.exe
2011-05-25 14:49:00 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-05-17 17:39:59 ----D---- C:\Users\uživatel\AppData\Roaming\Rovio
2011-05-15 12:59:28 ----A---- C:\windows\system32\poqexec.exe
2011-05-11 15:10:34 ----A---- C:\windows\system32\drivers\usbport.sys
2011-05-11 15:10:34 ----A---- C:\windows\system32\drivers\usbehci.sys
2011-05-11 15:10:33 ----A---- C:\windows\system32\drivers\usbhub.sys
2011-05-11 15:10:33 ----A---- C:\windows\system32\drivers\usbccgp.sys
2011-05-11 15:10:32 ----A---- C:\windows\system32\drivers\usbuhci.sys
2011-05-11 15:10:32 ----A---- C:\windows\system32\drivers\usbohci.sys
2011-05-11 15:10:32 ----A---- C:\windows\system32\drivers\usbd.sys
2011-05-11 15:10:28 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-05-11 15:10:27 ----A---- C:\windows\system32\ntoskrnl.exe
2011-05-10 15:04:15 ----D---- C:\ProgramData\NVIDIA Corporation
2011-05-10 15:01:15 ----A---- C:\windows\system32\OpenCL.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvwgf2um.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvoglv32.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvhdagenco322040.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvgenco322060.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvdispco3220140.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvd3dum.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvcuvid.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvcuvenc.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvcuda.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvcompiler.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\nvapi.dll
2011-05-10 15:01:15 ----A---- C:\windows\system32\drivers\nvlddmkm.sys

======List of files/folders modified in the last 1 months======

2011-06-03 16:55:50 ----D---- C:\windows\TEMP
2011-06-03 16:55:50 ----D---- C:\windows\Prefetch
2011-06-03 16:55:43 ----D---- C:\Program Files\trend micro
2011-06-03 16:55:28 ----D---- C:\Users\uživatel\AppData\Roaming\uTorrent
2011-06-03 16:50:30 ----D---- C:\Users\uživatel\AppData\Roaming\DNA
2011-06-03 16:46:46 ----D---- C:\Program Files\Crawler
2011-06-03 16:43:27 ----D---- C:\ProgramData\Spyware Terminator
2011-06-03 16:43:27 ----D---- C:\Program Files\Spyware Terminator
2011-06-03 16:43:26 ----SHD---- C:\windows\Installer
2011-06-03 16:43:13 ----SHD---- C:\System Volume Information
2011-06-03 14:51:43 ----D---- C:\windows\system32\config
2011-06-02 18:30:05 ----D---- C:\Windows
2011-05-30 23:49:11 ----D---- C:\Users\uživatel\AppData\Roaming\Mumble
2011-05-29 17:31:24 ----D---- C:\Program Files\WinClamAVShield
2011-05-27 17:21:47 ----D---- C:\windows\system32\catroot2
2011-05-26 23:45:41 ----D---- C:\windows\inf
2011-05-26 23:45:41 ----AD---- C:\windows\System32
2011-05-26 23:45:41 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-05-26 06:40:49 ----D---- C:\windows\system32\drivers
2011-05-26 06:40:45 ----D---- C:\windows\winsxs
2011-05-25 14:48:18 ----D---- C:\windows\system32\catroot
2011-05-20 23:44:02 ----D---- C:\windows\Microsoft.NET
2011-05-16 16:28:28 ----D---- C:\Users\uživatel\AppData\Roaming\Spyware Terminator
2011-05-12 18:34:13 ----D---- C:\windows\system32\DriverStore
2011-05-12 14:05:21 ----A---- C:\windows\system32\MRT.exe
2011-05-10 15:10:49 ----D---- C:\ProgramData\NVIDIA
2011-05-10 15:07:45 ----D---- C:\Program Files\NVIDIA Corporation
2011-05-10 15:06:07 ----RD---- C:\Users
2011-05-10 15:05:53 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-10 15:04:47 ----D---- C:\windows\Help
2011-05-10 15:04:15 ----D---- C:\ProgramData
2011-05-07 01:33:27 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-27 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-11-07 691696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-11-04 214664]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2010-07-22 142592]
R1 TsVp;TsVp; C:\windows\system32\DRIVERS\tsvp.sys [2007-01-19 27432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2010-02-18 281760]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2010-02-18 25888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2010-11-23 1249792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-12-15 2977248]
R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\windows\system32\drivers\nhcDriver.sys [2011-05-20 22528]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 550760]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 195944]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 21864]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-10 229424]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft; C:\windows\system32\DRIVERS\tscomm.sys [2008-11-12 39976]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-10-02 86056]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-08-29 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-08-29 18472]
S3 catchme;catchme; \??\C:\Users\UIVATE~1\AppData\Local\Temp\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\Users\UIVATE~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 CV2K1;CommView Network Monitor; C:\windows\system32\DRIVERS\cv2k1.sys [2009-06-17 19496]
S3 DrvAgent32;DrvAgent32; \??\C:\windows\system32\Drivers\DrvAgent32.sys [2010-03-25 23456]
S3 EagleNT;EagleNT; \??\C:\Users\UIVATE~1\AppData\Local\Temp\EagleNT.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-11-04 79816]
S3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-11-04 35272]
S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-11-04 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-11-04 40552]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 TsVlb;TsVlb; C:\windows\system32\DRIVERS\tsvlb.sys [2006-12-11 20264]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 595232]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-07-07 247152]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-07-22 488960]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-15 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 MySQL41;MySQL41; D:\MySQL\bin\mysqld-nt --defaults-file=D:\MySQL\my.ini MySQL41 []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-15 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe []
S3 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\Program Files\MySQL\MySQL Server 5.5\my.ini MySQL []
S3 MySQL4;MySQL4; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files\MySQL\MySQL Server 5.1\my.ini MySQL4 []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-04-03 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-02-16 75064]
S4 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2010-05-20 219128]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-03-08 332720]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Ve kterem souboru je havet hlasena

