seká se myš a ujíždí do stran

[jarda.otta]

prosím o kontrolu logu.Ujíždí myš a seká se,musím jí vypnout a zapnout a nezobrazuje se po startu bios ale to nebude problém softu ale asi hardem.Děkuji za kontrolu.
Logfile of random's system information tool 1.08 (written by random/random)
Run by jaris at 2011-06-09 10:36:17
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 66 GB (22%) free of 297 GB
Total RAM: 2047 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:34, on 9.6.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
c:\YouTubeGet\YouTubeGet.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\jaris\Desktop\UTILITY\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\jaris.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ArcURLRecord.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-4261137129-1570092760-2788798787-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4261137129-1570092760-2788798787-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - Global Startup: Snagit 10.lnk = C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
O8 - Extra context menu item: &Download All with FlashGet - c:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - c:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Read EXIF - C:\Program Files\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9e9c6e1469ee0) (gupdate1c9e9c6e1469ee0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\Windows\System32\SUPDSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 12689 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-02-04 752744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~1\ArcSoft\VIDEOD~1\ArcURLRecord.dll [2009-11-24 158208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-01-14 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-09-11 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2011-04-01 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}]
Catcher Class - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll [2007-12-05 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
kikin Plugin - C:\Program Files\kikin\ie_kikin.dll [2010-11-23 919408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-09-11 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-01-14 798771]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13 206152]
{D4027C7F-154A-4066-A1AD-4243D8127440} -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-04-18 3460784]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-03-28 10029672]
"VX3000"=C:\Windows\vVX3000.exe [2007-04-10 709992]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"USB2Check"=C:\Windows\system32\PCLECoInst.dll [2007-02-20 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2011-01-19 353736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared files\brs.exe [2010-03-13 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2010-04-15 427328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-10-20 2192752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-11-25 54672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-04-01 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
C:\Windows\vVX3000.exe [2007-04-10 709992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
C:\Program Files\WebcamMax\WebcamMax.exe [2009-12-30 1561232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlogon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk]
C:\PROGRA~1\Codebox\BitMeter\BITMET~1.EXE [2008-10-11 1462272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AutoLyrix.lnk]
C:\PROGRA~1\AUTOLY~1\AUTOLY~1.EXE [2010-06-21 503808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Dancer.lnk]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 10.lnk - C:\Program Files\TechSmith\Snagit 10\Snagit32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fsproflt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=153
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"HonorAutoRunSetting"=0
"NoDrives"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-06-08 15:38:40 ----D---- C:\Users\jaris\AppData\Roaming\Xilisoft
2011-06-08 15:21:34 ----D---- C:\tmp
2011-06-08 14:58:47 ----D---- C:\Program Files\Common Files\Plasmoo
2011-06-08 14:58:43 ----D---- C:\Users\jaris\AppData\Roaming\DVDVideoSoft
2011-06-08 13:09:32 ----D---- C:\Program Files\FreeTime
2011-06-08 13:02:21 ----D---- C:\Program Files\SWF to MP3 Converter
2011-06-08 13:01:37 ----D---- C:\tmpDownload
2011-06-08 13:01:30 ----D---- C:\YouTubeGet
2011-06-08 12:50:54 ----A---- C:\Windows\MP32SWF.INI
2011-06-08 12:49:52 ----D---- C:\Program Files\HooTech
2011-06-08 12:33:02 ----A---- C:\Windows\system32\MPG4c32.dll
2011-06-08 12:32:59 ----D---- C:\Program Files\SourceTec
2011-06-08 12:22:11 ----D---- C:\Users\jaris\AppData\Roaming\Thinstall
2011-06-07 17:07:42 ----D---- C:\Windows\LastGood
2011-06-07 14:49:44 ----D---- C:\Program Files\Common Files\Skype
2011-06-07 14:49:36 ----RD---- C:\Program Files\Skype
2011-06-07 11:05:01 ----A---- C:\Windows\system32\OpenCL.dll
2011-06-07 11:05:01 ----A---- C:\Windows\system32\nvwgf2um.dll
2011-06-07 11:05:00 ----A---- C:\Windows\system32\nvgenco322090.dll
2011-06-07 11:05:00 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-06-07 11:04:59 ----A---- C:\Windows\system32\nvdispco3220150.dll
2011-06-07 11:04:59 ----A---- C:\Windows\system32\nvcuvid.dll
2011-06-07 11:04:59 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-06-07 11:04:59 ----A---- C:\Windows\system32\nvcuda.dll
2011-06-07 11:04:59 ----A---- C:\Windows\system32\nvcompiler.dll
2011-06-03 10:08:24 ----D---- C:\Users\jaris\AppData\Roaming\Jpeg Resampler
2011-05-31 17:55:14 ----A---- C:\Windows\system32\devil.dll
2011-05-31 17:55:12 ----A---- C:\Windows\system32\avisynth.dll
2011-05-31 17:55:11 ----D---- C:\Program Files\OJOsoft
2011-05-30 17:42:42 ----D---- C:\Program Files\Xara
2011-05-30 17:42:42 ----D---- C:\Program Files\Common Files\Xara
2011-05-30 17:07:29 ----D---- C:\ProgramData\Goland
2011-05-30 17:06:28 ----D---- C:\AudioDVDCreator_Temp
2011-05-30 15:27:27 ----A---- C:\Windows\AudioDVD.INI
2011-05-30 15:27:16 ----D---- C:\Program Files\Goland
2011-05-26 12:25:54 ----A---- C:\Windows\system32\PCLECoInst.dll
2011-05-26 12:25:54 ----A---- C:\Windows\system32\drivers\MarvinAVS.sys
2011-05-26 12:25:33 ----D---- C:\Program Files\Common Files\Pinnacle
2011-05-26 12:22:10 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2011-05-26 12:02:17 ----D---- C:\Program Files\Common Files\Pegasus Imaging
2011-05-26 12:02:15 ----D---- C:\ProgramData\Studio 15
2011-05-26 12:02:15 ----D---- C:\ProgramData\Pinnacle Studio Plus
2011-05-20 22:35:28 ----A---- C:\Windows\system32\nvStreaming.exe
2011-05-20 09:45:13 ----D---- C:\Users\jaris\AppData\Roaming\PhotoFiltre Studio X
2011-05-20 09:45:05 ----D---- C:\Program Files\PhotoFiltre Studio X
2011-05-14 11:01:21 ----A---- C:\Windows\ULEAD32.INI
2011-05-14 11:01:15 ----N---- C:\Windows\system32\ROBOEX32.DLL
2011-05-14 11:01:15 ----N---- C:\Windows\system32\INETWH32.dll
2011-05-14 11:01:15 ----D---- C:\Program Files\Ulead Systems
2011-05-14 11:00:55 ----D---- C:\Windows\Noslip
2011-05-14 09:46:24 ----D---- C:\Multimedia Files
2011-05-14 09:46:15 ----D---- C:\Program Files\Microsoft GIF Animator

