Prosím o kontrolu

Zpráva

Rohl · #1 Příspěvek od **Rohl** » 16 srp 2010 13:33

Prosím o kontrolu logu. Děkuji

Logfile of random's system information tool 1.06 (written by random/random)
Run by Míra at 2010-08-16 14:30:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 41 GB (27%) free of 153 GB
Total RAM: 2814 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:42, on 16.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Míra\Desktop\RSIT.exe
C:\Program Files\trend micro\Míra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate1c9aba632609870) (gupdate1c9aba632609870) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 7792 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{ED5473B1-FBCE-4BE9-BFFD-20106CE466D0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-18 7737344]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-05 47672]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-21 17920]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"OEXPRESS"= []
"WEBTRAN"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2008-11-05 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\daemon.exe [2008-03-21 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IFXSPMGT]
C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-02-24 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SolidWorks_CheckForUpdates]
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe /scheduler []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-06-29 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Míra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-02-16 384512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e48cf35-2b89-11df-a2d8-f7b5ea763adf}]
shell\AutoRun\command - G:\installer.exe
shell\verb\command - G:\installer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{403c0229-3f3b-11de-8a41-b9705b999deb}]
shell\AutoRun\command - ji83j.exe
shell\open\command - ji83j.exe

======List of files/folders created in the last 1 months======

2010-08-11 10:59:46 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 10:59:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 10:59:31 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 10:59:27 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 10:59:25 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 10:59:24 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 10:59:23 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieencode.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-11 10:59:10 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 10:58:49 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 10:58:37 ----A---- C:\Windows\system32\schannel.dll
2010-08-06 10:52:29 ----A---- C:\Windows\system32\shell32.dll
2010-07-22 12:59:51 ----D---- C:\Program Files\CCleaner
2010-07-21 13:28:00 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-07-21 13:27:59 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-19 11:38:25 ----D---- C:\Program Files\GSC World Publishing
2010-07-17 13:09:15 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-07-17 09:36:20 ----D---- C:\Users\Míra\AppData\Roaming\Nikon
2010-07-17 09:26:14 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-07-17 09:26:11 ----D---- C:\ProgramData\Nikon
2010-07-17 09:26:11 ----D---- C:\Program Files\Common Files\Nikon
2010-07-17 09:25:51 ----D---- C:\Nikon
2010-07-17 09:23:02 ----D---- C:\ProgramData\Ultima_T15
2010-07-17 09:23:02 ----D---- C:\ProgramData\EnterNHelp

======List of files/folders modified in the last 1 months======

2010-08-16 14:30:42 ----D---- C:\Windows\Prefetch
2010-08-16 14:30:38 ----D---- C:\Windows\Temp
2010-08-16 14:30:33 ----D---- C:\Program Files\trend micro
2010-08-15 00:26:25 ----A---- C:\Windows\system32\acovcnt.exe
2010-08-14 01:16:52 ----SHD---- C:\System Volume Information
2010-08-13 23:33:56 ----D---- C:\Windows
2010-08-11 12:18:33 ----D---- C:\Windows\Microsoft.NET
2010-08-11 12:18:21 ----RSD---- C:\Windows\assembly
2010-08-11 11:29:15 ----D---- C:\Windows\winsxs
2010-08-11 11:26:52 ----D---- C:\Windows\Debug
2010-08-11 11:12:28 ----D---- C:\Windows\System32
2010-08-11 11:12:27 ----D---- C:\Windows\system32\drivers
2010-08-11 11:12:27 ----D---- C:\Program Files\Movie Maker
2010-08-11 11:01:00 ----D---- C:\Windows\system32\catroot
2010-08-11 11:00:58 ----D---- C:\Windows\system32\catroot2
2010-08-11 11:00:26 ----D---- C:\Program Files\Windows Mail
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
2010-08-03 11:23:14 ----D---- C:\Windows\inf
2010-08-03 11:23:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-25 10:57:35 ----D---- C:\Program Files\Mozilla Firefox
2010-07-22 13:02:37 ----D---- C:\Users\Míra\AppData\Roaming\Media Player Classic
2010-07-22 12:59:51 ----RD---- C:\Program Files
2010-07-21 09:58:16 ----D---- C:\Windows\system32\Macromed
2010-07-19 17:47:27 ----D---- C:\Users\Míra\AppData\Roaming\Winamp
2010-07-17 13:09:44 ----D---- C:\Program Files\Winamp
2010-07-17 13:08:50 ----D---- C:\Program Files\Winamp Detect
2010-07-17 09:33:21 ----SHD---- C:\Windows\Installer
2010-07-17 09:31:17 ----SD---- C:\Users\Míra\AppData\Roaming\Microsoft
2010-07-17 09:28:00 ----HD---- C:\ProgramData
2010-07-17 09:26:14 ----D---- C:\Program Files\Common Files
2010-07-17 09:22:56 ----A---- C:\Windows\system32\ATL71.DLL