A jen takova mala technicka, windows mate legalni

[Stormhide]

je jich tu více, takže sem vytáhl log s antiviru, v tomto logu nešly odstranit díky právům adminitrátora které jsem zapoměl při kontrole zapnout :/
ano windows mám legální

Logfile of Spyware Terminator v2.7.2.125 (db:5.005.017.000)
Scan Time: 3.6.2011 15:18:33 length: 4709 s
Platform: W7 (6.1.0.7600)
User: Admin
Boot Mode: Normal
Scan type: Full_Virus__Spyware_Scan
Scanned Objects: 91316 (Critical:25)
Filter: No System items, No Safe items, No Invalid items

Running Processes
btwdins.exe [Broadcom Corporation.] : C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
OberonGameConsoleService.exe : C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
Rezip.exe : C:\windows\system32\Rezip.exe
RichVideo.exe : C:\Program Files\CyberLink\Shared files\RichVideo.exe
SeaPort.EXE [Microsoft Corporation] : C:\Program Files\Microsoft\BingBar\SeaPort.EXE
sftvsa.exe [Microsoft Corporation] : C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
WLIDSVC.EXE [Microsoft Corp.] : C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
sftlist.exe [Microsoft Corporation] : C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
WLIDSVCM.EXE [Microsoft Corp.] : C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
CVHSVC.EXE [Microsoft Corporation] : C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
WCScheduler.exe [SEC] : C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
dmhkcore.exe [Samsung Electronics Co., Ltd.] : C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
SSCKbdHk.exe [SAMSUNG Electronics] : C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
EasySpeedUpManager.exe [Samsung Electronics Co., Ltd.] : C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
APLanMgrC.exe [DoctorSoft] : C:\Program Files\AnyPC Client\APLanMgrC.exe
DTLite.exe [DT Soft Ltd] : C:\Program Files\daemon\DAEMON Tools Lite\DTLite.exe
btdna.exe [BitTorrent, Inc.] : C:\Users\uživatel\Program Files\DNA\btdna.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
nhc.exe [http://www.pbus-167.com] : C:\Program Files\Notebook Hardware Control\nhc.exe
utorrent.exe [BitTorrent, Inc.] : C:\Users\uživatel\AppData\Roaming\uTorrent\utorrent.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - [Microsoft Corporation] : C:\Program Files\Windows Live\Companion\companioncore.dll
02 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - [Microsoft Corporation.] : C:\Program Files\MICROSOFT\BINGBAR\BINGEXT.DLL
02 - BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - [Ask.com] : C:\Program Files\Ask.com\GenericAskToolbar.dll
02 - BHO: ToolBarButton Class - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: MenuItem3 Class - {CC963627-B1DC-40E0-B52A-CF21EE748449} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: MenuItem4 Class - {CC963627-B1DC-40E0-B52A-CF21EE748450} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: MenuItem2 Class - {CC963627-B1DC-40E0-B52A-CF21EE748451} - : C:\ProgramData\LangSoft\WebIE.dll
02 - BHO: MenuItem1 Class - {CC963627-B1DC-40E0-B52A-CF21EE748452} - : C:\ProgramData\LangSoft\WebIE.dll