======List of files/folders modified in the last 1 months======

2011-06-09 10:37:17 ----D---- C:\Windows\temp
2011-06-09 10:36:56 ----D---- C:\Windows\Prefetch
2011-06-09 10:36:47 ----D---- C:\Program Files\trend micro
2011-06-09 10:24:21 ----D---- C:\Users\jaris\AppData\Roaming\Skype
2011-06-09 09:37:07 ----D---- C:\Users\jaris\AppData\Roaming\SWF.max
2011-06-09 09:11:38 ----D---- C:\Users\jaris\AppData\Roaming\uTorrent
2011-06-09 08:03:38 ----D---- C:\Users\jaris\AppData\Roaming\skypePM
2011-06-09 03:24:33 ----SHD---- C:\System Volume Information
2011-06-08 15:37:14 ----AD---- C:\Windows\System32
2011-06-08 15:37:07 ----SHD---- C:\Windows\Installer
2011-06-08 15:35:57 ----D---- C:\Program Files\Xilisoft
2011-06-08 14:58:47 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-06-08 14:58:47 ----D---- C:\Program Files\Common Files
2011-06-08 14:58:41 ----D---- C:\Program Files\DVDVideoSoft
2011-06-08 13:09:32 ----RD---- C:\Program Files
2011-06-08 13:01:44 ----D---- C:\Users\jaris\AppData\Roaming\GetRightToGo
2011-06-08 12:52:11 ----A---- C:\Windows\NeroDigital.ini
2011-06-08 12:50:54 ----AD---- C:\Windows
2011-06-07 17:12:21 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-07 17:12:15 ----D---- C:\Windows\system32\catroot
2011-06-07 17:12:15 ----D---- C:\Windows\inf
2011-06-07 17:11:14 ----D---- C:\ProgramData\NVIDIA
2011-06-07 16:17:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-07 14:50:29 ----D---- C:\ProgramData\Skype Extras
2011-06-07 14:49:54 ----D---- C:\Windows\system32\Tasks
2011-06-07 14:49:35 ----D---- C:\ProgramData\Skype
2011-06-07 11:53:37 ----D---- C:\Windows\system32\catroot2
2011-06-07 11:08:19 ----D---- C:\Windows\system32\drivers
2011-06-06 18:31:58 ----D---- C:\Program Files\Google
2011-06-05 18:30:09 ----D---- C:\Users\jaris\AppData\Roaming\XnView
2011-06-02 11:36:18 ----D---- C:\Program Files\IrfanView
2011-05-31 17:55:14 ----D---- C:\Program Files\Common Files\Common Share
2011-05-30 17:44:56 ----RSD---- C:\Windows\Fonts
2011-05-30 17:43:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-30 17:07:29 ----D---- C:\ProgramData
2011-05-30 15:31:54 ----D---- C:\Users\jaris\AppData\Roaming\Vso
2011-05-27 09:49:37 ----D---- C:\Program Files\Zoner
2011-05-27 09:48:19 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-05-26 12:31:37 ----D---- C:\Program Files\LooksBuilderSE
2011-05-26 12:28:55 ----D---- C:\Program Files\Pinnacle
2011-05-26 12:20:31 ----D---- C:\ProgramData\Pinnacle
2011-05-26 12:20:10 ----D---- C:\Windows\winsxs
2011-05-26 09:05:40 ----D---- C:\Program Files\TapinRadio
2011-05-25 09:24:57 ----A---- C:\Windows\system32\nvvsvc.exe
2011-05-25 09:24:56 ----A---- C:\Windows\system32\nvsvcr.dll
2011-05-25 09:24:56 ----A---- C:\Windows\system32\nvsvc.dll
2011-05-25 09:24:54 ----A---- C:\Windows\system32\nvshext.dll
2011-05-25 09:24:53 ----A---- C:\Windows\system32\nvmctray.dll
2011-05-25 09:24:47 ----A---- C:\Windows\system32\nvcpl.dll
2011-05-25 09:24:45 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-05-25 09:24:44 ----A---- C:\Windows\system32\nvoglv32.dll
2011-05-25 09:24:42 ----A---- C:\Windows\system32\nvd3dum.dll
2011-05-25 09:24:40 ----A---- C:\Windows\system32\nvapi.dll
2011-05-19 16:30:31 ----D---- C:\Program Files\Boris FX, Inc
2011-05-19 16:15:00 ----A---- C:\Windows\Graffiti5.2Pin.ini
2011-05-18 16:27:21 ----D---- C:\ProgramData\Real
2011-05-18 16:27:15 ----D---- C:\Users\jaris\AppData\Roaming\Real
2011-05-16 16:02:19 ----D---- C:\Users\jaris\AppData\Roaming\LangSoft
2011-05-16 15:28:55 ----D---- C:\Windows\Debug
2011-05-16 15:28:38 ----N---- C:\Windows\system32\mrt.exe
2011-05-16 12:06:13 ----D---- C:\Program Files\rajce
2011-05-11 12:05:49 ----D---- C:\ProgramData\Microsoft Help
2011-05-11 12:05:05 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2006-07-05 59256]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-04-18 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-04-18 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-04-18 307288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-04-18 49240]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/23 15:55:08]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 87536]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-04-18 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-04-18 53592]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-04-06 3464104]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-12-20 20952]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2011-05-25 10589800]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-04-15 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2011-04-15 30088]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-29 197224]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2011-02-22 319592]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2007-04-10 1966696]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE; C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2010-10-23 36616]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-05-25 26736]
S3 FlyPCI;FlyPCI; \??\C:\Windows\system32\drivers\FlyPCI.sys [2003-10-10 4134]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2006-11-02 1302492]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB; C:\Windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 rockusb;Driver for rockusb Device; C:\Windows\system32\DRIVERS\rockusb.sys [2006-03-22 73984]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-08 64000]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-11-26 34384]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-04-18 42184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-12-13 135536]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9e9c6e1469ee0;Google Update Service (gupdate1c9e9c6e1469ee0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-26 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-03-16 132464]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-10-20 196928]
S4 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2010-10-20 67904]
S4 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2006-11-02 174656]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - Global Startup: Snagit 10.lnk = C:\Program Files\TechSmith\Snagit 10\Snagit32.exe