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2007-01-23 39080]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-08-23 1201312]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-11 3698176]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-17 146824]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-17 2153688]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-29 22072]
S3 a5gjfd87;a5gjfd87; C:\Windows\system32\drivers\a5gjfd87.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-05-13 81960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-08-23 13312]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-11 692224]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-27 522792]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\ifxtcs.exe [2007-02-22 849440]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2007-02-22 140832]
R2 SafeRemove;AMD Safely Remove Disk Drive; C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe [2008-07-07 147456]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate1c9aba632609870;Google Update Service (gupdate1c9aba632609870); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-23 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-18 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-03-03 79360]

Unlimited_Killer

Dobrý večer, na logu se pracuje.

Unlimited_Killer

Jdeme na to.

1) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:commands
[emptytemp]
[emptyflash]

:reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=""
"Default_Search_URL"=""
"Search Bar"=""
"Search Page"=""
"Start Page"="http://www.google.cz"
[HKCU\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=""
[HKLM\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=""
"CustomizeSearch"=""
[HKCU\Software\Microsoft\Internet Explorer\SearchURL]
"(Default)"=""
[HKCU\Software\Microsoft\Internet Explorer\Toolbar]
"LinksFolderName"=""
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=-
"WEBTRAN"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Míra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]

:files
%systemroot%\system32\*.tmp.dll /s
%systemroot%\*.tmp /s
%TMP%\*.*
%ALLUSERSPROFILE%\Data aplikací\TEMP\*.*
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování počítače, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

2) Nový RSIT log

Rohl · #4 Příspěvek od **Rohl** » 17 srp 2010 11:57

Jak dlouho asi trvá OTM než vytvoří log? Běží už mi 2 hodiny a stále nic

Rohl · #5 Příspěvek od **Rohl** » 17 srp 2010 15:44

Tak OTM mi pracoval 6 hodin ale výsledku jsem se nedočkal. A jelikož jsem pc potřeboval, tak jsem proces ukončil.

Unlimited_Killer

Zkuste ho spustit znovu, přičemž kdyby se znovu zasekl, zapamatujte si u čeho (v pravé části okna OTM).

Rohl · #7 Příspěvek od **Rohl** » 18 srp 2010 11:34

Tak tentokrát to trvalo minutku a bez problému

Zde je log.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Míra
->Temp folder emptied: 1246022 bytes
->Temporary Internet Files folder emptied: 35297 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 83446114 bytes
->Flash cache emptied: 2629 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 68732 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 81,00 mb

========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Main\\"Default_Search_URL"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Main\\"Search Bar"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.google.cz" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Search\\"SearchAssistant"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Search\\"SearchAssistant"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Search\\"CustomizeSearch"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\SearchURL\\"(Default)"|"" /E : value set successfully!
HKCU\Software\Microsoft\Internet Explorer\Toolbar\\"LinksFolderName"|"" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"Adobe Reader Speed Launcher"| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Míra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk\ deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A32.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP83FE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0E0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA48C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE86E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
C:\Windows\Installer\MSI3523.tmp moved successfully.
File/Folder C:\Users\MRA~1\AppData\Local\Temp\*.* not found.
File/Folder C:\ProgramData\Data aplikací\TEMP\*.* not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

OTM by OldTimer - Version 3.1.15.0 log created on 08182010_122814

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Unlimited_Killer

Výborně, prosím o krok číslo 2.