Toolbars
03 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - : C:\ProgramData\LangSoft\WebIE.dll
03 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - : C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
03 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - [Microsoft Corporation.] : C:\Program Files\MICROSOFT\BINGBAR\BINGEXT.DLL
03 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - [Ask.com] : C:\Program Files\Ask.com\GenericAskToolbar.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DAEMON Tools Lite : [DT Soft Ltd] : C:\Program Files\daemon\DAEMON Tools Lite\DTLite.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BitTorrent DNA : [BitTorrent, Inc.] : C:\Users\uživatel\Program Files\DNA\btdna.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateLBPShortCut : [CyberLink Corp.] : C:\Program Files\CYBERLINK\LABELPRINT\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateP2GoShortCut : [CyberLink Corp.] : C:\Program Files\CYBERLINK\POWER2GO\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdatePDRShortCut : [CyberLink Corp.] : C:\Program Files\CYBERLINK\POWERDIRECTOR\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdatePPShortCut : [CyberLink Corp.] : C:\Program Files\CYBERLINK\POWERPRODUCER\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdatePSTShortCut : [CyberLink Corp.] : C:\Program Files\CYBERLINK\DVD SUITE\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UCam_Menu : [CyberLink Corp.] : C:\Program Files\CYBERLINK\YOUCAM\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NotebookHardwareControl : [http://www.pbus-167.com] : C:\Program Files\Notebook Hardware Control\nhc.exe

Shell Extensions
MF ADTS Property Handler - {80009818-f38f-4af1-87b5-eadab9433e58} - [Microsoft Corporation] : C:\windows\system32\mf.dll
Monitor Class - {7842554E-6BED-11D2-8CDB-B05550C10000} - [Broadcom Corporation.] : C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Microsoft OneNote Namespace Extension for Windows Desktop Search - {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
NVIDIA CPL Context Menu Extension - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} - [NVIDIA Corporation] : C:\windows\system32\nvshext.dll

Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.dll
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Album Download IE Asynchronous Pluggable Protocol Interface - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Services
23 - [Advanced Micro Devices] : C:\windows\system32\drivers\amdxata.sys
23 - [Atheros Communications, Inc.] : C:\windows\system32\DRIVERS\athr.sys
23 - : C:\windows\system32\DRIVERS\atksgt.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\bowser.sys
23 - [Broadcom Corporation.] : C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23 - [Microsoft Corporation] : C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
23 - [Microsoft Corporation] : C:\windows\system32\Drivers\dfsc.sys
23 - [Microsoft Corporation] : C:\windows\system32\drivers\discache.sys
23 - : C:\windows\system32\giveio.sys
23 - [Intel Corporation] : C:\windows\system32\DRIVERS\iaStor.sys
23 - [Realtek Semiconductor Corp.] : C:\windows\system32\drivers\RTKVHDA.sys
23 - : C:\windows\system32\DRIVERS\lirsgt.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\mssmbios.sys
23 - [pBUS-167 Software - http://www.pbus-167.com] : C:\windows\system32\drivers\nhcDriver.sys
23 - [NVIDIA Corporation] : C:\windows\system32\drivers\nvhda32v.sys
23 - : C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
23 - : C:\windows\system32\Rezip.exe
23 - : C:\Program Files\CyberLink\Shared files\RichVideo.exe
23 - [SAMSUNG ELECTRONICS] : C:\windows\system32\Drivers\SABI.sys
23 - [Microsoft Corporation] : C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\Sftfslh.sys
23 - [Microsoft Corporation] : C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\Sftplaylh.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\Sftredirlh.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\Sftvollh.sys
23 - [Microsoft Corporation] : C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
23 - [Windows (R) 2000 DDK provider] : C:\windows\system32\speedfan.sys
23 - : C:\windows\system32\Drivers\sptd.sys
23 - [Crawler.com] : C:\windows\system32\drivers\sp_rsdrv2.sys
23 - [Synaptics Incorporated] : C:\windows\system32\DRIVERS\SynTP.sys
23 - [TamoSoft] : C:\windows\system32\DRIVERS\tscomm.sys
23 - [TamoSoft] : C:\windows\system32\DRIVERS\tsvp.sys
23 - [Microsoft Corp.] : C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe

Threat Files
<GenericFF-1> : C:\Users\uživatel\Desktop\OpenOffice.org 3.3 (cs) Installation Files\redist\vcredist_x86.exe
<Trojan.GenericFF-1> : C:\Users\uživatel\Desktop\OpenOffice.org 3.3 (cs) Installation Files\redist\vcredist_x86.exe
<Tracking Flash Shared Objects> : C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
<Tracking Flash Shared Objects> : C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\wmtr.sol
<Tracking Flash Shared Objects> : C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\flash\memberchat333.swf\jasminmember01.sol
<Tracking Flash Shared Objects> : C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\flash\memberchat333.swf\jasmin_versio.sol
<Tracking Flash Shared Objects> : C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\members.livejasmin.com\wmtr.sol
<GenericFF-1> : C:\windows\system32\wscript.exe
<Trojan.GenericFF-1> : C:\windows\system32\wscript.exe
<Agent-204> : C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
<Trojan.Agent-204> : C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
<Heuristics.Broken.Executable> : C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\msenv.dll
<Heuristics.Broken.Executable> : C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\msenv.dll
<Heuristics.Broken.Executable> : C:\ProgramData\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
<Heuristics.Broken.Executable> : C:\ProgramData\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
<Heuristics.Broken.Executable> : C:\Users\All Users\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
<Heuristics.Broken.Executable> : C:\Users\All Users\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
<GenericFF-1> : C:\Users\uživatel\Downloads\vcredist_x86.exe
<Trojan.GenericFF-1> : C:\Users\uživatel\Downloads\vcredist_x86.exe
<Heuristics.Broken.Executable> : C:\windows\Installer\154411e3.msi
<Heuristics.Broken.Executable> : C:\windows\Installer\154411e3.msi
<Heuristics.Broken.Executable> : C:\windows\Installer\15441255.msi
<Heuristics.Broken.Executable> : C:\windows\Installer\15441255.msi
<GenericFF-1> : C:\windows\SoftwareDistribution\Download\2d3b3c9dfed8615caa39733eebcf61dda67201d9
<Trojan.GenericFF-1> : C:\windows\SoftwareDistribution\Download\2d3b3c9dfed8615caa39733eebcf61dda67201d9
<GenericFF-1> : C:\windows\SoftwareDistribution\Download\5c6af085c4fa9c1ecc0665d23827d145021824f4
<Trojan.GenericFF-1> : C:\windows\SoftwareDistribution\Download\5c6af085c4fa9c1ecc0665d23827d145021824f4
<GenericFF-1> : C:\windows\SoftwareDistribution\Download\aac73b03ccba0515e5fbbbdf634a081ff1cf2a2f
<Trojan.GenericFF-1> : C:\windows\SoftwareDistribution\Download\aac73b03ccba0515e5fbbbdf634a081ff1cf2a2f
<GenericFF-1> : C:\windows\SoftwareDistribution\Download\d1c8b46e7783bdb095f7139d1efc9cec3b7c8bd4
<Trojan.GenericFF-1> : C:\windows\SoftwareDistribution\Download\d1c8b46e7783bdb095f7139d1efc9cec3b7c8bd4
<GenericFF-1> : C:\windows\SoftwareDistribution\Download\Install\mpas-d_bd1.exe
<Trojan.GenericFF-1> : C:\windows\SoftwareDistribution\Download\Install\mpas-d_bd1.exe
<GenericFF-1> : C:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_483ea93961ad86ec\wscript.exe
<Trojan.GenericFF-1> : C:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_483ea93961ad86ec\wscript.exe
<GenericFF-1> : C:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.5570_none_80bb811d1e9a4ed2\vcomp90.dll
<Trojan.GenericFF-1> : C:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.5570_none_80bb811d1e9a4ed2\vcomp90.dll
<GenericFF-1> : d:\DATA\TC DB\SW\PULLING AND COMPILING\vcredist_x86.exe
<Trojan.GenericFF-1> : d:\DATA\TC DB\SW\PULLING AND COMPILING\vcredist_x86.exe