HJT najdeš zde :

C:\Program Files\trend micro\jaris.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Google Update Service (gupdate1c9e9c6e1469ee0)

Služba Google Update (gupdatem)

Google Updater Service (gusvc)

NBService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.


P.S. v mezičase zkus použít jinou myšku

[jarda.otta]

jen pro zajímavost.Program Snagit používám na snímání obrazovky i jako videa pro různé účely a používám ho dost často i jako na dělání návodů atd.Je nutné ho smazat nebo zablokovat?

[cernohous13]

jen pro zajímavost.Program Snagit používám na snímání obrazovky i jako videa pro různé účely a používám ho dost často i jako na dělání návodů atd.Je nutné ho smazat nebo zablokovat?

Zdravím, fixnutím ho jen odstraníš z automatického startu. Pokud jej potřebuješ, spustíš normálně třeba z plochy nebo z nabídky Start -> Programy ->
Pokud by ti to nevyhovovalo, můžeš ten řádek při fixnutí vynechat

A protože se jedná o soubor, který bývá napadán malware

Klikni na https://www.virustotal.com/cs/
klik "Procházet" > do zadávacího pole "Název souboru" jen zkopíruj:

C:\Program Files\TechSmith\Snagit 10\Snagit32.exe

"Send file" (pokud byl již testován, nech testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.
Pokud nebude nález stačí jen oznámit

[jarda.otta]

Na virustotal je vše ok.Soubor snagit32.exe je čistej.Chodím sem testovat dost často.
Teď udělám vaše přikazy z předchozí zprávy.

[Roli]

Teď udělám vaše přikazy z předchozí zprávy.

Jaké příkazy, tady nejsme v armádě

[jarda.otta]

sorry,teda rady........
sluba:Google Update Service (gupdate1c9e9c6e1469ee0) byla už zastavena a dal jsem zakázat spuštění. Je tam ještě jeden řádek:Google Updater Service ale o něm nepíšete. Z těch co jste napsal je tam jen ta služba:Google Update Service (gupdate1c9e9c6e1469ee0).teˇdám akorát ten combofix.

[Roli]

Všechny služby od Google zastav a zakaž.

[jarda.otta]