Rohl · #9 Příspěvek od **Rohl** » 18 srp 2010 16:19

Logfile of random's system information tool 1.06 (written by random/random)
Run by Míra at 2010-08-18 17:18:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 38 GB (25%) free of 153 GB
Total RAM: 2814 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:32, on 18.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Míra\Desktop\RSIT.exe
C:\Program Files\trend micro\Míra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate1c9aba632609870) (gupdate1c9aba632609870) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 6146 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{ED5473B1-FBCE-4BE9-BFFD-20106CE466D0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-18 7737344]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-05 47672]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-21 17920]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"Adobe Reader Speed Launcher"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2008-11-05 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\daemon.exe [2008-03-21 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IFXSPMGT]
C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-02-24 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SolidWorks_CheckForUpdates]
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe /scheduler []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-06-29 74752]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e48cf35-2b89-11df-a2d8-f7b5ea763adf}]
shell\AutoRun\command - G:\installer.exe
shell\verb\command - G:\installer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{403c0229-3f3b-11de-8a41-b9705b999deb}]
shell\AutoRun\command - ji83j.exe
shell\open\command - ji83j.exe

======List of files/folders created in the last 1 months======

2010-08-17 10:50:28 ----D---- C:\_OTM
2010-08-11 10:59:46 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 10:59:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 10:59:31 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 10:59:27 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 10:59:25 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 10:59:24 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 10:59:23 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieencode.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-11 10:59:10 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 10:58:49 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 10:58:37 ----A---- C:\Windows\system32\schannel.dll
2010-08-06 10:52:29 ----A---- C:\Windows\system32\shell32.dll
2010-07-22 12:59:51 ----D---- C:\Program Files\CCleaner
2010-07-21 13:28:00 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-07-21 13:27:59 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-19 11:38:25 ----D---- C:\Program Files\GSC World Publishing

======List of files/folders modified in the last 1 months======

2010-08-18 17:18:15 ----D---- C:\Windows\Temp
2010-08-18 17:18:15 ----D---- C:\Program Files\trend micro
2010-08-18 13:25:39 ----D---- C:\Windows\Prefetch
2010-08-18 12:31:55 ----A---- C:\Windows\system32\acovcnt.exe
2010-08-18 12:30:00 ----D---- C:\Windows\Tasks
2010-08-18 12:28:59 ----SHD---- C:\Windows\Installer
2010-08-18 04:20:42 ----SHD---- C:\System Volume Information
2010-08-13 23:33:56 ----D---- C:\Windows
2010-08-11 12:18:33 ----D---- C:\Windows\Microsoft.NET
2010-08-11 12:18:21 ----RSD---- C:\Windows\assembly
2010-08-11 11:29:15 ----D---- C:\Windows\winsxs
2010-08-11 11:26:52 ----D---- C:\Windows\Debug
2010-08-11 11:12:28 ----D---- C:\Windows\System32
2010-08-11 11:12:27 ----D---- C:\Windows\system32\drivers
2010-08-11 11:12:27 ----D---- C:\Program Files\Movie Maker
2010-08-11 11:01:00 ----D---- C:\Windows\system32\catroot
2010-08-11 11:00:58 ----D---- C:\Windows\system32\catroot2
2010-08-11 11:00:26 ----D---- C:\Program Files\Windows Mail
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
2010-08-03 11:23:14 ----D---- C:\Windows\inf
2010-08-03 11:23:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-25 10:57:35 ----D---- C:\Program Files\Mozilla Firefox
2010-07-22 13:02:37 ----D---- C:\Users\Míra\AppData\Roaming\Media Player Classic
2010-07-22 12:59:51 ----RD---- C:\Program Files
2010-07-21 09:58:16 ----D---- C:\Windows\system32\Macromed
2010-07-19 17:47:27 ----D---- C:\Users\Míra\AppData\Roaming\Winamp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2007-01-23 39080]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-08-23 1201312]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-11 3698176]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-17 146824]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-17 2153688]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-29 22072]
S3 a68v4yi2;a68v4yi2; C:\Windows\system32\drivers\a68v4yi2.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-05-13 81960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-08-23 13312]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-11 692224]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-27 522792]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\ifxtcs.exe [2007-02-22 849440]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2007-02-22 140832]
R2 SafeRemove;AMD Safely Remove Disk Drive; C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe [2008-07-07 147456]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate1c9aba632609870;Google Update Service (gupdate1c9aba632609870); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-23 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-18 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-03-03 79360]