Advanced Files Report
%SYSDIR%\RtkAPO.dll [Realtek Semiconductor Corp.] [Realtek(r) LFX/GFX DSP component] MD5=B14257C47B3566BE739D1948FCBF63F0 SIZE=2796576
%PROGRAMFILES%\WIDCOMM\Bluetooth Software\btwdins.exe [Broadcom Corporation.] [Bluetooth Software] MD5=0E3EE2BC0EC56BFE869FCDE3E5806684 SIZE=595232
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=0D5ECAD48501A84C8C57FCF63C57DEBE SIZE=2034280
%SYSDIR%\NVSVCR.DLL [NVIDIA Corporation] [NVIDIA Driver Helper Service, Version 270.61] MD5=2C03877B14F1787740AA9A535E73D5AF SIZE=2582120
%PROGRAMFILES%\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [OberonGameConsoleService] MD5=B5D5DA8230D3D3525839D939A9196C3E SIZE=44312
%SYSDIR%\Rezip.exe MD5=F85AE59A52885F4B09AADAFB23001A3B SIZE=311296
%PROGRAMFILES%\CyberLink\Shared files\RichVideo.exe [RichVideo Module] MD5=7CCAEBCAB6FC1ED0206C07E083E79207 SIZE=247152
%PROGRAMFILES%\Microsoft\BingBar\SeaPort.EXE [Microsoft Corporation] [Bing Bar] MD5=CC781378E7EDA615D2CDCA3B17829FA4 SIZE=249648
%PROGRAMFILES%\Microsoft Application Virtualization Client\sftvsa.exe [Microsoft Corporation] [Microsoft Application Virtualization] MD5=EE28AEB3889A9CCA894626ECD1FB1C8B SIZE=209768
%COMMONFILES%\microsoft shared\Windows Live\WLIDSVC.EXE [Microsoft Corp.] [Microsoft® CoReXT] MD5=0A70F4022EC2E14C159EFC4F69AA2477 SIZE=1710464
%PROGRAMFILES%\Microsoft Application Virtualization Client\sftlist.exe [Microsoft Corporation] [Microsoft Application Virtualization] MD5=BAF282373E79D08CE9510AC8B5A1F41D SIZE=483688
%COMMONFILES%\microsoft shared\Windows Live\WLIDSVCM.EXE [Microsoft Corp.] [Microsoft® CoReXT] MD5=9C879E1C3B27085FB46EFECCD7120D51 SIZE=193408
%PROGRAMFILES%\WIDCOMM\Bluetooth Software\btncopy.dll [Broadcom Corporation.] [Bluetooth Software] MD5=24D9CDD6EC0664E1860EBFB61E6F25C0 SIZE=341280
%SYSDIR%\fms.dll [Windows (R) Codename Longhorn DDK provider] [Microsoft(R) Font Management Services] MD5=A80E96E4D060B4073785C6A80A9F070E SIZE=93696
%SYSDIR%\nvshext.dll [NVIDIA Corporation] [NVIDIA Shell Extensions] MD5=9C628A97AA51D0B843BBD7CD1E50C25A SIZE=66664
%COMMONFILES%\microsoft shared\Virtualization Handler\CVHSVC.EXE [Microsoft Corporation] [Microsoft Office 2010] MD5=61A86809B62769643892BC0812B204AA SIZE=821664
%SYSDIR%\SynCOM.dll [Synaptics Incorporated] [COM SDK] MD5=11C61DB20F1FE0F94DAA037B4E2AD9C6 SIZE=169256
%SYSDIR%\SynTPAPI.dll [Synaptics Incorporated] [Synaptics Pointing Device Driver] MD5=F68115348B4364A7E7877D1AE61487B0 SIZE=161064
%PROGRAMFILES%\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [SEC] [Samsung Recovery Solution 4] MD5=DCF9B84726D86735BD6664A705CA6F99 SIZE=2197608
%PROGRAMFILES%\Samsung\Easy Display Manager\dmhkcore.exe [Samsung Electronics Co., Ltd.] [Easy Display Manager] MD5=A46796CCF032D35720347262998D1F90 SIZE=835072
%PROGRAMFILES%\Samsung\Easy Display Manager\HookDllPS2.dll MD5=1498259FFF991A4135737080AA0679D1 SIZE=49152
%PROGRAMFILES%\Samsung\Easy Display Manager\SABI3.dll [SAMSUNG ELECTRONICS] [SABI3 Library For Windows7] MD5=845A13B2CEE718E81562FE94EE762D7D SIZE=27704
