VIRY.CZ

AVPTool log:


Autoscan: completed 56 minutes ago (events: 20, objects: 2657755, time: 07:15:55)
22.9.2010 10:59:24 Task started
22.9.2010 11:25:50 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 11:25:58 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 11:27:07 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 12:32:14 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 12:32:14 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 12:32:14 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 12:32:15 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Object not found
22.9.2010 12:32:22 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Windows\Start Menu\eBay.lnk Object not found
22.9.2010 13:02:53 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Desktop\Programy\eBay.lnk
22.9.2010 13:07:08 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Desktop\Programy\eBay.lnk
22.9.2010 14:57:01 Detected: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\cdstart.exe/data0003
22.9.2010 14:57:34 Deleted: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\cdstart.exe
22.9.2010 14:58:25 Detected: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\Setup.exe/data0003
22.9.2010 15:02:03 Deleted: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\Setup.exe
22.9.2010 15:33:34 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:35:08 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:38:28 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:38:29 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Object not found
22.9.2010 18:15:19 Task completed

AVPTool log:


Autoscan: completed 56 minutes ago (events: 20, objects: 2657755, time: 07:15:55)
22.9.2010 10:59:24 Task started
22.9.2010 11:25:50 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 11:25:58 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 11:27:07 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 12:32:14 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 12:32:14 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 12:32:14 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
22.9.2010 12:32:15 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Object not found
22.9.2010 12:32:22 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Data aplikací\Microsoft\Windows\Start Menu\eBay.lnk Object not found
22.9.2010 13:02:53 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Desktop\Programy\eBay.lnk
22.9.2010 13:07:08 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Documents and Settings\Rodinka\Desktop\Programy\eBay.lnk
22.9.2010 14:57:01 Detected: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\cdstart.exe/data0003
22.9.2010 14:57:34 Deleted: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\cdstart.exe
22.9.2010 14:58:25 Detected: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\Setup.exe/data0003
22.9.2010 15:02:03 Deleted: Trojan-Downloader.Win32.Genome.rtg C:\Rodinka\download\NEW\Farming Simulator 2009\Setup.exe
22.9.2010 15:33:34 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:35:08 Detected: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:38:28 Deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
22.9.2010 15:38:29 Cannot be deleted: not-a-virus:AdWare.WinLNK.Agent.a C:\Users\Rodinka\Data aplikací\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Object not found
22.9.2010 18:15:19 Task completed

jj, tyhle soubory znám. Jeden je video-ten jsem smazal a další je prohlížeč souborů dwg a ten poslední je mod do hry.

Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Dobrý den, zde posílám log:


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95df6d75-e674-11de-82d9-00241dd240e9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95df6d75-e674-11de-82d9-00241dd240e9}\ not found.
File F:\Autorun.exe not found.
64bit-Registry value HKEY_USERS\S-1-5-21-3500666388-1305736350-2404888146-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3500666388-1305736350-2404888146-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7c5c0f58-e061-457d-9033-77307f5ed00c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Registry value HKEY_USERS\S-1-5-21-3500666388-1305736350-2404888146-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7c5c0f58-e061-457d-9033-77307f5ed00c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry value HKEY_USERS\S-1-5-21-3500666388-1305736350-2404888146-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP345F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8A40.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSIF1A8.tmp moved successfully.
C:\WINDOWS\System32\tmpAD8B.tmp moved successfully.
C:\WINDOWS\System32\tmpAD8C.tmp moved successfully.
C:\WINDOWS\Temp\E_S488D.tmp moved successfully.
C:\WINDOWS\Temp\E_S5B21.tmp moved successfully.
C:\WINDOWS\Temp\E_S660A.tmp moved successfully.
C:\WINDOWS\Temp\E_S66E5.tmp moved successfully.
C:\WINDOWS\Temp\TS_2DC4.tmp moved successfully.
C:\WINDOWS\Temp\TS_3286.tmp moved successfully.
C:\WINDOWS\Temp\TS_3AF0.tmp moved successfully.
C:\WINDOWS\Temp\TS_3CE4.tmp moved successfully.
C:\WINDOWS\Temp\TS_45EA.tmp moved successfully.
C:\WINDOWS\Temp\TS_4DE6.tmp moved successfully.
C:\WINDOWS\Temp\TS_5077.tmp moved successfully.
C:\WINDOWS\Temp\TS_5649.tmp moved successfully.
C:\WINDOWS\Temp\TS_5F37.tmp moved successfully.
C:\WINDOWS\Temp\TS_9738.tmp moved successfully.
C:\WINDOWS\Temp\UDD82C5.tmp moved successfully.
C:\WINDOWS\Temp\UDD82D6.tmp moved successfully.
C:\WINDOWS\Temp\UDD891E.tmp moved successfully.
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
File\Folder C:\Users\Rodinka\Desktop\anno_1404_crack.rar not found.
C:\Program Files (x86)\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Rodinka
->Temp folder emptied: 3721405634 bytes
->Temporary Internet Files folder emptied: 1227837819 bytes
->Java cache emptied: 42552760 bytes
->Opera cache emptied: 30422690 bytes
->Flash cache emptied: 219475 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30029955 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4 818,00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Rodinka
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.14.0 log created on 09242010_070732

Files\Folders moved on Reboot...
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
C:\Users\Rodinka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Jak to teď vypadá s počítačem?

PC šlape bez problémů.

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

Ještě poprosím o nový log ze Rsitu

Logfile of random's system information tool 1.08 (written by random/random)
Run by Rodinka at 2010-09-27 07:55:06
Microsoft Windows 7 Home Premium
System drive C: has 64 GB (13%) free of 477 GB
Total RAM: 4094 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:55:40, on 27.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\Users\Rodinka\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Rodinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_S5B21.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: KvetinkaProzeny.lnk = Rodinka\Desktop\moja fota\m\KvetinkaProzeny\KvetinkaProzeny.exe
O4 - Startup: setup_9.0.0.722_22.09.2010_10-25.lnk = Rodinka\Desktop\Virus Removal Tool\setup_9.0.0.722_22.09.2010_10-25\startup.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75412450-C4C6-4C19-B93B-C3D7683BF85D}: NameServer = 213.192.14.14,213.192.14.15
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: DCPFLICS - Unknown owner - C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11659 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-15 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"BtTray"=C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [2009-12-10 315478]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"EPSON Stylus SX400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [2007-12-17 221696]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-15 39408]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-09-24 328568]

C:\Users\Rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KvetinkaProzeny.lnk - C:\Users\Rodinka\Desktop\moja fota\m\KvetinkaProzeny\KvetinkaProzeny.exe
setup_9.0.0.722_22.09.2010_10-25.lnk - C:\Users\Rodinka\Desktop\Virus Removal Tool\setup_9.0.0.722_22.09.2010_10-25\startup.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-09-27 07:31:04 ----D---- C:\rsit
2010-09-26 19:06:24 ----D---- C:\Program Files (x86)\DCPFLICS
2010-09-24 09:10:19 ----D---- C:\ProgramData\Cabela's Outdoor Adventures Saves
2010-09-24 08:04:41 ----D---- C:\Program Files (x86)\uTorrent
2010-09-24 08:04:10 ----D---- C:\Users\Rodinka\AppData\Roaming\uTorrent
2010-09-23 18:24:43 ----D---- C:\Users\Rodinka\AppData\Roaming\FFSJ
2010-09-23 18:18:14 ----D---- C:\Windows\SysWOW64\FFSJ
2010-09-23 18:18:14 ----A---- C:\Windows\unins001.exe
2010-09-23 18:15:53 ----D---- C:\Program Files (x86)\The Ultimate File Splitter 1.0
2010-09-22 10:58:16 ----D---- C:\ProgramData\Kaspersky Lab
2010-09-22 08:57:23 ----D---- C:\Users\Rodinka\AppData\Roaming\HU2011
2010-09-21 07:37:25 ----RD---- C:\32788R22FWJFW
2010-09-20 15:22:35 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2010-09-15 23:58:23 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-08-31 20:22:28 ----D---- C:\Users\Rodinka\AppData\Roaming\Malwarebytes
2010-08-31 20:22:22 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
2010-08-31 20:22:21 ----D---- C:\ProgramData\Malwarebytes
2010-08-31 20:22:20 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-08-30 12:48:25 ----D---- C:\ProgramData\Apple Computer
2010-08-30 12:48:25 ----D---- C:\Program Files (x86)\QuickTime
2010-08-30 08:25:44 ----D---- C:\Program Files (x86)\trend micro
2010-08-30 07:57:18 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 months======

2010-09-27 07:55:40 ----D---- C:\Windows\Temp
2010-09-27 07:22:16 ----D---- C:\Windows\System32
2010-09-27 07:22:16 ----D---- C:\Windows\inf
2010-09-27 07:15:22 ----D---- C:\ProgramData\NVIDIA
2010-09-27 07:15:17 ----A---- C:\Windows\SysWOW64\bscs.ini
2010-09-27 06:31:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-09-26 21:23:49 ----D---- C:\Users\Rodinka\AppData\Roaming\ICQ
2010-09-26 19:06:24 ----RD---- C:\Program Files (x86)
2010-09-25 07:44:02 ----SHD---- C:\System Volume Information
2010-09-25 07:39:58 ----D---- C:\Windows\Tasks
2010-09-24 09:10:19 ----HD---- C:\ProgramData
2010-09-24 07:07:46 ----D---- C:\Windows\SysWOW64
2010-09-24 07:07:44 ----SHD---- C:\Windows\Installer
2010-09-24 07:04:59 ----SHD---- C:\Config.Msi
2010-09-23 18:49:46 ----RSD---- C:\Windows\assembly
2010-09-23 18:31:14 ----D---- C:\Hry
2010-09-23 18:18:14 ----D---- C:\Windows
2010-09-18 21:24:41 ----D---- C:\Users\Rodinka\AppData\Roaming\Skype
2010-09-18 17:15:38 ----D---- C:\Users\Rodinka\AppData\Roaming\skypePM
2010-09-17 15:04:21 ----D---- C:\Program Files (x86)\Opera
2010-09-16 00:02:46 ----D---- C:\Windows\winsxs
2010-09-07 14:05:55 ----D---- C:\Program Files (x86)\BS_Player
2010-09-07 14:05:54 ----D---- C:\Program Files (x86)\TorrentMan
2010-09-03 18:33:25 ----A---- C:\Users\Rodinka\AppData\Roaming\burnaware.ini
2010-08-31 20:22:22 ----D---- C:\Windows\SysWOW64\drivers
2010-08-30 07:48:20 ----D---- C:\Rodinka

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 27358862;27358862 Boot Guard Driver; C:\Windows\system32\DRIVERS\27358862.sys []
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 27358861;27358861; C:\Windows\system32\DRIVERS\27358861.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 setup_9.0.0.722_22.09.2010_10-25drv;setup_9.0.0.722_22.09.2010_10-25drv; C:\Windows\system32\DRIVERS\2735886.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
R3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys []
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-09-27 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys []
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S3 a2q6nf2c;a2q6nf2c; C:\Windows\SysWOW64\drivers\a2q6nf2c.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2009-06-17 36360]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 GMSIPCI;GMSIPCI; C:\Windows\SysWOW64\drivers\GMSIPCI.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 StarOpen;StarOpen; C:\Windows\SysWOW64\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2009-12-11 879104]
R2 BsMobileCS;BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-12-10 143467]
R2 DCPFLICS;DCPFLICS; C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe [2007-10-24 139268]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 GEST Service;GEST Service for program management.; C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-02-06 68136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2009-11-12 71096]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-08-17 239648]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [2009-12-10 192000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-12-13 1030600]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-02 651720]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-15 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

spusťte přejmenované HJT C:\Program Files (x86)\trend micro\Rodinka.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - Startup: setup_9.0.0.722_22.09.2010_10-25.lnk = Rodinka\Desktop\Virus Removal Tool\setup_9.0.0.722_22.09.2010_10-25\startup.exe
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc



Pokud nejsou problémy, je to vše

Problémy žádné nejsou. Děkuji za vaši pomoc a za váš čas.

Není zač