Zdravím, poprosím preventivku, log v téme, ďakujem :)

[cappie]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2010-08-14 16:26:54
Microsoft Windows 7 Ultimate
System drive C: has 77 GB (51%) free of 153 GB
Total RAM: 2048 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:13, on 14. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
C:\Windows\System32\svcl32\svcl32.exe
C:\Windows\ZSSnp211.exe
C:\Windows\Domino.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\temp\Downloads\Nový priečinok\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ${URL_STARTPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\Windows\System32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1792919857
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7426 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-10-28 7862816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ScreenManager Pro for LCD"=C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"SysVContoller32"=C:\Windows\System32\svcl32\svcl32.exe [2007-06-26 328192]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
"ZSSnp211"=C:\Windows\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\Windows\Domino.exe [2006-08-18 49152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 102400]
"lxbkbmgr.exe"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-04-26 74672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorUser"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-14 16:26:55 ----D---- C:\Program Files\trend micro
2010-08-14 16:26:54 ----D---- C:\rsit
2010-08-14 16:18:23 ----D---- C:\ProgramData\Sun
2010-08-14 16:18:23 ----D---- C:\Program Files\Common Files\Java
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaws.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaw.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\java.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-14 15:08:25 ----D---- C:\Program Files\CCleaner
2010-08-14 15:01:07 ----D---- C:\Users\Martin\AppData\Roaming\Media Player Classic
2010-08-14 14:32:31 ----A---- C:\Windows\system32\rtutils.dll
2010-08-14 14:32:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-14 14:32:28 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-14 14:32:28 ----A---- C:\Windows\system32\iccvid.dll
2010-08-14 14:32:17 ----A---- C:\Windows\system32\mshtml.dll
2010-08-14 14:32:16 ----A---- C:\Windows\system32\ieframe.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\wininet.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\urlmon.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\mstime.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\ieui.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iepeers.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-14 14:32:08 ----A---- C:\Windows\system32\msxml3.dll
2010-08-14 14:28:07 ----A---- C:\Windows\system32\schannel.dll
2010-08-14 14:28:04 ----A---- C:\Windows\system32\win32k.sys
2010-08-13 19:37:00 ----D---- C:\ProgramData\GroupPolicy
2010-08-13 18:54:15 ----D---- C:\Program Files\Yamicsoft
2010-08-08 17:49:35 ----D---- C:\Users\Martin\AppData\Roaming\RealWorld
2010-08-08 14:32:01 ----D---- C:\Program Files\RocketDock
2010-08-06 20:05:09 ----D---- C:\Program Files\Lexmark X1100 Series
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkutil.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkusb1.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkserv.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkprox.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpplc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpmui.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbklmpm.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkjswr.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKinst.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinsb.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinpa.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkiesc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKhcp.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkinsr.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkins.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkih.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkhbn3.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkgf.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcur.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcu.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcoms.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcomm.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcomc.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcfg.exe
2010-08-06 20:04:54 ----A---- C:\Windows\system32\LXBKcfg.dll
2010-08-03 21:32:09 ----A---- C:\Windows\system32\shell32.dll
2010-07-29 20:05:27 ----D---- C:\Program Files\Unlocker
2010-07-29 20:03:50 ----D---- C:\Users\Martin\AppData\Roaming\Uniblue
2010-07-29 16:36:23 ----ASH---- C:\pagefile.sys
2010-07-25 09:14:01 ----D---- C:\Boot
2010-07-25 09:12:27 ----SH---- C:\boot.ini
2010-07-25 08:55:19 ----A---- C:\sccfg.sys
2010-07-18 13:40:37 ----D---- C:\Sounds
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbbus.sys
2010-07-18 13:38:10 ----D---- C:\Program Files\LG Electronics
2010-07-18 13:36:53 ----A---- C:\Windows\system32\NMSDVDXU.dll
2010-07-18 13:36:40 ----D---- C:\Users\Martin\AppData\Roaming\LG Electronics
2010-07-18 13:36:39 ----D---- C:\Program Files\LG PC Suite II
2010-07-18 13:36:01 ----D---- C:\Users\Martin\AppData\Roaming\InstallShield

======List of files/folders modified in the last 1 months======

2010-08-14 16:26:57 ----D---- C:\Windows\Temp
2010-08-14 16:26:55 ----RD---- C:\Program Files
2010-08-14 16:21:56 ----D---- C:\Windows\system32\config
2010-08-14 16:18:34 ----SHD---- C:\System Volume Information
2010-08-14 16:18:23 ----SHD---- C:\Windows\Installer
2010-08-14 16:18:23 ----HD---- C:\ProgramData
2010-08-14 16:18:23 ----D---- C:\Program Files\Common Files
2010-08-14 16:18:03 ----D---- C:\Windows\System32
2010-08-14 16:17:57 ----D---- C:\Program Files\Java
2010-08-14 16:13:22 ----D---- C:\Windows\Tasks
2010-08-14 16:13:22 ----D---- C:\Windows\system32\Tasks
2010-08-14 16:10:04 ----D---- C:\Windows\system32\catroot2
2010-08-14 16:04:54 ----D---- C:\Program Files\IObit
2010-08-14 16:01:05 ----D---- C:\Program Files\VirtualDJ
2010-08-14 15:54:10 ----D---- C:\Program Files\PowerMenu
2010-08-14 15:48:56 ----HDC---- C:\ProgramData\{44004340-3EFF-42F3-BC16-A787A5CB2BC5}
2010-08-14 15:40:21 ----D---- C:\Windows
2010-08-14 15:35:35 ----D---- C:\Windows\Downloaded Program Files
2010-08-14 15:31:30 ----D---- C:\Windows\Microsoft.NET
2010-08-14 15:31:29 ----RSD---- C:\Windows\assembly
2010-08-14 15:28:03 ----D---- C:\Windows\winsxs
2010-08-14 15:25:43 ----D---- C:\Windows\system32\drivers
2010-08-14 15:25:42 ----D---- C:\Windows\system32\migration
2010-08-14 15:25:42 ----D---- C:\Program Files\Internet Explorer
2010-08-14 15:13:56 ----D---- C:\Program Files\Webteh
2010-08-14 15:13:55 ----D---- C:\Users\Martin\AppData\Roaming\BSplayer
2010-08-14 15:09:43 ----D---- C:\Windows\debug
2010-08-14 15:04:32 ----D---- C:\Users\Martin\AppData\Roaming\Vso
2010-08-14 15:04:32 ----A---- C:\Users\Martin\AppData\Roaming\inst.exe
2010-08-14 14:59:54 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-14 14:59:54 ----D---- C:\Program Files\CyberLink
2010-08-14 14:41:21 ----A---- C:\Windows\win.ini
2010-08-14 14:38:59 ----D---- C:\Program Files\Common Files\Ahead
2010-08-14 14:38:46 ----D---- C:\Windows\ehome
2010-08-14 14:32:00 ----D---- C:\Windows\system32\catroot
2010-08-13 23:09:50 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2010-08-13 21:52:25 ----D---- C:\Program Files\Mozilla Firefox
2010-08-13 20:37:17 ----D---- C:\Windows\system32\wfp
2010-08-13 20:37:17 ----D---- C:\Windows\system32\wbem
2010-08-13 20:35:53 ----D---- C:\Windows\system32\DriverStore
2010-08-13 20:35:52 ----D---- C:\Windows\twain_32
2010-08-13 20:35:51 ----HD---- C:\Windows\system32\svcl32
2010-08-13 20:35:50 ----D---- C:\Windows\system32\en-US
2010-08-13 20:35:49 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-13 20:35:49 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-13 20:35:47 ----D---- C:\Windows\inf
2010-08-13 20:35:30 ----D---- C:\ProgramData\FLEXnet
2010-08-13 20:35:23 ----SHD---- C:\LH
2010-08-13 20:34:25 ----D---- C:\Windows\registration
2010-08-13 20:34:19 ----D---- C:\Windows\Web
2010-08-13 20:33:12 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2010-08-13 20:33:05 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2010-08-13 20:33:04 ----D---- C:\Users\Martin\AppData\Roaming\.purple
2010-08-13 19:27:28 ----D---- C:\Windows\system32\LogFiles
2010-08-13 19:17:56 ----D---- C:\temp
2010-08-09 16:48:02 ----D---- C:\Windows\Prefetch
2010-08-08 17:23:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-08 16:04:29 ----D---- C:\Users\Martin\AppData\Roaming\skypePM
2010-08-06 20:06:12 ----A---- C:\Windows\Lexstat.ini
2010-08-04 15:55:33 ----D---- C:\ProgramData\ZoomBrowser
2010-08-03 21:22:52 ----D---- C:\Users\Martin\AppData\Roaming\gtk-2.0
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-25 08:10:06 ----D---- C:\ProgramData\NOS
2010-07-23 14:47:46 ----SHD---- C:\RECYCLER
2010-07-15 21:34:50 ----D---- C:\Program Files\Common Files\microsoft shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\system32\DRIVERS\PxHelp20.sys [2004-06-03 20016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2010-01-27 51072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 176128]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-28 2785568]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vvftav211;vvftav211; C:\Windows\system32\drivers\vvftav211.sys [2007-12-10 480128]
R3 ZSMC30x;USB PC Camera Service ZSMC30x; C:\Windows\System32\Drivers\ZS211.sys [2007-12-05 1537024]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 172032]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2007-04-26 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-20 136176]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-20 655624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[Unlimited_Killer]

Dobré odpoledne, na logu se pracuje.

[Unlimited_Killer]

Hned tam vidím jeden podezřelý soubor (+ ještě dva, které chci pro jistotu otestovat), takže než začnu mazat, otestujeme ho.

1) VirusTotal

• Otestujte na VirusTotal soubory:

  Kód: Vybrat vše

  C:\Windows\System32\svcl32\svcl32.exe
  C:\Windows\system32\mscoree.dll
  C:\Windows\System32\drivers\rdyboost.sys 

• Jednoduše tam vkopírujete cesty, co jsem napsal do code.
• Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
• Poté sem vložíte linky (odkazy) na jednotlivé testy.

[cappie]

Kód: Vybrat vše

http://www.virustotal.com/file-scan/report.html?id=bdfb3a469765372f12ccc900840b37c1ff39bc8085a7bd89e28649445ca97759-1281801050
http://www.virustotal.com/file-scan/report.html?id=46e9715f3cd09f32fbeaa5379991e9e7daccbd2407c2d061fda3a04f05108133-1281801094
http://www.virustotal.com/file-scan/report.html?id=f211480f13e2fe36c31110ae67abe74e9d572d3a36beede29e14ecbd8c246878-1281801135

[Unlimited_Killer]

Omlouvám se za zdržení, ale už jdeme na to.

1) OTMoveit3

• Stáhněte OTM3 na Plochu.
• Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
• Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

  Kód: Vybrat vše

  :reg
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "Adobe Reader Speed Launcher"=-
  "SunJavaUpdateSched"=-
  "SysVContoller32"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "AdobeBridge"=-
  
  :files
  %systemroot%\system32\*.tmp.dll /s
  %systemroot%\*.tmp /s
  %TMP%\*.*
  %ALLUSERSPROFILE%\Data aplikací\TEMP\*.*
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\System32\svcl32
  
  :commands
  [emptytemp]
  [emptyflash]

• Poté klikněte na červené tlačítko 'MoveIt!'.
• V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
• Pokud se zobrazí hláška k restartování, klikněte na 'Yes'.
• Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

2) Fixnutí v HJT

• Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
• Následně klikněte na 'Do a system scan only'.
• U níže uvedených položek udělejte 'fajfku' do čtverečku vlevo od dané položky a poté klikněte na 'Fix Checked'.

  Kód: Vybrat vše

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ${URL_STARTPAGE}
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
  R3 - URLSearchHook: (no name) - - (no file)
  O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

• Pokud by tam nějaká položka nebyla, vynechte ji.

3) Tušíte, od jakého programu jsou následující Naplánované úlohy?

• Kód: Vybrat vše

  C:\Windows\tasks\AWC AutoSweep.job
  C:\Windows\tasks\AWC Startup.job
  C:\Windows\tasks\AWC Update.job

4) VirusTotal

• Otestujte na VirusTotal soubory:

  Kód: Vybrat vše

  C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

• Jednoduše tam vkopírujete cesty, co jsem napsal do code.
• Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
• Poté sem vložíte linky (odkazy) na jednotlivé testy.

5) Malwarebytes' Anti-Malware

• Stáhněte MbAM a postupujte podle popisu.
• Zatím nic nemažte, MbAM má občas falešné detekce.
• Poté mi sem vložte log ve formě textu.

6) UPOZORNĚNÍ

• Měl jste v PC pravděpodobně KeyLogger, čili vir, který snímá klávesy a může si zjistit hesla od různých služeb.
  • Proto důrazně doporučuji změnit si hesla u všech webových účtů, které používáte!

[cappie]

Poprvé

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SysVContoller32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\Windows\Installer\MSI2BBD.tmp moved successfully.
C:\Windows\Installer\MSI416A.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\AdobeARM.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\alm.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\amt.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\askToolbarInstaller.exe moved successfully.
C:\Users\Martin\AppData\Local\Temp\AUCHECK_CORE.txt moved successfully.
C:\Users\Martin\AppData\Local\Temp\AUCHECK_PARSER.txt moved successfully.
C:\Users\Martin\AppData\Local\Temp\csxs-PHXS.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martin\AppData\Local\Temp\GomEncDnInstaller.exe moved successfully.
C:\Users\Martin\AppData\Local\Temp\is6442.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\IWCSDrvInstaller.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\JAUReg.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\java_install_reg.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\java_install_sp.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\jinstall.cfg moved successfully.
C:\Users\Martin\AppData\Local\Temp\jusched.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\kl-install-2010-08-14-21-04-58.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\kl-setup-2010-08-14-21-04-58.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\LXBKscan.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\MpCmdRun.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\MSIe613c.LOG moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 203041).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 203914).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 210024).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 210315).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 213247).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 214042).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 221145).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\Nero Setup (100814 221537).log moved successfully.
C:\Users\Martin\AppData\Local\Temp\null moved successfully.
C:\Users\Martin\AppData\Local\Temp\Photoshop Temp3744022844 moved successfully.
C:\Users\Martin\AppData\Local\Temp\rtdrvmon.exe moved successfully.
C:\Users\Martin\AppData\Local\Temp\Set8920.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\StructuredQuery.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\swtag.log moved successfully.
C:\Users\Martin\AppData\Local\Temp\t00920e0.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\tmpAA72.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\TUMEBC5.tmp moved successfully.
C:\Users\Martin\AppData\Local\Temp\TWAIN.LOG moved successfully.
C:\Users\Martin\AppData\Local\Temp\Twain001.Mtx moved successfully.
C:\Users\Martin\AppData\Local\Temp\Twunk001.MTX moved successfully.
C:\Users\Martin\AppData\Local\Temp\Twunk002.MTX moved successfully.
C:\Users\Martin\AppData\Local\Temp\ucaevents.log moved successfully.
File/Folder C:\ProgramData\Data aplikací\TEMP\*.* not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\System32\svcl32 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Anna
->Temp folder emptied: 899081 bytes
->Temporary Internet Files folder emptied: 1082550 bytes
->Java cache emptied: 38342914 bytes
->FireFox cache emptied: 83812497 bytes
->Flash cache emptied: 6992 bytes

User: Default
->Temp folder emptied: 321531 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ernest
->Temp folder emptied: 1799988 bytes
->Temporary Internet Files folder emptied: 6990621 bytes
->Java cache emptied: 60360047 bytes
->FireFox cache emptied: 37045678 bytes
->Flash cache emptied: 0 bytes

User: Julia
->Temp folder emptied: 953275 bytes
->Temporary Internet Files folder emptied: 1451071 bytes
->Java cache emptied: 48550868 bytes
->FireFox cache emptied: 90556734 bytes
->Flash cache emptied: 3163 bytes

User: Martin
->Temp folder emptied: 1774545866 bytes
->Temporary Internet Files folder emptied: 5276161 bytes
->Java cache emptied: 60687269 bytes
->FireFox cache emptied: 147819048 bytes
->Flash cache emptied: 40314 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78510 bytes
RecycleBin emptied: 401193573 bytes

Total Files Cleaned = 2 634,00 mb


OTM by OldTimer - Version 3.1.15.0 log created on 08142010_224710

[cappie]

Po druhé
Fixnuté, bolo ich všetkých 10

Po tretie
Netuším

Po štvrté

Kód: Vybrat vše

http://www.virustotal.com/file-scan/report.html?id=eca8589c2c58dd19b32ee5e151b19bf5350d2faf3a159606091c738418139260-1281820781

Po piate

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4430

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14. 8. 2010 23:35:30
mbam-log-2010-08-14 (23-35-30).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 162384
Uplynulý čas: 8 min, 7 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Po šieste
OK

[Unlimited_Killer]

Výborně.

1) VirusTotal

• Otestujte na VirusTotal soubory:

  Kód: Vybrat vše

  C:\Windows\tasks\AWC AutoSweep.job
  C:\Windows\tasks\AWC Startup.job
  C:\Windows\tasks\AWC Update.job

• Jednoduše tam vkopírujete cesty, co jsem napsal do code.
• Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
• Poté sem vložíte linky (odkazy) na jednotlivé testy.

2) Nový RSIT log

[cappie]

Po prvé

Kód: Vybrat vše

http://www.virustotal.com/file-scan/report.html?id=e6945a196c3d60734108f8eb9af9ec6a080fede7a4f47c05d91627d9644a1f27-1281884616
http://www.virustotal.com/file-scan/report.html?id=25cc41b57b07add3e0e219ac8c08465cf026930aeb5fcbf1645c5ce664de3e90-1281884637
http://www.virustotal.com/file-scan/report.html?id=4343d754b1b01b4d9d57516189a6cbb74bbdf1b418cf9a23d70187ac0e1a3e13-1281884647

Po druhé

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2010-08-15 17:11:50
Microsoft Windows 7 Ultimate
System drive C: has 75 GB (49%) free of 153 GB
Total RAM: 2048 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:09, on 15. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
C:\Windows\ZSSnp211.exe
C:\Windows\Domino.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe
C:\Program Files\Windows Defender\MSASCui.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [PasswordManager] C:\Program Files\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI068C~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1792919857
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7464 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll [2009-12-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll [2009-12-25 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-10-28 7862816]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ScreenManager Pro for LCD"=C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
"ZSSnp211"=C:\Windows\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\Windows\Domino.exe [2006-08-18 49152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 102400]
"lxbkbmgr.exe"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-04-26 74672]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"PasswordManager"=C:\Program Files\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe [2009-12-24 3037616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-12-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorUser"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-15 00:13:28 ----SHD---- C:\Config.Msi
2010-08-15 00:05:17 ----D---- C:\ProgramData\Microsoft Help
2010-08-15 00:05:17 ----D---- C:\Program Files\Microsoft Office 2007
2010-08-14 23:26:02 ----D---- C:\Users\Martin\AppData\Roaming\Malwarebytes
2010-08-14 23:25:41 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-14 23:25:40 ----D---- C:\ProgramData\Malwarebytes
2010-08-14 23:25:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-14 23:25:40 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-14 22:47:10 ----D---- C:\_OTM
2010-08-14 22:44:46 ----D---- C:\Users\Martin\AppData\Roaming\Kaspersky Lab
2010-08-14 22:17:33 ----A---- C:\Windows\ntbtlog.txt
2010-08-14 21:07:19 ----A---- C:\Windows\system32\drivers\CSVirtualDiskDrv.sys
2010-08-14 21:07:19 ----A---- C:\Windows\system32\drivers\CSCrySec.sys
2010-08-14 21:06:38 ----D---- C:\Program Files\Common Files\InfoWatch
2010-08-14 21:06:36 ----D---- C:\ProgramData\Kaspersky Lab
2010-08-14 21:06:36 ----D---- C:\Program Files\Kaspersky Lab
2010-08-14 21:06:02 ----A---- C:\Windows\system32\drivers\klif.sys
2010-08-14 21:04:43 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-08-14 20:42:11 ----D---- C:\ProgramData\Nero
2010-08-14 20:42:10 ----D---- C:\Program Files\Common Files\Nero
2010-08-14 20:15:31 ----A---- C:\Windows\system32\TURegOpt.exe
2010-08-14 20:15:26 ----A---- C:\Windows\system32\uxtuneup.dll
2010-08-14 20:15:26 ----A---- C:\Windows\system32\authuitu.dll
2010-08-14 20:14:42 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-14 20:14:00 ----D---- C:\ProgramData\TuneUp Software
2010-08-14 20:13:50 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-14 16:26:55 ----D---- C:\Program Files\trend micro
2010-08-14 16:26:54 ----D---- C:\rsit
2010-08-14 16:18:23 ----D---- C:\ProgramData\Sun
2010-08-14 16:18:23 ----D---- C:\Program Files\Common Files\Java
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaws.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaw.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\java.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-14 15:08:25 ----D---- C:\Program Files\CCleaner
2010-08-14 15:01:07 ----D---- C:\Users\Martin\AppData\Roaming\Media Player Classic
2010-08-14 14:32:31 ----A---- C:\Windows\system32\rtutils.dll
2010-08-14 14:32:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-14 14:32:28 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-14 14:32:28 ----A---- C:\Windows\system32\iccvid.dll
2010-08-14 14:32:17 ----A---- C:\Windows\system32\mshtml.dll
2010-08-14 14:32:16 ----A---- C:\Windows\system32\ieframe.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\wininet.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\urlmon.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\mstime.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\ieui.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iepeers.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-14 14:32:08 ----A---- C:\Windows\system32\msxml3.dll
2010-08-14 14:28:07 ----A---- C:\Windows\system32\schannel.dll
2010-08-14 14:28:04 ----A---- C:\Windows\system32\win32k.sys
2010-08-13 19:37:00 ----D---- C:\ProgramData\GroupPolicy
2010-08-13 18:54:15 ----D---- C:\Program Files\Yamicsoft
2010-08-08 17:49:35 ----D---- C:\Users\Martin\AppData\Roaming\RealWorld
2010-08-08 14:32:01 ----D---- C:\Program Files\RocketDock
2010-08-06 20:05:09 ----D---- C:\Program Files\Lexmark X1100 Series
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkutil.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkusb1.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkserv.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkprox.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpplc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpmui.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbklmpm.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkjswr.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKinst.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinsb.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinpa.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkiesc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKhcp.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkinsr.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkins.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkih.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkhbn3.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkgf.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcur.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcu.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcoms.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcomm.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcomc.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcfg.exe
2010-08-06 20:04:54 ----A---- C:\Windows\system32\LXBKcfg.dll
2010-08-03 21:32:09 ----A---- C:\Windows\system32\shell32.dll
2010-07-29 20:05:27 ----D---- C:\Program Files\Unlocker
2010-07-29 20:03:50 ----D---- C:\Users\Martin\AppData\Roaming\Uniblue
2010-07-29 16:36:23 ----ASH---- C:\pagefile.sys
2010-07-25 09:14:01 ----D---- C:\Boot
2010-07-25 09:12:27 ----SH---- C:\boot.ini
2010-07-25 08:55:19 ----A---- C:\sccfg.sys
2010-07-18 13:40:37 ----D---- C:\Sounds
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbbus.sys
2010-07-18 13:38:10 ----D---- C:\Program Files\LG Electronics
2010-07-18 13:36:53 ----A---- C:\Windows\system32\NMSDVDXU.dll
2010-07-18 13:36:40 ----D---- C:\Users\Martin\AppData\Roaming\LG Electronics
2010-07-18 13:36:39 ----D---- C:\Program Files\LG PC Suite II
2010-07-18 13:36:01 ----D---- C:\Users\Martin\AppData\Roaming\InstallShield

======List of files/folders modified in the last 1 months======

2010-08-15 17:11:59 ----D---- C:\Windows\Temp
2010-08-15 17:00:48 ----D---- C:\Windows\system32\config
2010-08-15 16:58:53 ----D---- C:\Program Files\Mozilla Firefox
2010-08-15 00:13:36 ----SHD---- C:\Windows\Installer
2010-08-15 00:13:34 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-15 00:13:29 ----D---- C:\Windows\System32
2010-08-15 00:13:10 ----D---- C:\Windows\ShellNew
2010-08-15 00:13:01 ----A---- C:\Windows\win.ini
2010-08-15 00:12:58 ----D---- C:\Program Files\Common Files\System
2010-08-15 00:11:26 ----RSD---- C:\Windows\assembly
2010-08-15 00:10:19 ----D---- C:\Program Files\Microsoft Works
2010-08-15 00:08:50 ----RSD---- C:\Windows\Fonts
2010-08-15 00:08:14 ----SHD---- C:\System Volume Information
2010-08-15 00:07:58 ----D---- C:\Program Files\Microsoft Office
2010-08-15 00:05:17 ----RD---- C:\Program Files
2010-08-15 00:05:17 ----HD---- C:\ProgramData
2010-08-14 23:25:41 ----D---- C:\Windows\system32\drivers
2010-08-14 22:48:06 ----D---- C:\Windows\Tasks
2010-08-14 22:20:51 ----D---- C:\Windows
2010-08-14 21:46:42 ----A---- C:\Windows\Lexstat.ini
2010-08-14 21:13:44 ----D---- C:\Windows\system32\catroot
2010-08-14 21:07:56 ----D---- C:\Windows\inf
2010-08-14 21:07:51 ----D---- C:\Windows\system32\DriverStore
2010-08-14 21:07:19 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-14 21:06:38 ----D---- C:\Program Files\Common Files
2010-08-14 20:51:58 ----D---- C:\Windows\winsxs
2010-08-14 19:50:26 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2010-08-14 19:38:19 ----D---- C:\Users\Martin\AppData\Roaming\skypePM
2010-08-14 17:21:44 ----D---- C:\Windows\Microsoft.NET
2010-08-14 16:17:57 ----D---- C:\Program Files\Java
2010-08-14 16:13:22 ----D---- C:\Windows\system32\Tasks
2010-08-14 16:10:04 ----D---- C:\Windows\system32\catroot2
2010-08-14 16:04:54 ----D---- C:\Program Files\IObit
2010-08-14 16:01:05 ----D---- C:\Program Files\VirtualDJ
2010-08-14 15:54:10 ----D---- C:\Program Files\PowerMenu
2010-08-14 15:48:56 ----HDC---- C:\ProgramData\{44004340-3EFF-42F3-BC16-A787A5CB2BC5}
2010-08-14 15:35:35 ----D---- C:\Windows\Downloaded Program Files
2010-08-14 15:25:42 ----D---- C:\Windows\system32\migration
2010-08-14 15:25:42 ----D---- C:\Program Files\Internet Explorer
2010-08-14 15:13:56 ----D---- C:\Program Files\Webteh
2010-08-14 15:13:55 ----D---- C:\Users\Martin\AppData\Roaming\BSplayer
2010-08-14 15:09:43 ----D---- C:\Windows\debug
2010-08-14 15:04:32 ----D---- C:\Users\Martin\AppData\Roaming\Vso
2010-08-14 15:04:32 ----A---- C:\Users\Martin\AppData\Roaming\inst.exe
2010-08-14 14:59:54 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-14 14:59:54 ----D---- C:\Program Files\CyberLink
2010-08-14 14:38:59 ----D---- C:\Program Files\Common Files\Ahead
2010-08-14 14:38:46 ----D---- C:\Windows\ehome
2010-08-13 23:09:50 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2010-08-13 20:37:17 ----D---- C:\Windows\system32\wfp
2010-08-13 20:37:17 ----D---- C:\Windows\system32\wbem
2010-08-13 20:35:52 ----D---- C:\Windows\twain_32
2010-08-13 20:35:50 ----D---- C:\Windows\system32\en-US
2010-08-13 20:35:49 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-13 20:35:49 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-13 20:35:30 ----D---- C:\ProgramData\FLEXnet
2010-08-13 20:35:23 ----SHD---- C:\LH
2010-08-13 20:34:25 ----D---- C:\Windows\registration
2010-08-13 20:34:19 ----D---- C:\Windows\Web
2010-08-13 20:33:05 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2010-08-13 20:33:04 ----D---- C:\Users\Martin\AppData\Roaming\.purple
2010-08-13 19:27:28 ----D---- C:\Windows\system32\LogFiles
2010-08-13 19:17:56 ----D---- C:\temp
2010-08-09 16:48:02 ----D---- C:\Windows\Prefetch
2010-08-08 17:23:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-04 15:55:33 ----D---- C:\ProgramData\ZoomBrowser
2010-08-03 21:22:52 ----D---- C:\Users\Martin\AppData\Roaming\gtk-2.0
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-25 08:10:06 ----D---- C:\ProgramData\NOS
2010-07-23 14:47:46 ----SHD---- C:\RECYCLER

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2009-10-14 36880]
R0 PxHelp20;PxHelp20; C:\Windows\system32\DRIVERS\PxHelp20.sys [2004-06-03 20016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 39352]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-08-14 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2010-01-27 51072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 176128]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-28 2785568]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vvftav211;vvftav211; C:\Windows\system32\drivers\vvftav211.sys [2007-12-10 480128]
R3 ZSMC30x;USB PC Camera Service ZSMC30x; C:\Windows\System32\Drivers\ZS211.sys [2007-12-05 1537024]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 172032]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CSObjectsSrv;CryptoStorage control service; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2007-04-26 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 AVP;Kaspersky PURE; C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-20 136176]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-20 655624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-14 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[Unlimited_Killer]

Výborně, teď už jen uklidíme.

1) OTCleaner

• Stáhněte OTC a dvojklikem ho spusťte.
• Vyskočí okénko, kde kliknete na 'CleanUp!'.
• Potvrdíte kliknutím na 'Yes'.
• Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

2) CCleaner

• Stáhněte si program jménem CCleaner.
• Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
• Spusťte ho.
  
  • Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
  • Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
• CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

3) Defragmentace

• Defragmentujte disk.
• Lze to udělat několika způsoby ↓
  • Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
  • Přes jednoduchý a přehledný program jménem Defraggler.
  • Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.

4) FileHippo.com UpdateChecker

• Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
  • Běžně ho nainstalujte.
  • Spouštějte ho například jednou až dvakrát týdně.
  • Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
  • Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
    • Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.

5) Nový RSIT log

[cappie]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2010-08-16 16:30:52
Microsoft Windows 7 Ultimate
System drive C: has 76 GB (50%) free of 153 GB
Total RAM: 2048 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:14, on 16. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\ZSSnp211.exe
C:\Windows\Domino.exe
C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI068C~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1792919857
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7171 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll [2009-12-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll [2009-12-25 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-10-28 7862816]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ZSSnp211"=C:\Windows\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\Windows\Domino.exe [2006-08-18 49152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 102400]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-04-29 248832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashMute]
C:\Program Files\FlashMute\FlashMute.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbkbmgr.exe]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-04-26 74672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenManager Pro for LCD]
C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ernest^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-12-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorUser"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-16 16:30:52 ----D---- C:\rsit
2010-08-16 13:28:42 ----D---- C:\Windows\pss
2010-08-16 05:04:06 ----D---- C:\Windows\zh-TW
2010-08-16 05:04:04 ----D---- C:\Windows\system32\zh-CHT
2010-08-16 05:03:42 ----D---- C:\Windows\system32\drivers\zh-TW
2010-08-16 05:03:42 ----D---- C:\Windows\system32\drivers\zh-HK
2010-08-16 05:02:56 ----D---- C:\Windows\ko-KR
2010-08-16 05:02:53 ----D---- C:\Windows\system32\drivers\ko-KR
2010-08-16 05:02:30 ----D---- C:\Windows\system32\ko
2010-08-16 05:02:09 ----D---- C:\Windows\fr-FR
2010-08-16 05:01:35 ----D---- C:\Windows\system32\040C
2010-08-16 05:01:34 ----D---- C:\Windows\system32\fr
2010-08-16 05:01:34 ----D---- C:\Windows\system32\drivers\fr-FR
2010-08-16 05:01:06 ----D---- C:\Windows\cs-CZ
2010-08-16 05:01:03 ----D---- C:\Windows\system32\cs
2010-08-16 05:00:49 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-08-16 05:00:25 ----D---- C:\Windows\fi-FI
2010-08-16 05:00:06 ----D---- C:\Windows\system32\fi
2010-08-16 05:00:06 ----D---- C:\Windows\system32\drivers\fi-FI
2010-08-16 04:59:39 ----D---- C:\Windows\system32\zh-CHS
2010-08-16 04:59:38 ----D---- C:\Windows\system32\drivers\zh-CN
2010-08-16 04:59:15 ----D---- C:\Windows\zh-CN
2010-08-16 04:59:02 ----D---- C:\Windows\system32\drivers\et-EE
2010-08-16 04:58:54 ----D---- C:\Windows\et-EE
2010-08-16 04:58:45 ----D---- C:\Windows\system32\drivers\hr-HR
2010-08-16 04:58:45 ----D---- C:\Windows\hr-HR
2010-08-16 04:58:01 ----D---- C:\Windows\nb-NO
2010-08-16 04:57:59 ----D---- C:\Windows\system32\no
2010-08-16 04:57:45 ----D---- C:\Windows\system32\drivers\nb-NO
2010-08-16 04:57:22 ----D---- C:\Windows\de-DE
2010-08-16 04:57:00 ----D---- C:\Windows\system32\XPSViewer
2010-08-16 04:57:00 ----D---- C:\Windows\system32\0407
2010-08-16 04:56:59 ----D---- C:\Windows\system32\drivers\de-DE
2010-08-16 04:56:55 ----D---- C:\Windows\system32\de
2010-08-16 01:52:25 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-16 01:14:27 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-15 23:52:19 ----D---- C:\Program Files\Autoshutdown
2010-08-15 23:21:10 ----D---- C:\Program Files\Common Files\Skype
2010-08-15 23:03:36 ----D---- C:\Program Files\FileHippo.com
2010-08-15 22:28:54 ----A---- C:\Users\Martin\AppData\Roaming\coreavc.ini
2010-08-15 21:53:26 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-08-15 21:41:19 ----D---- C:\Program Files\AC3Filter
2010-08-15 21:39:02 ----D---- C:\Program Files\CoreCodec
2010-08-15 21:30:41 ----A---- C:\Windows\avisplitter.ini
2010-08-15 21:30:39 ----A---- C:\Windows\system32\yv12vfw.dll
2010-08-15 21:30:39 ----A---- C:\Windows\system32\xvidvfw.dll
2010-08-15 21:30:39 ----A---- C:\Windows\system32\xvidcore.dll
2010-08-15 21:30:39 ----A---- C:\Windows\system32\dpl100.dll
2010-08-15 21:30:39 ----A---- C:\Windows\system32\divx.dll
2010-08-15 21:30:38 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-08-15 21:30:38 ----A---- C:\Windows\system32\ff_vfw.dll
2010-08-15 21:30:35 ----D---- C:\Program Files\K-Lite Codec Pack
2010-08-15 20:05:17 ----D---- C:\Users\Martin\AppData\Roaming\SeriousBit
2010-08-15 19:07:51 ----D---- C:\Backup
2010-08-15 00:05:17 ----D---- C:\ProgramData\Microsoft Help
2010-08-15 00:05:17 ----D---- C:\Program Files\Microsoft Office 2007
2010-08-14 23:26:02 ----D---- C:\Users\Martin\AppData\Roaming\Malwarebytes
2010-08-14 23:25:40 ----D---- C:\ProgramData\Malwarebytes
2010-08-14 23:25:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-14 22:44:46 ----D---- C:\Users\Martin\AppData\Roaming\Kaspersky Lab
2010-08-14 21:07:19 ----A---- C:\Windows\system32\drivers\CSVirtualDiskDrv.sys
2010-08-14 21:07:19 ----A---- C:\Windows\system32\drivers\CSCrySec.sys
2010-08-14 21:06:38 ----D---- C:\Program Files\Common Files\InfoWatch
2010-08-14 21:06:36 ----D---- C:\ProgramData\Kaspersky Lab
2010-08-14 21:06:36 ----D---- C:\Program Files\Kaspersky Lab
2010-08-14 21:06:02 ----A---- C:\Windows\system32\drivers\klif.sys
2010-08-14 21:04:43 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-08-14 20:42:11 ----D---- C:\ProgramData\Nero
2010-08-14 20:15:31 ----A---- C:\Windows\system32\TURegOpt.exe
2010-08-14 20:15:26 ----A---- C:\Windows\system32\uxtuneup.dll
2010-08-14 20:15:26 ----A---- C:\Windows\system32\authuitu.dll
2010-08-14 20:14:42 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-14 20:14:00 ----D---- C:\ProgramData\TuneUp Software
2010-08-14 20:13:50 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-14 16:26:55 ----D---- C:\Program Files\Trend Micro
2010-08-14 16:18:23 ----D---- C:\ProgramData\Sun
2010-08-14 16:18:23 ----D---- C:\Program Files\Common Files\Java
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaws.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\javaw.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\java.exe
2010-08-14 16:18:03 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-14 15:08:25 ----D---- C:\Program Files\CCleaner
2010-08-14 15:01:07 ----D---- C:\Users\Martin\AppData\Roaming\Media Player Classic
2010-08-14 14:32:31 ----A---- C:\Windows\system32\rtutils.dll
2010-08-14 14:32:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-14 14:32:28 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-14 14:32:28 ----A---- C:\Windows\system32\iccvid.dll
2010-08-14 14:32:17 ----A---- C:\Windows\system32\mshtml.dll
2010-08-14 14:32:16 ----A---- C:\Windows\system32\ieframe.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\wininet.dll
2010-08-14 14:32:15 ----A---- C:\Windows\system32\urlmon.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\mstime.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-14 14:32:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\ieui.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iepeers.dll
2010-08-14 14:32:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-14 14:32:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-14 14:32:09 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-14 14:32:08 ----A---- C:\Windows\system32\msxml3.dll
2010-08-14 14:28:07 ----A---- C:\Windows\system32\schannel.dll
2010-08-14 14:28:04 ----A---- C:\Windows\system32\win32k.sys
2010-08-13 19:37:00 ----D---- C:\ProgramData\GroupPolicy
2010-08-13 18:54:15 ----D---- C:\Program Files\Yamicsoft
2010-08-08 17:49:35 ----D---- C:\Users\Martin\AppData\Roaming\RealWorld
2010-08-08 14:32:01 ----D---- C:\Program Files\RocketDock
2010-08-06 20:05:09 ----D---- C:\Program Files\Lexmark X1100 Series
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkutil.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkusb1.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkserv.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkprox.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpplc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkpmui.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbklmpm.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkjswr.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKinst.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinsb.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkinpa.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\lxbkiesc.dll
2010-08-06 20:04:56 ----A---- C:\Windows\system32\LXBKhcp.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkinsr.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkins.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkih.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkhbn3.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkgf.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcur.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcu.dll
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcoms.exe
2010-08-06 20:04:55 ----A---- C:\Windows\system32\lxbkcomm.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcomc.dll
2010-08-06 20:04:54 ----A---- C:\Windows\system32\lxbkcfg.exe
2010-08-06 20:04:54 ----A---- C:\Windows\system32\LXBKcfg.dll
2010-08-03 21:32:09 ----A---- C:\Windows\system32\shell32.dll
2010-07-29 20:03:50 ----D---- C:\Users\Martin\AppData\Roaming\Uniblue
2010-07-29 16:36:23 ----ASH---- C:\pagefile.sys
2010-07-25 09:14:01 ----D---- C:\Boot
2010-07-25 09:12:27 ----SH---- C:\boot.ini
2010-07-25 08:55:19 ----AH---- C:\sccfg.sys
2010-07-18 13:40:37 ----D---- C:\Sounds
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys
2010-07-18 13:38:11 ----A---- C:\Windows\system32\drivers\lgusbbus.sys
2010-07-18 13:38:10 ----D---- C:\Program Files\LG Electronics
2010-07-18 13:36:53 ----A---- C:\Windows\system32\NMSDVDXU.dll
2010-07-18 13:36:40 ----D---- C:\Users\Martin\AppData\Roaming\LG Electronics
2010-07-18 13:36:39 ----D---- C:\Program Files\LG PC Suite II
2010-07-18 13:36:01 ----D---- C:\Users\Martin\AppData\Roaming\InstallShield

======List of files/folders modified in the last 1 months======

2010-08-16 16:27:05 ----D---- C:\Windows\Temp
2010-08-16 16:26:54 ----D---- C:\Windows\system32\config
2010-08-16 16:25:01 ----D---- C:\Windows
2010-08-16 16:22:23 ----SHD---- C:\Windows\Installer
2010-08-16 16:22:02 ----RD---- C:\Program Files
2010-08-16 16:22:02 ----D---- C:\Program Files\Common Files
2010-08-16 16:20:03 ----HD---- C:\ProgramData
2010-08-16 16:19:50 ----D---- C:\Programy
2010-08-16 16:04:34 ----SHD---- C:\System Volume Information
2010-08-16 15:54:29 ----D---- C:\Windows\Tasks
2010-08-16 15:24:21 ----D---- C:\temp
2010-08-16 14:57:41 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2010-08-16 14:56:18 ----D---- C:\Windows\rescache
2010-08-16 14:55:44 ----D---- C:\Users\Martin\AppData\Roaming\.purple
2010-08-16 14:39:01 ----SD---- C:\ProgramData\Microsoft
2010-08-16 13:08:31 ----D---- C:\Windows\System32
2010-08-16 13:08:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-16 13:08:29 ----D---- C:\Windows\inf
2010-08-16 12:54:56 ----D---- C:\Windows\winsxs
2010-08-16 12:54:52 ----D---- C:\Windows\system32\cs-CZ
2010-08-16 12:54:50 ----D---- C:\Windows\system32\catroot
2010-08-16 12:54:18 ----D---- C:\Windows\system32\zh-TW
2010-08-16 12:54:18 ----D---- C:\Windows\system32\fr-FR
2010-08-16 12:54:18 ----D---- C:\Windows\system32\fi-FI
2010-08-16 12:54:18 ----D---- C:\Windows\system32\de-DE
2010-08-16 12:54:16 ----D---- C:\Windows\system32\nb-NO
2010-08-16 12:54:16 ----D---- C:\Windows\system32\hr-HR
2010-08-16 12:54:16 ----D---- C:\Windows\system32\en-US
2010-08-16 12:54:15 ----D---- C:\Windows\system32\zh-CN
2010-08-16 12:54:15 ----D---- C:\Windows\system32\ko-KR
2010-08-16 12:54:15 ----D---- C:\Windows\system32\et-EE
2010-08-16 12:43:59 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-16 12:43:57 ----D---- C:\Program Files\Adobe
2010-08-16 12:42:06 ----D---- C:\Windows\system32\catroot2
2010-08-16 12:31:45 ----D---- C:\Windows\system32\DriverStore
2010-08-16 12:22:55 ----D---- C:\Program Files\WinRAR
2010-08-16 05:04:12 ----D---- C:\Program Files\Windows Sidebar
2010-08-16 05:04:12 ----D---- C:\Program Files\Windows Mail
2010-08-16 05:04:11 ----D---- C:\Program Files\Windows Media Player
2010-08-16 05:04:11 ----D---- C:\Program Files\Windows Journal
2010-08-16 05:04:11 ----D---- C:\Program Files\Internet Explorer
2010-08-16 05:04:11 ----D---- C:\Program Files\DVD Maker
2010-08-16 05:04:10 ----D---- C:\Windows\servicing
2010-08-16 05:04:10 ----D---- C:\Windows\ehome
2010-08-16 05:04:10 ----D---- C:\Program Files\Windows Photo Viewer
2010-08-16 05:04:10 ----D---- C:\Program Files\Windows Defender
2010-08-16 05:04:10 ----D---- C:\Program Files\Common Files\System
2010-08-16 05:04:07 ----D---- C:\Windows\IME
2010-08-16 05:04:05 ----D---- C:\Windows\PolicyDefinitions
2010-08-16 05:04:04 ----D---- C:\Windows\system32\winrm
2010-08-16 05:04:04 ----D---- C:\Windows\system32\sysprep
2010-08-16 05:04:04 ----D---- C:\Windows\system32\slmgr
2010-08-16 05:04:04 ----D---- C:\Windows\system32\oobe
2010-08-16 05:04:04 ----D---- C:\Windows\system32\migwiz
2010-08-16 05:04:04 ----D---- C:\Windows\system32\migration
2010-08-16 05:04:04 ----D---- C:\Windows\system32\Boot
2010-08-16 05:03:42 ----D---- C:\Windows\system32\WCN
2010-08-16 05:03:42 ----D---- C:\Windows\system32\MUI
2010-08-16 05:03:42 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-16 05:03:42 ----D---- C:\Windows\system32\drivers
2010-08-16 05:03:42 ----D---- C:\Windows\system32\Dism
2010-08-16 05:03:36 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-08-16 05:03:32 ----D---- C:\Windows\system32\wbem
2010-08-16 05:03:25 ----D---- C:\Windows\system32\zh-HK
2010-08-16 05:03:25 ----D---- C:\Windows\system32\com
2010-08-16 05:03:22 ----D---- C:\Windows\AppPatch
2010-08-16 05:02:07 ----D---- C:\Windows\DigitalLocker
2010-08-16 05:01:35 ----D---- C:\Windows\system32\WinBioPlugIns
2010-08-16 05:01:35 ----D---- C:\Windows\system32\Setup
2010-08-16 04:58:25 ----D---- C:\Windows\system32\drivers\en-US
2010-08-16 04:58:25 ----D---- C:\Windows\en-US
2010-08-16 04:56:50 ----D---- C:\Windows\Speech
2010-08-16 01:13:36 ----RSD---- C:\Windows\assembly
2010-08-15 23:22:03 ----D---- C:\Program Files\JkDefrag
2010-08-15 23:21:45 ----D---- C:\Windows\system32\Tasks
2010-08-15 23:21:12 ----RD---- C:\Program Files\Skype
2010-08-15 23:20:37 ----D---- C:\ProgramData\Skype
2010-08-15 23:18:45 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2010-08-15 23:17:47 ----D---- C:\Program Files\Pidgin
2010-08-15 23:12:47 ----D---- C:\Program Files\Notepad++
2010-08-15 23:12:39 ----D---- C:\Users\Martin\AppData\Roaming\Notepad++
2010-08-15 21:15:34 ----D---- C:\Users\Martin\AppData\Roaming\WinRAR
2010-08-15 18:48:24 ----D---- C:\Users\Martin\AppData\Roaming\skypePM
2010-08-15 18:37:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-15 18:37:21 ----D---- C:\ProgramData\Ulead Systems
2010-08-15 18:31:07 ----D---- C:\ProgramData\FLEXnet
2010-08-15 17:39:34 ----RSD---- C:\Windows\Fonts
2010-08-15 17:39:26 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-15 17:39:13 ----D---- C:\Program Files\Microsoft Works
2010-08-15 17:37:40 ----A---- C:\Windows\win.ini
2010-08-15 16:58:53 ----D---- C:\Program Files\Mozilla Firefox
2010-08-15 00:13:10 ----D---- C:\Windows\ShellNew
2010-08-15 00:07:58 ----D---- C:\Program Files\Microsoft Office
2010-08-14 21:46:42 ----A---- C:\Windows\Lexstat.ini
2010-08-14 21:07:19 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-14 17:21:44 ----D---- C:\Windows\Microsoft.NET
2010-08-14 16:17:57 ----D---- C:\Program Files\Java
2010-08-14 15:48:56 ----HDC---- C:\ProgramData\{44004340-3EFF-42F3-BC16-A787A5CB2BC5}
2010-08-14 15:35:35 ----D---- C:\Windows\Downloaded Program Files
2010-08-14 15:13:56 ----D---- C:\Program Files\Webteh
2010-08-14 15:13:55 ----D---- C:\Users\Martin\AppData\Roaming\BSplayer
2010-08-14 15:09:43 ----D---- C:\Windows\debug
2010-08-14 15:04:32 ----D---- C:\Users\Martin\AppData\Roaming\Vso
2010-08-14 15:04:32 ----A---- C:\Users\Martin\AppData\Roaming\inst.exe
2010-08-14 14:59:54 ----D---- C:\Program Files\CyberLink
2010-08-14 14:38:59 ----D---- C:\Program Files\Common Files\Ahead
2010-08-13 20:37:17 ----D---- C:\Windows\system32\wfp
2010-08-13 20:35:52 ----D---- C:\Windows\twain_32
2010-08-13 20:35:49 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-13 20:35:23 ----SHD---- C:\LH
2010-08-13 20:34:25 ----D---- C:\Windows\registration
2010-08-13 20:34:19 ----D---- C:\Windows\Web
2010-08-13 20:33:05 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2010-08-13 19:27:28 ----D---- C:\Windows\system32\LogFiles
2010-08-09 16:48:02 ----D---- C:\Windows\Prefetch
2010-08-04 15:55:33 ----D---- C:\ProgramData\ZoomBrowser
2010-08-03 21:22:52 ----D---- C:\Users\Martin\AppData\Roaming\gtk-2.0
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-25 08:10:06 ----D---- C:\ProgramData\NOS
2010-07-23 14:47:46 ----SHD---- C:\RECYCLER

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\Windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2009-10-14 36880]
R0 PxHelp20;PxHelp20; C:\Windows\system32\DRIVERS\PxHelp20.sys [2004-06-03 20016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 39352]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-08-14 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2010-01-27 51072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 176128]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-28 2785568]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vvftav211;vvftav211; C:\Windows\system32\drivers\vvftav211.sys [2007-12-10 480128]
R3 ZSMC30x;USB PC Camera Service ZSMC30x; C:\Windows\System32\Drivers\ZS211.sys [2007-12-05 1537024]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5550592]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Nbdrv;NetBalancer Service; C:\Windows\system32\DRIVERS\nbdrv.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 172032]
R2 AVP;Kaspersky PURE; C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe [2009-12-25 340456]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CSObjectsSrv;CryptoStorage control service; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2007-04-26 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-20 136176]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-20 655624]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-14 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[Unlimited_Killer]

Pokud není žádný problém s PC, je to vše, a proto děkuji za spolupráci a na shledanou.

[cappie]

Ďakujem aj ja, hlavne za prehladné rady...skúsil som test.bezpecnosti.cz a hlási, že mám otvorený FTP; paranoia tiež, mám router, Kaspersky PURE antivirus, čo s tým?
/OK, ešte raz díky

[Unlimited_Killer]

Pokud Vám otevřený FTP vadí, zavřete si ho přes Firewall. [Díky za radu rádcovi Caroprd111.]

Jinak je to vše a není zač.