%PROGRAMFILES%\Samsung\Samsung Support Center\SSCKbdHk.exe [SAMSUNG Electronics] [SSCKbdHk.exe] MD5=8A0B0E4102C2CCA25DA3134FE12FCC3E SIZE=91136
%PROGRAMFILES%\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe [Samsung Electronics Co., Ltd.] [EasySpeedUpManager] MD5=E3735DC796E5183D63F35921B058934C SIZE=716800
%PROGRAMFILES%\SAMSUNG\EasySpeedUpManager\Sabi3.dll [SAMSUNG ELECTRONICS] [SABI3 Library For Windows7] MD5=845A13B2CEE718E81562FE94EE762D7D SIZE=27704
%PROGRAMFILES%\AnyPC Client\APLanMgrC.exe [DoctorSoft] [DoctorSoft AnyPC] MD5=DC4BBD0A16557EC21CCA97390DD8D561 SIZE=79360
%SYSDIR%\ElbyVCD.dll [Elaborate Bytes AG] [Elaborate Bytes VirtualCloneDrive] MD5=F6C729F5442742A15AB70BBCFAA9DFFC SIZE=134312
%SYSDIR%\ElbyCDIO.dll [Elaborate Bytes AG] [Elaborate Bytes CDRTools] MD5=82ACCD7A9DA7560282532CB883C8E2BD SIZE=89256
%PROGRAMFILES%\daemon\DAEMON Tools Lite\DTCommonRes.dll [DT Soft Ltd] [DAEMON Tools Lite] MD5=9385BD61B365DE7CF9AF3290B7D5A3B9 SIZE=1234240
%PROGRAMFILES%\daemon\DAEMON Tools Lite\DTLiteUI.dll [DT Soft Ltd] [DAEMON Tools Lite] MD5=87672FD8B10E0E3D6098799CAFF04C3D SIZE=419136
%PROGRAMFILES%\daemon\DAEMON Tools Lite\Engine.dll [DT Soft Ltd] [DAEMON Tools Lite] MD5=5716DD3DEC01F5D185A2EAC81D4078F3 SIZE=2217280
%PROGRAMFILES%\daemon\DAEMON Tools Lite\imgengine.dll [DT Soft Ltd.] [DAEMON Tools Image Engine] MD5=C6836EE046D2E383672DAF40694046F7 SIZE=295472
%SYSDIR%\easyUpdatusAPIU.dll [NVIDIA Corporation] [NVIDIA Update Components] MD5=08C448B781A91FD2A61D70AA2ACCF8B3 SIZE=580200
%SYSDIR%\Macromed\Flash\NPSWF32.dll [Adobe Systems, Inc.] [Shockwave Flash] MD5=5AACE82BCDB40634290930F93BE745B7 SIZE=6271136
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=77FBD400984CF72BA0FC4B3489D65F74 SIZE=1121280
%SystemDiskRoot%\?\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
%APPDATA%\uTorrent\utorrent.exe [BitTorrent, Inc.] [µTorrent] MD5=276AC7BAE1F596A3A1D4B6D43AEF099C SIZE=399736
%SYSDIR%\mf.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=0F0EE7DE3436E6F8F0E19DACAC7B5730 SIZE=3181568
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live? Photo Gallery] MD5=7253E4B62820F944DF0BF59C6BD216A0 SIZE=246640
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live? Photo Gallery] MD5=804B308D1E96A7305834AE2692010C6D SIZE=43376
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live? Photo Gallery] MD5=A00D5FBFABBF281FD059BB0CDA55B6E8 SIZE=131440
%PROGRAMFILES%\Microsoft Office\Office14\ONFILTER.DLL [Microsoft Corporation] [Microsoft OneNote] MD5=F9CCA77443DF0A9F79FC585C8D705D54 SIZE=1177968
%SYSDIR%\drivers\amdxata.sys [Advanced Micro Devices] [Storage Filter Driver] MD5=869E67D66BE326A5A9159FBA8746FA70 SIZE=22400
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\athr.sys [Atheros Communications, Inc.] [Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter] MD5=EE32C0A39B6D3D0834C4D46D8C45E1D0 SIZE=1249792
%SYSDIR%\DRIVERS\atksgt.sys MD5=F0D933B42CD0594048E4D5200AE9E417 SIZE=281760
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9A5C671B7FBAE4865149BB11F59B91B2 SIZE=69632
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=8E09E52EE2E3CEB199EF3DD99CF9E3FB SIZE=78336