-----------------EOF-----------------

Unlimited_Killer

Pravděpodobně jsem ještě přehlédl jednu havěť na přenosném disku, takže pokračujeme...

1) Připojte k PC všechny USB disky

Například Flash disky, mp3 přehrávače, externí disky...

2) UsbFix

Stáhněte a uložte na Plochu UsbFix.
Je možné, že Váš antivirus či antispyware označí tuto utilitu jako vir, pokud se tak stane, výzvu o smazání či přesunutí do karantény ignorujte.
Dvojklikem program spusťte.
Otevře se okno programu s logem a menu.
Vlevo v menu klikněte na 'Deletion'.
Program ukončí většinu procesů a začne pracovat (vlevo uvidíte postup v procentech).
Po dokončení program otevře Poznámkový blok s logem, jehož obsah sem ve formě textu vkopírujete.
Pokud se Vám log neotevře, naleznete jej v C:\UsbFix.txt

Rohl · #11 Příspěvek od **Rohl** » 20 srp 2010 09:26

############################## | UsbFix 7.020 | [Deletion]

User: Míra (Administrator) # MIRA-PC [ASUSTeK Computer Inc. M51Ta]
Updated 12/08/10 by El Desaparecido / C_XX
Started at 10:21:20 | 20/08/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-82
CPU 2: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-82
Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 7.0.6002.18005

Windows Firewall: Enabled
RAM -> 2814 Mb
C:\ (%systemdrive%) -> Fixed drive # 149 Gb (36 Mb free - 24%) [VistaOS] # NTFS
D:\ -> Fixed drive # 139 Gb (54 Mb free - 39%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Removable drive # 2 Gb (2 Mb free - 100%) [] # FAT32

################## | Files # Infected Folders |

Deleted ! H:\winamp_cache_0001.xml

################## | Registry |

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{3e48cf35-2b89-11df-a2d8-f7b5ea763adf}