všechny jsem zakázal.a zde je log:
ComboFix 11-06-09.01 - jaris 09.06.2011 19:08:31.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.810 [GMT 2:00]
Spuštěný z: c:\users\jaris\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\audiograbber\audiograbber.exe
c:\users\jaris\AppData\Local\temp\nvSCPAPI.dll
c:\users\jaris\AppData\Roaming\MiniDm
c:\users\jaris\AppData\Roaming\MiniDm\conf.ini
c:\users\jaris\AppData\Roaming\MiniDm\history.dat
c:\windows\IsUn0405.exe
c:\youtubeget\YouTubeGet.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-09 do 2011-06-09 )))))))))))))))))))))))))))))))
.
.
2011-06-09 17:28 . 2011-06-09 17:29 -------- d-----w- c:\users\jaris\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\Krečmerová\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-09 17:28 . 2011-06-09 17:28 -------- d-----w- c:\users\beatles\AppData\Local\temp
2011-06-08 13:38 . 2011-06-08 13:38 -------- d-----w- c:\users\jaris\AppData\Roaming\Xilisoft
2011-06-08 13:21 . 2011-06-08 13:21 -------- d-----w- C:\tmp
2011-06-08 12:58 . 2011-06-08 12:58 -------- d-----w- c:\program files\Common Files\Plasmoo
2011-06-08 12:58 . 2011-06-08 12:58 -------- d-----w- c:\users\jaris\AppData\Roaming\DVDVideoSoft
2011-06-08 11:09 . 2011-06-08 11:09 -------- d-----w- c:\program files\FreeTime
2011-06-08 11:02 . 2011-06-08 11:02 -------- d-----w- c:\program files\SWF to MP3 Converter
2011-06-08 11:01 . 2011-06-09 17:27 -------- d-----w- C:\YouTubeGet
2011-06-08 10:49 . 2011-06-08 10:49 -------- d-----w- c:\program files\HooTech
2011-06-08 10:33 . 2007-02-05 10:00 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2011-06-08 10:33 . 2007-02-05 10:00 262144 ----a-w- c:\windows\system32\mpg4ds32.ax
2011-06-08 10:32 . 2011-06-08 10:32 -------- d-----w- c:\program files\SourceTec
2011-06-08 10:22 . 2011-06-08 10:22 -------- d-----w- c:\users\jaris\AppData\Roaming\Thinstall
2011-06-08 00:02 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBFD4D47-7871-420D-887F-41CC89136412}\mpengine.dll
2011-06-07 15:07 . 2011-06-07 15:12 -------- d-----w- c:\windows\LastGood
2011-06-07 12:49 . 2011-06-07 12:49 -------- d-----w- c:\program files\Common Files\Skype
2011-06-07 12:49 . 2011-06-07 12:49 -------- d-----r- c:\program files\Skype
2011-06-07 09:05 . 2011-05-25 07:24 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-06-07 09:05 . 2011-05-25 07:24 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-06-07 09:05 . 2011-05-25 07:24 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-07 09:05 . 2011-05-25 07:24 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-06-07 09:04 . 2011-05-25 07:24 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-07 09:04 . 2011-05-25 07:24 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-06-07 09:04 . 2011-05-25 07:24 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-06-07 09:04 . 2011-05-25 07:24 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-06-07 09:04 . 2011-05-25 07:24 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-06-03 08:08 . 2011-06-03 08:08 -------- d-----w- c:\users\jaris\AppData\Roaming\Jpeg Resampler
2011-05-31 15:55 . 2008-12-18 11:38 719872 ----a-w- c:\windows\system32\devil.dll
2011-05-31 15:55 . 2008-12-18 11:38 351744 ----a-w- c:\windows\system32\avisynth.dll
2011-05-31 15:55 . 2011-05-31 15:55 -------- d-----w- c:\program files\OJOsoft
2011-05-30 15:48 . 2011-05-30 15:48 -------- d-----w- c:\users\jaris\AppData\Local\Xara
2011-05-30 15:42 . 2011-05-30 15:44 -------- d-----w- c:\program files\Common Files\Xara
2011-05-30 15:42 . 2011-05-30 15:42 -------- d-----w- c:\program files\Xara
2011-05-30 15:35 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-05-30 15:35 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-05-30 15:35 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-05-30 15:35 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-05-30 15:35 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-05-30 15:35 . 2011-05-30 15:35 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-05-30 15:35 . 2011-05-30 15:35 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-05-30 15:07 . 2011-05-30 15:07 -------- d-----w- c:\programdata\Goland
2011-05-30 15:06 . 2011-05-30 15:06 -------- d-----w- C:\AudioDVDCreator_Temp
2011-05-30 13:27 . 2011-05-30 13:27 -------- d-----w- c:\program files\Goland
2011-05-26 11:18 . 2011-06-07 07:40 -------- d-----w- c:\users\jaris\AppData\Local\LooksBuilder
2011-05-26 10:25 . 2007-05-09 07:36 434176 ----a-w- c:\windows\system32\drivers\MarvinAVS.sys
2011-05-26 10:25 . 2007-02-20 11:09 81920 ----a-w- c:\windows\system32\PCLECoInst.dll
2011-05-26 10:25 . 2006-05-09 07:24 200704 ----a-w- c:\windows\system32\MarvinUsb.ax
2011-05-26 10:25 . 2011-05-26 10:25 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-05-26 10:22 . 2011-05-26 10:22 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\programdata\Studio 15
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\system32\nvStreaming.exe
2011-05-20 07:45 . 2011-05-20 07:46 -------- d-----w- c:\users\jaris\AppData\Roaming\PhotoFiltre Studio X
2011-05-20 07:45 . 2011-05-20 07:47 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-05-16 13:31 . 2011-05-16 13:31 -------- d-----w- c:\users\jaris\AppData\Local\{AEDF33DE-2E23-42D8-8033-E9BD20CF0AA8}
2011-05-14 09:01 . 2011-05-14 09:01 -------- d-----w- c:\program files\Ulead Systems
2011-05-14 09:01 . 1999-10-15 10:50 1056768 ------w- c:\windows\system32\ROBOEX32.DLL
2011-05-14 09:01 . 1999-01-28 13:44 49152 ------w- c:\windows\system32\INETWH32.dll
2011-05-14 09:00 . 2011-05-14 09:00 -------- d-----w- c:\windows\Noslip
2011-05-14 07:46 . 2011-05-14 07:46 -------- d-----w- C:\Multimedia Files
2011-05-14 07:46 . 2011-05-14 07:46 -------- d-----w- c:\program files\Microsoft GIF Animator
2011-05-14 00:25 . 2011-05-14 00:26 -------- d-----w- c:\users\jaris\AppData\Local\{3FD32327-77B7-4C38-936D-1E222C6C5BE3}
2011-05-10 22:06 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 07:24 . 2011-04-07 20:43 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:24 . 2011-04-07 20:43 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:24 . 2011-04-07 20:43 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-25 07:24 . 2011-02-23 00:38 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:24 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:24 . 2011-04-07 20:43 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:24 . 2011-04-07 20:43 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-25 07:24 . 2011-05-08 11:02 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-25 07:24 . 2010-07-10 03:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-25 07:24 . 2011-06-07 09:04 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-25 07:24 . 2011-03-23 09:45 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-08 10:47 . 2011-04-19 18:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-05-04 15:17 . 2011-05-04 15:07 7687634946 ----a-w- c:\windows\hkcrRT.reg
2011-05-04 15:10 . 2011-05-04 15:07 17863489 ----a-w- c:\windows\REGBK01.ZIP
2011-04-18 17:25 . 2011-05-05 10:36 40112 ----a-w- c:\windows\avastSS.scr
2011-04-18 17:25 . 2011-05-05 10:36 199304 ------w- c:\windows\system32\aswBoot.exe
2011-04-18 17:17 . 2011-05-05 10:36 441176 ------w- c:\windows\system32\drivers\aswSnx.sys
2011-04-18 17:17 . 2011-05-05 10:36 307288 ------w- c:\windows\system32\drivers\aswSP.sys
2011-04-18 17:16 . 2011-05-05 10:36 49240 ------w- c:\windows\system32\drivers\aswTdi.sys