%SYSDIR%\drivers\discache.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=1A050B0274BFB3890703D490F330C0DA SIZE=32256
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost.exe -k LocalServiceAndNoImpersonation
%SYSDIR%\giveio.sys MD5=77EBF3E9386DAA51551AF429052D88D0 SIZE=5248
%SYSDIR%\DRIVERS\iaStor.sys [Intel Corporation] [Intel Rapid Storage Technology driver] MD5=EB3A2C773E202CED30595BBFAD24FEBF SIZE=435736
%SYSDIR%\drivers\RTKVHDA.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver] MD5=96282FBCE4534C9BF147CFFE9E1FA8DB SIZE=2977248
%SYSDIR%\DRIVERS\lirsgt.sys MD5=F8A7212D0864EF5E9185FB95E6623F4D SIZE=25888
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=E593D45024A3FDD11E93CC4A6CA91101 SIZE=221696
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=FC6B9FF600CC585EA38B12589BD4E246 SIZE=28240
%SYSDIR%\drivers\nhcDriver.sys [pBUS-167 Software - http://www.pbus-167.com] [Notebook Hardware Control Driver] MD5=37260A293B6A89373AE76791E6CC5A12 SIZE=22528
%SYSDIR%\drivers\nvhda32v.sys [NVIDIA Corporation] [NVIDIA HDMI Audio Driver] MD5=96C27791D5AE5C77E37C61B15112E38D SIZE=139368
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%SYSDIR%\svchost.exe -k RPCSS
%SYSDIR%\Drivers\SABI.sys [SAMSUNG ELECTRONICS] [SAMSUNG Kernel Driver] MD5=6E5FBB7CBAEC47038B945D5E9B144A64 SIZE=10752
%SYSDIR%\svchost.exe -k SDRSVC
%SYSDIR%\DRIVERS\Sftfslh.sys [Microsoft Corporation] [Microsoft Application Virtualization] MD5=74744F4D9EB18DDD0EB45E03CFDD648E SIZE=550760
%SYSDIR%\DRIVERS\Sftplaylh.sys [Microsoft Corporation] [Microsoft Application Virtualization] MD5=CBC5BE6F81E86CC73656E61767002DA9 SIZE=195944
%SYSDIR%\DRIVERS\Sftredirlh.sys [Microsoft Corporation] [Microsoft Application Virtualization] MD5=961E50666E6D6949328B1FFBC33ADF43 SIZE=21864
%SYSDIR%\DRIVERS\Sftvollh.sys [Microsoft Corporation] [Microsoft Application Virtualization] MD5=C8C02C8FE267751EC62B7E7D8D214C63 SIZE=19304
%SYSDIR%\speedfan.sys [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=5D6401DB90EC81B71F8E2C5C8F0FEF23 SIZE=5248
%SYSDIR%\Drivers\sptd.sys SIZE=691696
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\SynTP.sys [Synaptics Incorporated] [Synaptics Pointing Device Driver] MD5=215A45246C6E2D0A9C263CE1786C8D8A SIZE=229424
%SYSDIR%\DRIVERS\tscomm.sys [TamoSoft] [CommStudio Driver] MD5=E1713EABB789C3589CD42B388CF9076B SIZE=39976
%SYSDIR%\DRIVERS\tsvp.sys [TamoSoft] [CommView Pid Driver for Vista x86] MD5=833DBB70A87EC70F19746D27769AF342 SIZE=27432
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=128DD9AF8640DBCC711940903C8B554F SIZE=297808
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=C91C67FEA06BD90AAF2AA00BFC74A035 SIZE=65912
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=672B6A8E901F95CAC1A8F978EFA36A71 SIZE=740864
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=6D84295FAC747D51FA287BC17DA2C9EE SIZE=741240
%PROGRAMFILES%\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [Microsoft Corporation] [Windows Live? Photo Gallery] MD5=DF07358FDA177F70DE329D627D838F95 SIZE=42864