################## | Listing |

[20/08/2010 - 10:23:06 | SHD ] C:\$RECYCLE.BIN
[05/11/2008 - 02:18:52 | HD ] C:\ASUS.SYS
[18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat
[15/07/2009 - 15:02:37 | SHD ] C:\Boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[17/04/2008 - 12:44:48 | RAS | 8192] C:\BOOTSECT.BAK
[17/01/2009 - 19:32:25 | A | 400634] C:\ciam_uninstall.log
[17/01/2009 - 19:32:15 | A | 16254] C:\ciam_uninstall_0117-1832.log
[04/04/2007 - 21:50:44 | A | 19] C:\CK21.txt
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[05/11/2008 - 02:25:26 | A | 22944] C:\devlist.txt
[17/01/2009 - 19:22:59 | SHD ] C:\Documents and Settings
[17/09/2008 - 04:09:03 | A | 35] C:\Driver.20
[05/11/2008 - 02:22:04 | A | 9] C:\Finish.log
[18/08/2010 - 22:47:21 | ASH | 2951831552] C:\hiberfil.sys
[05/11/2008 - 00:49:34 | A | 481] C:\igoogle_log.txt
[19/01/2009 - 16:37:42 | RASH | 0] C:\IO.SYS
[09/09/2008 - 04:40:37 | RAH | 1048576] C:\M51TaAS.BIN
[29/08/2008 - 03:59:43 | RAH | 1048576] C:\M51TrAS.BIN
[06/10/2008 - 05:46:41 | A | 21] C:\msapp2.LOG
[19/01/2009 - 16:37:42 | RASH | 0] C:\MSDOS.SYS
[08/08/2008 - 09:22:19 | A | 30] C:\NERO.LOG
[17/07/2010 - 09:29:54 | D ] C:\Nikon
[16/03/2007 - 01:18:45 | A | 25] C:\OFFICE2007_K.TXT
[18/08/2010 - 22:47:20 | ASH | 3265409024] C:\pagefile.sys
[04/11/2008 - 11:29:25 | A | 105] C:\Pass.txt
[24/09/2008 - 04:22:03 | A | 2666] C:\Patch.LOG
[03/06/2009 - 21:25:43 | D ] C:\PerfLogs
[22/07/2010 - 12:59:51 | RD ] C:\Program Files
[17/07/2010 - 09:28:00 | HD ] C:\ProgramData
[29/04/2008 - 16:30:34 | A | 20] C:\READER_K.TXT
[20/05/2008 - 08:18:05 | A | 50] C:\RECOVERY.DAT
[05/11/2008 - 01:22:39 | A | 560] C:\RHDSetup.log
[14/12/2009 - 13:51:38 | D ] C:\rsit
[05/11/2008 - 01:25:28 | A | 86] C:\setup.log
[16/05/2006 - 02:22:24 | A | 5] C:\store.log
[05/11/2008 - 00:10:34 | A | 166] C:\SumHidd.txt
[05/11/2008 - 00:09:52 | A | 98] C:\SumOS.txt
[20/08/2010 - 02:43:18 | SHD ] C:\System Volume Information
[20/08/2010 - 10:23:06 | D ] C:\UsbFix
[20/08/2010 - 10:21:20 | A | 3126] C:\UsbFix.txt
[17/01/2009 - 19:30:03 | RD ] C:\Users
[01/08/2008 - 00:40:18 | A | 21] C:\V552.txt
[20/08/2010 - 09:58:52 | D ] C:\Windows
[17/08/2010 - 10:50:28 | D ] C:\_OTM
[20/08/2010 - 10:23:06 | SHD ] D:\$RECYCLE.BIN
[15/04/2010 - 12:36:47 | D ] D:\b913411647ba8a031ac4
[03/09/2009 - 17:18:16 | D ] D:\Black Books
[18/08/2010 - 13:26:49 | D ] D:\Clip
[14/05/2010 - 23:49:49 | SHD ] D:\Config.Msi
[29/09/2009 - 20:11:51 | D ] D:\Cyranuv ostrov
[11/08/2010 - 11:43:08 | D ] D:\Cyranuv poloostrov
[15/09/2009 - 22:15:50 | D ] D:\Desifrování minulosti - Konec sveta 2012
[28/04/2010 - 16:41:38 | D ] D:\Erotika
[13/08/2010 - 11:33:06 | D ] D:\IT Crowd
[04/02/2010 - 02:26:29 | D ] D:\Lucky Louie
[08/10/2009 - 19:45:40 | D ] D:\Mezi nami zviraty
[22/06/2009 - 18:38:22 | D ] D:\Monty Python Flying Circus
[17/10/2009 - 14:02:32 | D ] D:\PC Translator 2009
[08/01/2010 - 11:38:27 | D ] D:\Prirodovedne dokumenty
[02/07/2010 - 12:52:04 | D ] D:\Program Files
[21/07/2010 - 13:13:56 | D ] D:\Redist
[15/09/2009 - 19:18:54 | D ] D:\Slovácko sa nesudi
[21/07/2010 - 13:13:44 | D ] D:\Soundtrack
[23/12/2009 - 16:36:48 | A | 4506611712] D:\STALKER_COP.iso
[04/11/2008 - 23:30:49 | SHD ] D:\System Volume Information
[15/09/2009 - 19:07:17 | D ] D:\The Big Bang
[15/09/2009 - 22:19:38 | D ] D:\Z deniku zaka III. B aneb Edudant a Francimor (1992)
[13/11/2009 - 10:31:10 | SHD ] H:\FOUND.001
[13/09/2009 - 13:02:48 | SHD ] H:\FOUND.000
[20/08/2010 - 10:16:16 | A | 1207838] H:\UsbFix.exe
[27/09/2005 - 16:09:32 | D ] H:\MICIN.DIR
[27/09/2005 - 16:09:32 | D ] H:\FMIN.DIR

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MIRA-PC.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

Unlimited_Killer

Dokončíme.