2011-04-18 17:13 . 2011-05-05 10:36 25432 ------w- c:\windows\system32\drivers\aswRdr.sys
2011-04-18 17:13 . 2011-05-05 10:36 53592 ------w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-18 17:12 . 2011-05-05 10:36 19544 ------w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-15 18:15 . 2011-04-15 18:15 30088 ------w- c:\windows\system32\drivers\point32k.sys
2011-04-15 14:00 . 2011-04-19 19:22 53248 ------w- c:\windows\system32\CSVer.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ------w- c:\windows\system32\GPhotos.scr
2011-04-08 05:14 . 2011-05-08 11:02 944232 ------w- c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14 . 2011-05-08 11:02 855656 ------w- c:\windows\system32\nvgenco322060.dll
2011-04-07 07:51 . 2011-04-07 07:51 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-07 07:51 . 2011-04-07 07:51 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-07 07:51 . 2011-04-07 07:51 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-07 07:51 . 2011-04-07 07:51 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-07 07:51 . 2011-04-07 07:51 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-07 07:51 . 2011-04-07 07:51 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-07 07:51 . 2011-04-07 07:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-07 07:51 . 2011-04-07 07:51 367104 ----a-w- c:\windows\system32\html.iec
2011-04-07 07:51 . 2011-04-07 07:51 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-07 07:51 . 2011-04-07 07:51 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-07 07:51 . 2011-04-07 07:51 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-07 07:51 . 2011-04-07 07:51 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-07 07:51 . 2011-04-07 07:51 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-07 07:51 . 2011-04-07 07:51 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-07 07:51 . 2011-04-07 07:51 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-07 07:51 . 2011-04-07 07:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-07 07:51 . 2011-04-07 07:51 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-07 07:51 . 2011-04-07 07:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-07 07:51 . 2011-04-07 07:51 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-07 07:51 . 2011-04-07 07:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-07 07:51 . 2011-04-07 07:51 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-06 13:33 . 2011-04-19 18:18 3464104 ------w- c:\windows\system32\drivers\RTKVHDA.sys
2011-04-06 08:15 . 2011-04-19 18:18 952320 ------w- c:\windows\system32\RCoRes.dat
2011-04-01 19:13 . 2009-03-11 22:30 348160 ------w- c:\windows\system32\msvcr71.dll
2011-03-31 14:49 . 2011-04-19 18:18 2160744 ------w- c:\windows\system32\RtkPgExt.dll
2011-03-31 14:49 . 2011-04-19 18:18 4105832 ------w- c:\windows\system32\RtkAPO.dll
2011-03-27 00:27 . 2010-04-16 16:03 472808 ------w- c:\windows\system32\deployJava1.dll
2011-03-24 14:03 . 2011-04-19 18:18 70248 ------w- c:\windows\system32\RtkCoInst.dll
2011-03-21 09:34 . 2011-03-21 09:34 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-17 01:20 . 2011-03-17 01:16 17063974 ----a-w- c:\windows\REGBK00.ZIP
2011-03-15 13:32 . 2011-04-19 18:18 485992 ------w- c:\windows\system32\RtkApoApi.dll
2011-03-14 12:40 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-12 21:55 . 2011-04-28 01:04 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2005-10-18 11:12 . 2010-01-13 08:52 5545203 ----a-w- c:\program files\ffdemo30.exe
2002-07-28 22:40 . 2007-05-22 15:20 1059840 ----a-w- c:\program files\DS_Bonus_Plugin.8bf
2001-09-28 16:00 . 2009-06-19 23:19 243200 ----a-w- c:\program files\UNWISE.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-01-19 353736]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-05-26 15147400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-03-28 10029672]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
.
c:\users\Kreźmerov \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk]
backup=c:\windows\pss\Bitmeter2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AutoLyrix.lnk]
backup=c:\windows\pss\AutoLyrix.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Dancer.lnk]
backup=c:\windows\pss\MP3 Dancer.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlogon
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-07-29 00:25 497648 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 10:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2010-04-15 08:17 427328 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-07-25 14:55 1043968 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-12-13 12:37 135536 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-10-20 13:32 2192752 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2009-11-25 19:42 54672 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-04-01 19:33 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2007-04-10 21:46 709992 ----a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
2009-12-30 21:50 1561232 ----a-w- c:\program files\WebcamMax\WebcamMax.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-05-24 26736]
R3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2003-10-10 4134]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 rockusb;Driver for rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [2006-03-22 73984]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-03-16 132464]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 gupdate1c9e9c6e1469ee0;Google Update Service (gupdate1c9e9c6e1469ee0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-10-20 196928]
R4 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-20 67904]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/23 15:55];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-04-18 53592]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 197224]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - GUPDATE1C9E9C6E1469EE0
*NewlyCreated* - GUSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-07 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-03-29 11:24]
.
2011-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]
.
2011-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Add animation to IncrediMail Style Box
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Read EXIF - c:\program files\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\jaris\AppData\Roaming\Mozilla\Firefox\Profiles\jgh0lzvb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Element Hiding Helper for Adblock Plus: elemhidehelper@adblockplus.org - %profile%\extensions\elemhidehelper@adblockplus.org
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FEBE: {4BBDD651-70CF-4821-84F8-2B918CF89CA3} - %profile%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - Ext: Walnut for Firefox: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} - %profile%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: ArcSoft Video Downloader Extension: {B728AB94-9BC7-49b7-B76A-422BB31B2FD0} - c:\program files\ArcSoft\Video Downloader\Plugin_FireFox
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord\firefox\ext
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-09 19:29
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-06-09 19:39:00
ComboFix-quarantined-files.txt 2011-06-09 17:38
.
Před spuštěním: Volných bajtů: 73 620 676 608
Po spuštění: Volných bajtů: 73 545 375 744
.
Current=1 Default=1 Failed=2 LastKnownGood=3 Sets=1,2,3,4
- - End Of File - - 4AD8DB79CCC965BEB15A170B69ACD861

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::  
c:\program files\Spybot - Search & Destroy

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[jarda.otta]

zde combofix.
ComboFix 11-06-09.06 - jaris 10.06.2011 9:37.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.846 [GMT 2:00]
Spuštěný z: c:\users\jaris\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jaris\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\BRUVBIGDKWXZJOF.scr
c:\program files\Spybot - Search & Destroy\CVIMBZNBC.scr
c:\program files\Spybot - Search & Destroy\DelZip179.dll
c:\program files\Spybot - Search & Destroy\DIWANLQGRDEAWS.scr
c:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.Resident.chm
c:\program files\Spybot - Search & Destroy\Help\English.chm
c:\program files\Spybot - Search & Destroy\Help\English.license.txt
c:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files\Spybot - Search & Destroy\Includes\AdvWhite.sbs
c:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Beta.sbi
c:\program files\Spybot - Search & Destroy\Includes\Beta.uti
c:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\HintOfTheDay.sbs
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files\Spybot - Search & Destroy\Includes\RegDFLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files\Spybot - Search & Destroy\KZRNYYPZMYFY.scr
c:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files\Spybot - Search & Destroy\Languages\English.sbl
c:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files\Spybot - Search & Destroy\SDFiles.exe
c:\program files\Spybot - Search & Destroy\SDMain.exe
c:\program files\Spybot - Search & Destroy\SDShred.exe
c:\program files\Spybot - Search & Destroy\SDUpdate.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
c:\program files\Spybot - Search & Destroy\sqlite3.dll
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\Spybot - Search & Destroy\unins001.dat
c:\program files\Spybot - Search & Destroy\unins001.exe
c:\program files\Spybot - Search & Destroy\unins001.msg
c:\program files\Spybot - Search & Destroy\UninsSrv.dll
c:\program files\Spybot - Search & Destroy\Updates\advcheck163.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck163.zip
c:\program files\Spybot - Search & Destroy\Updates\advcheck164.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck164.zip
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.zip
c:\program files\Spybot - Search & Destroy\Updates\clsid.zip
c:\program files\Spybot - Search & Destroy\Updates\desc.english.zip
c:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files\Spybot - Search & Destroy\Updates\help.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\help.english.zip
c:\program files\Spybot - Search & Destroy\Updates\helpres.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.dialer.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.hijackers.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.keyloggers.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.malware.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.pups.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.security.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.spybots.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.trojans.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.zip
c:\program files\Spybot - Search & Destroy\Updates\includesb.zip
c:\program files\Spybot - Search & Destroy\Updates\install-advcheck164.ini
c:\program files\Spybot - Search & Destroy\Updates\install-advcheck165.ini
c:\program files\Spybot - Search & Destroy\Updates\install-sdh161.ini
c:\program files\Spybot - Search & Destroy\Updates\install-tools216.ini
c:\program files\Spybot - Search & Destroy\Updates\install-tt166.ini
c:\program files\Spybot - Search & Destroy\Updates\lang.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\online.ini
c:\program files\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\program files\Spybot - Search & Destroy\Updates\sdhelper161.exe
c:\program files\Spybot - Search & Destroy\Updates\sdhelper161.zip
c:\program files\Spybot - Search & Destroy\Updates\startup.zip
c:\program files\Spybot - Search & Destroy\Updates\supplemental.zip
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.exe
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.zip
c:\program files\Spybot - Search & Destroy\Updates\tools216.exe
c:\program files\Spybot - Search & Destroy\Updates\tools216.zip
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy11_!Windows!System32!userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-10 do 2011-06-10 )))))))))))))))))))))))))))))))
.
.
2011-06-10 07:59 . 2011-06-10 08:10 -------- d-----w- c:\users\jaris\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\Krečmerová\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-10 07:59 . 2011-06-10 07:59 -------- d-----w- c:\users\beatles\AppData\Local\temp
2011-06-10 07:27 . 2011-06-10 07:31 -------- d-----w- C:\32788R22FWJFW
2011-06-08 13:38 . 2011-06-08 13:38 -------- d-----w- c:\users\jaris\AppData\Roaming\Xilisoft
2011-06-08 13:21 . 2011-06-08 13:21 -------- d-----w- C:\tmp
2011-06-08 12:58 . 2011-06-08 12:58 -------- d-----w- c:\program files\Common Files\Plasmoo
2011-06-08 12:58 . 2011-06-08 12:58 -------- d-----w- c:\users\jaris\AppData\Roaming\DVDVideoSoft
2011-06-08 11:09 . 2011-06-08 11:09 -------- d-----w- c:\program files\FreeTime
2011-06-08 11:02 . 2011-06-08 11:02 -------- d-----w- c:\program files\SWF to MP3 Converter
2011-06-08 11:01 . 2011-06-09 17:27 -------- d-----w- C:\YouTubeGet
2011-06-08 10:49 . 2011-06-08 10:49 -------- d-----w- c:\program files\HooTech
2011-06-08 10:33 . 2007-02-05 10:00 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2011-06-08 10:33 . 2007-02-05 10:00 262144 ----a-w- c:\windows\system32\mpg4ds32.ax
2011-06-08 10:32 . 2011-06-08 10:32 -------- d-----w- c:\program files\SourceTec
2011-06-08 10:22 . 2011-06-08 10:22 -------- d-----w- c:\users\jaris\AppData\Roaming\Thinstall
2011-06-08 00:02 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBFD4D47-7871-420D-887F-41CC89136412}\mpengine.dll
2011-06-07 12:49 . 2011-06-07 12:49 -------- d-----w- c:\program files\Common Files\Skype
2011-06-07 12:49 . 2011-06-07 12:49 -------- d-----r- c:\program files\Skype
2011-06-07 09:05 . 2011-05-25 07:24 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-06-07 09:05 . 2011-05-25 07:24 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-06-07 09:05 . 2011-05-25 07:24 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-07 09:05 . 2011-05-25 07:24 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-06-07 09:04 . 2011-05-25 07:24 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-07 09:04 . 2011-05-25 07:24 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-06-07 09:04 . 2011-05-25 07:24 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-06-07 09:04 . 2011-05-25 07:24 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-06-07 09:04 . 2011-05-25 07:24 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-06-03 08:08 . 2011-06-03 08:08 -------- d-----w- c:\users\jaris\AppData\Roaming\Jpeg Resampler
2011-05-31 15:55 . 2008-12-18 11:38 719872 ----a-w- c:\windows\system32\devil.dll
2011-05-31 15:55 . 2008-12-18 11:38 351744 ----a-w- c:\windows\system32\avisynth.dll
2011-05-31 15:55 . 2011-05-31 15:55 -------- d-----w- c:\program files\OJOsoft
2011-05-30 15:48 . 2011-05-30 15:48 -------- d-----w- c:\users\jaris\AppData\Local\Xara
2011-05-30 15:42 . 2011-05-30 15:44 -------- d-----w- c:\program files\Common Files\Xara
2011-05-30 15:42 . 2011-05-30 15:42 -------- d-----w- c:\program files\Xara
2011-05-30 15:35 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-05-30 15:35 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-05-30 15:35 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-05-30 15:35 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-05-30 15:35 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-05-30 15:35 . 2011-05-30 15:35 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-05-30 15:35 . 2011-05-30 15:35 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-05-30 15:07 . 2011-05-30 15:07 -------- d-----w- c:\programdata\Goland
2011-05-30 15:06 . 2011-05-30 15:06 -------- d-----w- C:\AudioDVDCreator_Temp
2011-05-30 13:27 . 2011-05-30 13:27 -------- d-----w- c:\program files\Goland
2011-05-26 11:18 . 2011-06-07 07:40 -------- d-----w- c:\users\jaris\AppData\Local\LooksBuilder
2011-05-26 10:25 . 2007-05-09 07:36 434176 ----a-w- c:\windows\system32\drivers\MarvinAVS.sys
2011-05-26 10:25 . 2007-02-20 11:09 81920 ----a-w- c:\windows\system32\PCLECoInst.dll
2011-05-26 10:25 . 2006-05-09 07:24 200704 ----a-w- c:\windows\system32\MarvinUsb.ax
2011-05-26 10:25 . 2011-05-26 10:25 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-05-26 10:22 . 2011-05-26 10:22 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\programdata\Studio 15
2011-05-26 10:02 . 2011-05-26 10:02 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\system32\nvStreaming.exe
2011-05-20 07:45 . 2011-05-20 07:46 -------- d-----w- c:\users\jaris\AppData\Roaming\PhotoFiltre Studio X
2011-05-20 07:45 . 2011-05-20 07:47 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-05-16 13:31 . 2011-05-16 13:31 -------- d-----w- c:\users\jaris\AppData\Local\{AEDF33DE-2E23-42D8-8033-E9BD20CF0AA8}
2011-05-14 09:01 . 2011-05-14 09:01 -------- d-----w- c:\program files\Ulead Systems
2011-05-14 09:01 . 1999-10-15 10:50 1056768 ------w- c:\windows\system32\ROBOEX32.DLL
2011-05-14 09:01 . 1999-01-28 13:44 49152 ------w- c:\windows\system32\INETWH32.dll
2011-05-14 09:00 . 2011-05-14 09:00 -------- d-----w- c:\windows\Noslip
2011-05-14 07:46 . 2011-05-14 07:46 -------- d-----w- C:\Multimedia Files
2011-05-14 07:46 . 2011-05-14 07:46 -------- d-----w- c:\program files\Microsoft GIF Animator
2011-05-14 00:25 . 2011-05-14 00:26 -------- d-----w- c:\users\jaris\AppData\Local\{3FD32327-77B7-4C38-936D-1E222C6C5BE3}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 07:24 . 2011-04-07 20:43 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:24 . 2011-04-07 20:43 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:24 . 2011-04-07 20:43 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-25 07:24 . 2011-02-23 00:38 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:24 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:24 . 2011-04-07 20:43 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:24 . 2011-04-07 20:43 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-25 07:24 . 2011-05-08 11:02 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-25 07:24 . 2010-07-10 03:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-25 07:24 . 2011-06-07 09:04 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-25 07:24 . 2011-03-23 09:45 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-08 10:47 . 2011-04-19 18:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-05-04 15:17 . 2011-05-04 15:07 7687634946 ----a-w- c:\windows\hkcrRT.reg
2011-05-04 15:10 . 2011-05-04 15:07 17863489 ----a-w- c:\windows\REGBK01.ZIP
2011-04-18 17:25 . 2011-05-05 10:36 40112 ----a-w- c:\windows\avastSS.scr
2011-04-18 17:25 . 2011-05-05 10:36 199304 ------w- c:\windows\system32\aswBoot.exe
2011-04-18 17:17 . 2011-05-05 10:36 441176 ------w- c:\windows\system32\drivers\aswSnx.sys
2011-04-18 17:17 . 2011-05-05 10:36 307288 ------w- c:\windows\system32\drivers\aswSP.sys
2011-04-18 17:16 . 2011-05-05 10:36 49240 ------w- c:\windows\system32\drivers\aswTdi.sys
2011-04-18 17:13 . 2011-05-05 10:36 25432 ------w- c:\windows\system32\drivers\aswRdr.sys
2011-04-18 17:13 . 2011-05-05 10:36 53592 ------w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-18 17:12 . 2011-05-05 10:36 19544 ------w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-15 18:15 . 2011-04-15 18:15 30088 ------w- c:\windows\system32\drivers\point32k.sys
2011-04-15 14:00 . 2011-04-19 19:22 53248 ------w- c:\windows\system32\CSVer.dll
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ------w- c:\windows\system32\GPhotos.scr
2011-04-08 05:14 . 2011-05-08 11:02 944232 ------w- c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14 . 2011-05-08 11:02 855656 ------w- c:\windows\system32\nvgenco322060.dll
2011-04-07 07:51 . 2011-04-07 07:51 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-07 07:51 . 2011-04-07 07:51 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-07 07:51 . 2011-04-07 07:51 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-07 07:51 . 2011-04-07 07:51 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-07 07:51 . 2011-04-07 07:51 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-07 07:51 . 2011-04-07 07:51 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-07 07:51 . 2011-04-07 07:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-07 07:51 . 2011-04-07 07:51 367104 ----a-w- c:\windows\system32\html.iec
2011-04-07 07:51 . 2011-04-07 07:51 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-07 07:51 . 2011-04-07 07:51 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-07 07:51 . 2011-04-07 07:51 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-07 07:51 . 2011-04-07 07:51 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-07 07:51 . 2011-04-07 07:51 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-07 07:51 . 2011-04-07 07:51 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-07 07:51 . 2011-04-07 07:51 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-07 07:51 . 2011-04-07 07:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-07 07:51 . 2011-04-07 07:51 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-07 07:51 . 2011-04-07 07:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-07 07:51 . 2011-04-07 07:51 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-07 07:51 . 2011-04-07 07:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-07 07:51 . 2011-04-07 07:51 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-06 13:33 . 2011-04-19 18:18 3464104 ------w- c:\windows\system32\drivers\RTKVHDA.sys
2011-04-06 08:15 . 2011-04-19 18:18 952320 ------w- c:\windows\system32\RCoRes.dat
2011-04-01 19:13 . 2009-03-11 22:30 348160 ------w- c:\windows\system32\msvcr71.dll
2011-03-31 14:49 . 2011-04-19 18:18 2160744 ------w- c:\windows\system32\RtkPgExt.dll
2011-03-31 14:49 . 2011-04-19 18:18 4105832 ------w- c:\windows\system32\RtkAPO.dll
2011-03-27 00:27 . 2010-04-16 16:03 472808 ------w- c:\windows\system32\deployJava1.dll
2011-03-24 14:03 . 2011-04-19 18:18 70248 ------w- c:\windows\system32\RtkCoInst.dll
2011-03-21 09:34 . 2011-03-21 09:34 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-17 01:20 . 2011-03-17 01:16 17063974 ----a-w- c:\windows\REGBK00.ZIP
2011-03-15 13:32 . 2011-04-19 18:18 485992 ------w- c:\windows\system32\RtkApoApi.dll
2011-03-14 12:40 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-12 21:55 . 2011-04-28 01:04 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2005-10-18 11:12 . 2010-01-13 08:52 5545203 ----a-w- c:\program files\ffdemo30.exe
2002-07-28 22:40 . 2007-05-22 15:20 1059840 ----a-w- c:\program files\DS_Bonus_Plugin.8bf
2001-09-28 16:00 . 2009-06-19 23:19 243200 ----a-w- c:\program files\UNWISE.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2011-01-19 353736]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-05-26 15147400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-03-28 10029672]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
.
c:\users\Kreźmerov \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk]
backup=c:\windows\pss\Bitmeter2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AutoLyrix.lnk]
backup=c:\windows\pss\AutoLyrix.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^jaris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Dancer.lnk]
backup=c:\windows\pss\MP3 Dancer.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-07-29 00:25 497648 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 10:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2010-04-15 08:17 427328 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-07-25 14:55 1043968 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-12-13 12:37 135536 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-10-20 13:32 2192752 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2009-11-25 19:42 54672 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-04-01 19:33 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2007-04-10 21:46 709992 ----a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
2009-12-30 21:50 1561232 ----a-w- c:\program files\WebcamMax\WebcamMax.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-05-24 26736]
R3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [2003-10-10 4134]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 rockusb;Driver for rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [2006-03-22 73984]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-03-16 132464]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 gupdate1c9e9c6e1469ee0;Google Update Service (gupdate1c9e9c6e1469ee0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-10-20 196928]
R4 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-10-20 67904]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/23 15:55];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-04-18 53592]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-29 197224]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-10 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-03-29 11:24]
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Add animation to IncrediMail Style Box
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Read EXIF - c:\program files\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\jaris\AppData\Roaming\Mozilla\Firefox\Profiles\jgh0lzvb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Element Hiding Helper for Adblock Plus: elemhidehelper@adblockplus.org - %profile%\extensions\elemhidehelper@adblockplus.org
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FEBE: {4BBDD651-70CF-4821-84F8-2B918CF89CA3} - %profile%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - Ext: Walnut for Firefox: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} - %profile%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: ArcSoft Video Downloader Extension: {B728AB94-9BC7-49b7-B76A-422BB31B2FD0} - c:\program files\ArcSoft\Video Downloader\Plugin_FireFox
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord\firefox\ext
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - c:\program files\Spybot - Search & Destroy\unins001.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-10 10:11
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4008)
c:\windows\system32\dfshim.dll
c:\program files\Altap Salamander 2.5\plugins\salamext.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-06-10 10:19:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-10 08:19
ComboFix2.txt 2011-06-09 17:39
.
Před spuštěním: Volných bajtů: 73 511 866 368
Po spuštění: Volných bajtů: 73 402 617 856
.
Current=1 Default=1 Failed=2 LastKnownGood=3 Sets=1,2,3,4
- - End Of File - - 96E5AD21591C29CD39965124A7AA2B14

[Roli]

Bezva, vyčištěno a opraveno.

Nyní přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak dej vědět jaký je stav PC.

[jarda.otta]

moc díky a hezký den.

[Roli]

Není zač a měj se.

[jarda.otta]

jste borci a přispěju.