End of Report


Průběh přesouvání do karantény:

Příprava struktur
Vytváření bodu pro obnovu systému
Přesunout do Karantény GenericFF-1
Přesunutý soubor: C:\Users\uživatel\Desktop\OpenOffice.org 3.3 (cs) Installation Files\redist\vcredist_x86.exe
Přesun souboru selhal (User Access Denied) : C:\windows\system32\wscript.exe
Mazání souboru selhalo: C:\windows\system32\wscript.exe
Přesunutý soubor: c:\Users\uživatel\Downloads\vcredist_x86.exe
Přesunutý soubor: c:\Windows\SoftwareDistribution\Download\2d3b3c9dfed8615caa39733eebcf61dda67201d9
Přesunutý soubor: c:\Windows\SoftwareDistribution\Download\5c6af085c4fa9c1ecc0665d23827d145021824f4
Přesunutý soubor: c:\Windows\SoftwareDistribution\Download\aac73b03ccba0515e5fbbbdf634a081ff1cf2a2f
Přesunutý soubor: c:\Windows\SoftwareDistribution\Download\d1c8b46e7783bdb095f7139d1efc9cec3b7c8bd4
Přesunutý soubor: c:\Windows\SoftwareDistribution\Download\Install\mpas-d_bd1.exe
Přesun souboru selhal (User Access Denied) : c:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_483ea93961ad86ec\wscript.exe
Mazání souboru selhalo: c:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_483ea93961ad86ec\wscript.exe
Přesunutý soubor: c:\Windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.5570_none_80bb811d1e9a4ed2\vcomp90.dll
Přesunutý soubor: d:\DATA\TC DB\SW\PULLING AND COMPILING\vcredist_x86.exe
Přesunout do Karantény Agent-204
Přesunutý soubor: c:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
Přesunout do Karantény Heuristics.Broken.Executable
Přesunutý soubor: c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\msenv.dll
Přesunutý soubor: c:\ProgramData\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
Soubor vybraný k přesunu neexistuje: c:\Users\All Users\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
Přesunutý soubor: c:\Windows\Installer\154411e3.msi
Přesunutý soubor: c:\Windows\Installer\15441255.msi
Přesunout do Karantény Tracking Flash Shared Objects
Přesunutý soubor: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
Přesunutý soubor: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\wmtr.sol
Přesunutý soubor: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\flash\memberchat333.swf\jasminmember01.sol
Přesunutý soubor: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com\flash\memberchat333.swf\jasmin_versio.sol
Přesunutý soubor: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\members.livejasmin.com\wmtr.sol
Odstraněný adresář: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\go.eu.bbelements.com
Odstraněný adresář: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\img.livejasmin.com
Odstraněný adresář: C:\Users\uživatel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YTEKW2NT\members.livejasmin.com
Zavírání bodu pro obnovu systému
Hotovo

[vyosek]

Jak moc touzite zustat u McAfee Neni to zrovan TOP antivir a jsou zde i lepsi a zadarmo - Avast, Avira

Jeho vypis podezrelych me teda nechame zcela klidnym a spise to povazuji za falesne detekce

[Stormhide]

McAfee nepoužívám a v PC už ani není , delší dobu mám jen Spyware Terminator v2.7.2.125

[MPu 3000]

Omlouvám se za vstup, ale
-Spyware Terminator a jeho antivirus nepatří mezi doporučené, raději přejděte na Avast či jiné free řešení

[vyosek]

Presne jak rika kolega, doporucuji kombinaci Avast+SuperAntiSpyware

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[Stormhide]

provedl jsem kontrolu 2x, obě dopadly následovně:


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 6766

Windows 6.1.7600 Service Pack 2
Internet Explorer 8.0.7600.16385

4.6.2011 0:24:51
mbam-log-2011-06-04 (00-24-48).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 414133
Uplynulý čas: 1 hodin, 9 minut, 20 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 5
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

[vyosek]

Nalezy MBAMu smazte...

Napiste jak se chova PC

[Stormhide]

havěť smazána a je poznat že se PC zrychlylo ale díky tomu že se PC velmi přehřívá to půjde poznat později
ale to nic nemění na tom že havěť je pryč děkuji za pomoc

[vyosek]

Pokud se PC prehriva, tak zkontrolujte vetraky a vyduchy vzduchu zda-li nejsou zaneseny prachem

[Stormhide]

ono asi sou, ale mám ntb a je v záruce takže nemůžu nic než dát na reklamaci

[vyosek]

To by Vam meli uznat...Pokud se PC prehriva, tak to chce resit co nejdrive, jelikoz muze odejit nektera z HW komponent...