1) Připojte k PC všechny USB disky

Například Flash disky, mp3 přehrávače, externí disky...

2) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:commands
[emptytemp]
[emptyflash]

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{403c0229-3f3b-11de-8a41-b9705b999deb}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-

:files
%systemroot%\system32\*.tmp.dll /s
%systemroot%\*.tmp /s
%TMP%\*.*
%ALLUSERSPROFILE%\Data aplikací\TEMP\*.*
ji83j.exe /s

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování počítače, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

3) Fixnutí v HJT

Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe[/]
Následně klikněte na 'Do a system scan only'.

U níže uvedených položek udělejte 'fajfku' do čtverečku vlevo od dané položky a poté klikněte na 'Fix Checked'.

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Pokud by tam nějaká z těchto položek nebyla, vynechte ji.

4) OTCleaner

Stáhněte OTC a dvojklikem ho spusťte.
Vyskočí okénko, kde kliknete na 'CleanUp!'.
Potvrdíte kliknutím na 'Yes'.
Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

5) Odinstalace UsbFixu

Stáhněte a uložte na Plochu UsbFix (pokud máte program již stažený, přejděte na další krok).
Je možné, že Váš antivirus či antispyware označí tuto utilitu jako vir, pokud se tak stane, výzvu o smazání či přesunutí do karantény ignorujte.
Dvojklikem program spusťte.
Otevře se okno programu s logem a menu.
Vlevo v menu klikněte na 'Uninstall'.
Program bude pár sekund pracovat a poté vyskočí okénko s nápisem 'UsbFix has been uninstalled!'.
- To potvrdíte kliknutím na 'OK!'.
Nyní jen odstraníte složku UsbFix na Vašem systémovém disku (nejčastěji C:\) a program samotný umístěný tam, kam byl stažený (nejčastěji Plocha).

6) CCleaner

Stáhněte si program jménem CCleaner.
Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

7) Defragmentace

Defragmentujte disk.
Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.

8) FileHippo.com UpdateChecker

Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
  - Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.

9) Nový RSIT log

Rohl · #13 Příspěvek od **Rohl** » 20 srp 2010 22:38

Log z OTM:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Míra
->Temp folder emptied: 1447131 bytes
->Temporary Internet Files folder emptied: 150262 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 66402401 bytes
->Flash cache emptied: 2043 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 169712 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 5239 bytes

Total Files Cleaned = 65,00 mb

========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{403c0229-3f3b-11de-8a41-b9705b999deb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{403c0229-3f3b-11de-8a41-b9705b999deb}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACD9F.tmp moved successfully.
File/Folder C:\Users\MRA~1\AppData\Local\Temp\*.* not found.
File/Folder C:\ProgramData\Data aplikací\TEMP\*.* not found.
File/Folder ji83j.exe not found.

OTM by OldTimer - Version 3.1.15.0 log created on 08202010_230309

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Míra at 2010-08-20 23:29:36
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 37 GB (24%) free of 153 GB
Total RAM: 2814 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:29:37, on 20.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Míra\Desktop\RSIT.exe
C:\Program Files\trend micro\Míra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate1c9aba632609870) (gupdate1c9aba632609870) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: AMD Safely Remove Disk Drive (SafeRemove) - AMD - C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 5701 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{ED5473B1-FBCE-4BE9-BFFD-20106CE466D0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-18 7737344]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-05 47672]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-21 17920]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2008-11-05 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\daemon.exe [2008-03-21 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IFXSPMGT]
C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-02-24 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SolidWorks_CheckForUpdates]
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe /scheduler []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-06-29 74752]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-08-20 23:23:34 ----D---- C:\rsit
2010-08-20 10:23:09 ----RASHD---- C:\Autorun.inf
2010-08-11 10:59:46 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 10:59:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 10:59:31 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 10:59:27 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 10:59:25 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 10:59:24 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 10:59:23 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-11 10:59:22 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieencode.dll
2010-08-11 10:59:21 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-11 10:59:16 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 10:59:10 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 10:59:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 10:58:49 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 10:58:37 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 10:57:06 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 10:57:06 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-06 10:52:29 ----A---- C:\Windows\system32\shell32.dll
2010-07-22 12:59:51 ----D---- C:\Program Files\CCleaner
2010-07-21 13:28:00 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-07-21 13:28:00 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-07-21 13:27:59 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-21 13:27:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-21 13:27:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-21 13:27:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-21 13:27:55 ----A---- C:\Windows\system32\D3DCompiler_39.dll

======List of files/folders modified in the last 1 months======

2010-08-20 23:29:36 ----D---- C:\Program Files\trend micro
2010-08-20 23:29:20 ----D---- C:\Windows\Temp
2010-08-20 23:23:34 ----D---- C:\Windows\Prefetch
2010-08-20 23:17:50 ----D---- C:\Windows
2010-08-20 23:06:29 ----A---- C:\Windows\system32\acovcnt.exe
2010-08-20 10:39:36 ----D---- C:\Windows\System32
2010-08-20 10:39:36 ----D---- C:\Windows\inf
2010-08-20 10:39:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-20 10:23:06 ----SHD---- C:\$RECYCLE.BIN
2010-08-20 02:43:18 ----SHD---- C:\System Volume Information
2010-08-18 12:30:00 ----D---- C:\Windows\Tasks
2010-08-18 12:28:59 ----SHD---- C:\Windows\Installer
2010-08-11 12:18:33 ----D---- C:\Windows\Microsoft.NET
2010-08-11 12:18:21 ----RSD---- C:\Windows\assembly
2010-08-11 11:29:15 ----D---- C:\Windows\winsxs
2010-08-11 11:26:52 ----D---- C:\Windows\Debug
2010-08-11 11:12:27 ----D---- C:\Windows\system32\drivers
2010-08-11 11:12:27 ----D---- C:\Program Files\Movie Maker
2010-08-11 11:01:00 ----D---- C:\Windows\system32\catroot
2010-08-11 11:00:58 ----D---- C:\Windows\system32\catroot2
2010-08-11 11:00:26 ----D---- C:\Program Files\Windows Mail
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
2010-07-25 10:57:35 ----D---- C:\Program Files\Mozilla Firefox
2010-07-22 13:02:37 ----D---- C:\Users\Míra\AppData\Roaming\Media Player Classic
2010-07-22 12:59:51 ----RD---- C:\Program Files
2010-07-21 09:58:16 ----D---- C:\Windows\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-05-27 173576]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-08-01 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-31 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2007-01-23 39080]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-08-23 1201312]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-11 3698176]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-17 146824]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-17 2153688]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-29 22072]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 agdou5wx;agdou5wx; C:\Windows\system32\drivers\agdou5wx.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-05-13 81960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-08-23 13312]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-11 692224]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-05-27 522792]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\ifxtcs.exe [2007-02-22 849440]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2007-02-22 140832]
R2 SafeRemove;AMD Safely Remove Disk Drive; C:\Program Files\AMD\Safely Remove Disk\SafeRemoveService.exe [2008-07-07 147456]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate1c9aba632609870;Google Update Service (gupdate1c9aba632609870); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-23 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-18 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-03-03 79360]

-----------------EOF-----------------

Akorát sem neinstaloval FileHippo.com UpdateChecker, jelikož používám Secunia PSI.

Unlimited_Killer

0K, je to vše, pouze poslední krok. :]

1) Reg soubor

Spusťte Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

Windows Registry Editor Version 5.00 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=-

Uložte tento soubor například na Plochu jako oprava.reg (vizte obrázek).
Dvojklikem tento soubor spusťte.
Potvrďte přidání informací do registrů kliknutím na 'Ano'.
Restartujte PC a po restartu tento soubor smažte.

2) Toť vše

Děkuji za spolupráci a na shledanou.

Rohl · #15 Příspěvek od **Rohl** » 21 srp 2010 10:58

Hotovo. Díky moc. Nashle.

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu