VIRY.CZ

Dobry den,

Potreboval by som pomoc, dnes ked som zapol notebook tak mi to vyhodilo, ze tieto dva programy prestali pracovat:

Uz mi parkrat pri starte notebooku prestali pracovat nejake programy ale s tymito som sa este nestretol a vobec im nerozumiem. Niesom si isty, ci to nahodou nieje nieco z tohoto ale naozaj neviem co to je.
Dakujem.

LOG z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Macher at 2010-09-24 17:21:38
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 13 GB (13%) free of 104 GB
Total RAM: 1014 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:21:52, on 24. 9. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Users\Macher\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Users\Macher\Program Files\DNA\btdna.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\ProgramData\Norton\NUA.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Macher\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\T-Mobile\web'n'walk Manager\WTGU.exe
C:\Users\Macher\Desktop\RSIT.exe
C:\Program Files\trend micro\Macher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2405280
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (file missing)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (file missing)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll (file missing)
O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (file missing)
O2 - BHO: TomBHO Class - {8AA217B9-D729-4ee0-AED7-E93D695E94A2} - C:\Program Files\Stylish Profile\tom4ie.dll (file missing)
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (file missing)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (file missing)
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll (file missing)
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
O4 - HKLM\..\Run: [MRT] "C:\Windows\system32\MRT.exe" /R
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Macher\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Updater shortcut] C:\Program Files\T-Mobile\web'n'walk Manager\WTGU.exe
O4 - HKCU\..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe
O4 - HKCU\..\Run: [cdoosoft] C:\Users\Macher\AppData\Local\Temp\herss.exe
O4 - HKCU\..\Run: [api32] C:\Users\Macher\AppData\Local\Temp\apiqq.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm (file missing)
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\použivatelia\Webmaster\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\použivatelia\Webmaster\ICQ6.5\ICQ.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate1c9b2e1252ad2a7) (gupdate1c9b2e1252ad2a7) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 21302 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005UA.job
C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Anna.job
C:\Windows\tasks\NSSstub.job
C:\Windows\tasks\User_Feed_Synchronization-{B30772A6-9845-4F37-B3EC-FF81B840CEAB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\toolbaru.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-02-11 97760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-11-21 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AA217B9-D729-4ee0-AED7-E93D695E94A2}]
TomBHO Class - C:\Program Files\Stylish Profile\tom4ie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-20 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-11-21 565960]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll []
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{9565115d-c7d6-46d3-bd63-b67b481a4368} - PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll []
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll []
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-06-03 2736736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-07 1021224]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-21 107112]
"osCheck"=c:\Program Files\Norton Internet Security\osCheck.exe [2006-11-21 22696]
"Acer Tour"= []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-10-28 72736]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-10-11 62760]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-10-17 858632]
"eRecoveryService"= []
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"Skytel"=C:\Windows\Skytel.exe [2007-05-29 1826816]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-05-20 111928]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"DataMngr"=C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe []
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"DataCardMonitor"=C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe [2010-09-11 253952]
"MRT"=C:\Windows\system32\MRT.exe [2010-09-17 35552200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"BitTorrent DNA"=C:\Users\Macher\Program Files\DNA\btdna.exe [2009-10-07 323392]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-13 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Google Update"=C:\Users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"Acer Tour Reminder"= []
""= []
"PC Suite Tray"=D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []
"Updater shortcut"=C:\Program Files\T-Mobile\web'n'walk Manager\WTGU.exe [2008-06-19 857544]
"NortonUpdateAgent"=C:\ProgramData\Norton\NUA.exe [2010-09-07 1819504]
"cdoosoft"=C:\Users\Macher\AppData\Local\Temp\herss.exe [2010-01-03 120320]
"api32"=C:\Users\Macher\AppData\Local\Temp\apiqq.exe [2010-09-23 175616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-24 17:21:38 ----D---- C:\rsit
2010-09-24 17:04:10 ----D---- C:\Program Files\trend micro
2010-09-22 16:18:28 ----D---- C:\Program Files\The KMPlayer
2010-09-17 17:18:13 ----A---- C:\Windows\system32\MRT.INI
2010-09-15 13:42:36 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 13:42:27 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 13:37:27 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 13:29:18 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-11 23:52:09 ----D---- C:\Users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers
2010-09-11 23:49:11 ----D---- C:\Program Files\DVDVideoSoft
2010-09-11 23:36:26 ----A---- C:\Windows\videotoaudio.ini
2010-09-11 23:25:22 ----D---- C:\Program Files\Crystal Software
2010-09-11 23:10:01 ----D---- C:\Users\Macher\AppData\Roaming\HCM Updater
2010-09-11 23:04:58 ----A---- C:\Windows\system32\drivers\mod7700.sys
2010-09-11 23:04:58 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2010-09-11 23:04:58 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2010-09-11 23:04:58 ----A---- C:\Windows\system32\drivers\ewusbfake.sys
2010-09-11 23:04:58 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2010-09-11 22:56:20 ----A---- C:\Windows\system32\sporder.dll
2010-09-11 22:56:20 ----A---- C:\Windows\system32\drivers\tcpipBM.sys
2010-09-11 22:56:20 ----A---- C:\Windows\system32\bmutil.dll
2010-09-11 22:56:20 ----A---- C:\Windows\system32\bmnet.dll
2010-09-11 22:56:20 ----A---- C:\Windows\system32\bminstall.dll
2010-09-11 22:55:32 ----D---- C:\Program Files\T-Mobile
2010-09-06 17:13:45 ----D---- C:\Program Files\Common Files\Java
2010-09-06 17:12:23 ----A---- C:\Windows\system32\javaws.exe
2010-09-06 17:12:23 ----A---- C:\Windows\system32\javaw.exe
2010-09-06 17:12:23 ----A---- C:\Windows\system32\java.exe
2010-09-06 15:48:52 ----A---- C:\Windows\setup.INI
2010-09-04 16:45:01 ----D---- C:\Windows\Minidump
2010-09-03 20:05:01 ----D---- C:\Program Files\Conduit
2010-09-03 20:04:43 ----D---- C:\Program Files\Softonic-Eng7
2010-09-03 17:26:45 ----D---- C:\Program Files\iPod
2010-08-30 23:21:38 ----D---- C:\Program Files\QuickTime
2010-08-30 23:08:36 ----D---- C:\Program Files\Safari
2010-08-30 22:57:25 ----D---- C:\Program Files\iTunes
2010-08-27 17:19:03 ----A---- C:\Windows\system32\drivers\UimFIO.sys
2010-08-27 17:19:02 ----A---- C:\Windows\system32\drivers\UimBus.sys
2010-08-27 17:19:01 ----A---- C:\Windows\system32\drivers\Uim_IM.sys
2010-08-27 17:15:45 ----A---- C:\Windows\system32\drivers\hotcore3.sys
2010-08-27 17:15:43 ----A---- C:\Windows\system32\prgiso.dll
2010-08-27 17:15:38 ----A---- C:\Windows\system32\wnaspi32.dll
2010-08-27 17:15:38 ----A---- C:\Windows\system32\qtp-mt334.dll
2010-08-27 17:12:20 ----D---- C:\Program Files\Paragon Software

======List of files/folders modified in the last 1 months======

2010-09-24 17:21:47 ----D---- C:\Windows\Temp
2010-09-24 17:21:12 ----D---- C:\Users\Macher\AppData\Roaming\DNA
2010-09-24 17:21:01 ----D---- C:\Windows\Prefetch
2010-09-24 17:19:56 ----D---- C:\Program Files\Common Files\Akamai
2010-09-24 17:19:33 ----D---- C:\Users\Macher\AppData\Roaming\Skype
2010-09-24 17:04:10 ----RD---- C:\Program Files
2010-09-24 16:05:59 ----D---- C:\Users\Macher\AppData\Roaming\skypePM
2010-09-24 15:04:26 ----SHD---- C:\Windows\Installer
2010-09-24 15:00:09 ----HD---- C:\Config.Msi
2010-09-24 12:39:12 ----SHD---- C:\System Volume Information
2010-09-24 12:12:24 ----AD---- C:\Windows\System32
2010-09-24 12:12:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-24 12:12:17 ----D---- C:\Windows\inf
2010-09-24 11:59:38 ----D---- C:\Program Files\Steam
2010-09-23 17:55:26 ----D---- C:\Program Files\Common Files\Steam
2010-09-22 18:45:51 ----D---- C:\Windows
2010-09-17 17:23:54 ----D---- C:\Windows\winsxs
2010-09-17 17:22:26 ----D---- C:\ProgramData\Microsoft Help
2010-09-17 16:24:39 ----A---- C:\Windows\system32\mrt.exe
2010-09-17 16:23:18 ----D---- C:\Windows\system32\catroot
2010-09-17 16:22:45 ----D---- C:\Program Files\Windows Mail
2010-09-15 13:17:57 ----D---- C:\Windows\system32\catroot2
2010-09-14 16:28:40 ----D---- C:\ProgramData\Norton
2010-09-13 15:48:56 ----D---- C:\Program Files\Opera
2010-09-12 20:18:19 ----D---- C:\Windows\ModemLogs
2010-09-12 00:02:45 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-09-11 23:41:25 ----D---- C:\Users\Macher\AppData\Roaming\Vso
2010-09-11 23:04:58 ----AD---- C:\Windows\system32\drivers
2010-09-06 17:13:45 ----D---- C:\Program Files\Common Files
2010-09-06 17:11:36 ----A---- C:\Windows\system32\deployJava1.dll
2010-09-04 17:19:40 ----D---- C:\Users1
2010-09-04 16:55:18 ----D---- C:\merged_partition_content
2010-09-04 16:17:45 ----D---- C:\Program Files\Nero
2010-09-04 16:09:50 ----RD---- C:\použivatelia
2010-09-04 15:59:23 ----D---- C:\Program Files\Yahoo!
2010-09-04 15:57:29 ----D---- C:\Program Files\Nokia
2010-09-04 15:56:02 ----SHD---- C:\Users\Macher\AppData\Roaming\.#
2010-09-03 19:23:25 ----D---- C:\Users\Macher\AppData\Roaming\BitTorrent
2010-09-03 18:43:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-03 17:26:42 ----D---- C:\Program Files\Common Files\Apple
2010-09-03 16:41:24 ----D---- C:\Fraps
2010-09-03 15:24:35 ----D---- C:\Program Files\Flock
2010-08-31 21:19:52 ----D---- C:\Program Files\BitTorrent
2010-08-27 17:17:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-27 05:11:28 ----D---- C:\Windows\system32\LogFiles
2010-08-26 20:06:47 ----D---- C:\Windows\Microsoft.NET
2010-08-26 20:05:12 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hotcore3;hotcore3; C:\Windows\system32\drivers\hotcore3.sys [2007-11-06 39472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-04-24 717296]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-03-10 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20090303.001\IDSvix86.sys [2008-09-12 270384]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-11-21 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-21 24184]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-11-21 185744]
R1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2008-02-11 18816]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2007-11-06 131672]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2007-11-06 32080]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-11-30 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 WinFLdrv;WinFLdrv; C:\Windows\system32\WinFLdrv.sys [2010-07-27 10752]
R2 WinVd32;WinVd32; \??\C:\Windows\system32\WinVd32.sys [2010-07-27 180224]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-09 179712]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-31 1780576]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090310.017\NAVENG.SYS [2009-03-10 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090310.017\NAVEX15.SYS [2009-03-10 876144]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-24 6144]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-07-25 47360]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-21 245880]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-19 9216]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2006-11-21 11792]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-07-24 109744]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2006-11-21 144784]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2006-11-21 38928]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-11-21 26384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-07 192816]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-09 78128]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-01-09 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-09 16560]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-04-17 101632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\Windows\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\Windows\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\Windows\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-21 275576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WisINT15;WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-10 24576]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-14 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-06-14 107832]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-11-21 46736]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9b2e1252ad2a7;Google Update Service (gupdate1c9b2e1252ad2a7); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR []
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-11-21 49296]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ISPwdSvc;Symantec IS Password Validation; c:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-11-21 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR []
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-24 411432]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-07-24 1174152]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Tak tu je to, cele to trvalo asi hodinu a s tymto programom som robil prvy krat tak dufam, ze to je dobbre.....

ComboFix 10-09-23.01 - Macher . 09. 2010 20:23:41.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.1014.304 [GMT 2:00]
Running from: c:\users\Macher\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Macher\AppData\Roaming\.#
c:\users\Macher\AppData\Roaming\inst.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\ReadMe.txt
c:\windows\Temp\log.txt

c:\windows\system32\kernel32.dll . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2010-08-24 to 2010-09-24 )))))))))))))))))))))))))))))))
.

2010-09-24 18:45 . 2010-09-24 18:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-24 18:45 . 2010-09-24 18:45 -------- d-----w- c:\users\Anna\AppData\Local\temp
2010-09-24 18:45 . 2010-09-24 18:54 -------- d-----w- c:\users\Macher\AppData\Local\temp
2010-09-24 18:45 . 2010-09-24 18:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-09-24 15:21 . 2010-09-24 15:22 -------- d-----w- C:\rsit
2010-09-24 15:04 . 2010-09-24 15:21 -------- d-----w- c:\program files\trend micro
2010-09-22 14:18 . 2010-09-22 14:23 -------- d-----w- c:\program files\The KMPlayer
2010-09-15 11:42 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 11:42 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 11:37 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 11:29 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-11 21:52 . 2010-09-11 21:52 -------- d-----w- c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers
2010-09-11 21:49 . 2010-09-11 22:02 -------- d-----w- c:\program files\DVDVideoSoft
2010-09-11 21:27 . 2010-09-11 21:36 5 ----a-w- c:\windows\system32\SySatm.dat
2010-09-11 21:25 . 2010-09-11 21:25 -------- d-----w- c:\program files\Crystal Software
2010-09-11 21:10 . 2010-09-23 18:44 -------- d-----w- c:\users\Macher\AppData\Roaming\HCM Updater
2010-09-11 21:04 . 2008-04-17 13:42 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-09-11 21:04 . 2008-04-17 13:42 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-09-11 21:04 . 2008-04-17 13:42 101632 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-09-11 21:04 . 2008-04-17 13:42 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2010-09-11 21:04 . 2008-04-17 13:42 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-09-11 20:56 . 2008-02-11 15:08 475136 ----a-w- c:\windows\system32\bmnet.dll
2010-09-11 20:56 . 2008-02-11 15:08 270336 ----a-w- c:\windows\system32\bminstall.dll
2010-09-11 20:56 . 2008-02-11 15:08 126976 ----a-w- c:\windows\system32\bmdumpd.bin
2010-09-11 20:56 . 2008-02-11 15:07 18816 ----a-w- c:\windows\system32\drivers\tcpipBM.sys
2010-09-11 20:56 . 2008-02-11 15:05 8464 ----a-w- c:\windows\system32\sporder.dll
2010-09-11 20:56 . 2008-02-11 15:05 719360 ----a-w- c:\windows\system32\bmutil.dll
2010-09-11 20:55 . 2010-09-11 20:55 -------- d-----w- c:\program files\T-Mobile
2010-09-06 15:13 . 2010-09-06 15:13 -------- d-----w- c:\program files\Common Files\Java
2010-09-04 14:31 . 2010-09-04 14:35 -------- d-----w- c:\users\Macher\AppData\Local\Nero
2010-09-03 18:05 . 2010-09-03 18:05 -------- d-----w- c:\program files\Conduit
2010-09-03 18:04 . 2010-09-03 18:05 -------- d-----w- c:\program files\Softonic-Eng7
2010-09-03 15:26 . 2010-09-03 15:26 -------- d-----w- c:\program files\iPod
2010-08-30 21:21 . 2010-08-30 21:22 -------- d-----w- c:\program files\QuickTime
2010-08-30 21:08 . 2010-08-30 21:09 -------- d-----w- c:\program files\Safari
2010-08-30 20:57 . 2010-09-03 16:57 -------- d-----w- c:\program files\iTunes
2010-08-27 15:19 . 2007-11-06 07:06 11568 ----a-w- c:\windows\system32\drivers\UimFIO.sys
2010-08-27 15:19 . 2007-11-06 07:06 32080 ----a-w- c:\windows\system32\drivers\UimBus.sys
2010-08-27 15:19 . 2007-11-06 07:06 131672 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
2010-08-27 15:15 . 2007-11-06 07:06 39472 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-08-27 15:15 . 2008-01-21 15:43 247560 ----a-w- c:\windows\system32\prgiso.dll
2010-08-27 15:15 . 2008-01-21 15:43 4244744 ----a-w- c:\windows\system32\qtp-mt334.dll
2010-08-27 15:15 . 2008-01-21 15:43 13576 ----a-w- c:\windows\system32\wnaspi32.dll
2010-08-27 15:12 . 2010-08-27 15:17 -------- d-----w- c:\program files\Paragon Software
2010-08-26 11:49 . 2010-08-26 11:49 -------- d-----w- c:\users\Anna\AppData\Roaming\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-24 18:57 . 2008-12-16 19:29 -------- d-----w- c:\users\Macher\AppData\Roaming\Skype
2010-09-24 18:56 . 2008-12-16 19:32 -------- d-----w- c:\users\Macher\AppData\Roaming\skypePM
2010-09-24 18:54 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\DNA
2010-09-24 18:50 . 2010-08-03 21:31 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-24 18:47 . 2008-03-25 20:35 12 ----a-w- c:\windows\bthservsdp.dat
2010-09-24 17:56 . 2008-04-25 15:15 -------- d-----w- c:\program files\Norton Security Scan
2010-09-24 10:38 . 2009-11-19 08:24 -------- d-----w- c:\users\Anna\AppData\Roaming\DNA
2010-09-24 10:12 . 2009-01-28 18:22 40126 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-24 10:12 . 2009-01-28 18:22 111372 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-24 09:59 . 2008-06-29 13:09 -------- d-----w- c:\program files\Steam
2010-09-23 15:55 . 2008-08-11 07:48 -------- d-----w- c:\program files\Common Files\Steam
2010-09-17 15:22 . 2007-07-24 12:03 -------- d-----w- c:\programdata\Microsoft Help
2010-09-17 14:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-14 14:28 . 2009-12-16 17:34 -------- d-----w- c:\programdata\Norton
2010-09-13 13:48 . 2010-01-14 15:58 -------- d-----w- c:\program files\Opera
2010-09-11 22:02 . 2009-01-18 21:28 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-09-11 21:41 . 2010-07-25 20:12 -------- d-----w- c:\users\Macher\AppData\Roaming\Vso
2010-09-06 15:11 . 2010-05-01 08:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-04 14:17 . 2010-07-28 18:47 -------- d-----w- c:\program files\Nero
2010-09-04 13:59 . 2008-03-25 15:26 -------- d-----w- c:\program files\Yahoo!
2010-09-04 13:57 . 2010-07-05 20:06 -------- d-----w- c:\program files\Nokia
2010-09-03 17:23 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\BitTorrent
2010-09-03 16:43 . 2008-12-27 21:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-03 15:26 . 2008-12-24 10:43 -------- d-----w- c:\program files\Common Files\Apple
2010-09-03 13:24 . 2010-06-12 14:53 -------- d-----w- c:\program files\Flock
2010-08-31 19:19 . 2010-06-10 14:12 -------- d-----w- c:\program files\BitTorrent
2010-08-27 15:17 . 2007-07-24 11:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-26 11:49 . 2008-03-25 14:58 107080 ----a-w- c:\users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-16 18:53 . 2010-08-16 18:32 -------- d-----w- c:\users\Macher\AppData\Roaming\vlc
2010-08-16 18:29 . 2010-08-16 18:29 -------- d-----w- c:\program files\VideoLAN
2010-08-13 11:50 . 2010-08-13 11:50 -------- d-----w- c:\program files\Movie Maker 2.6
2010-08-13 09:08 . 2009-09-01 16:41 680 ----a-w- c:\users\Macher\AppData\Local\d3d9caps.dat
2010-07-29 21:26 . 2010-07-29 21:25 -------- d-----w- c:\program files\Java
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E8C.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E3D.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E2D.tmp
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\program files\Common Files\Nero
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\programdata\Nero
2010-07-28 19:11 . 2010-05-16 12:52 -------- d-----w- c:\users\Macher\AppData\Roaming\Nero
2010-07-28 18:17 . 2008-11-29 18:27 107080 ----a-w- c:\users\Macher\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-28 16:08 . 2010-07-28 16:08 -------- d-----w- c:\program files\ABCgames Cheater
2010-07-28 15:36 . 2008-06-27 13:05 -------- d-----w- c:\program files\EACOM
2010-07-28 15:36 . 2008-06-29 13:33 -------- d-----w- c:\program files\Electronic Arts
2010-07-28 15:35 . 2010-06-14 20:44 -------- d-----w- c:\program files\DVD Decrypter
2010-07-27 20:43 . 2010-07-27 20:43 180224 ----a-w- c:\windows\system32\WinVd32.sys
2010-07-27 20:42 . 2010-07-27 20:42 7680 ----a-w- c:\windows\system32\WinFLsrv.exe
2010-07-27 20:42 . 2010-07-27 20:42 -------- d-----w- c:\program files\Folder Lock 6
2010-07-27 13:30 . 2010-03-31 15:29 -------- d-----w- c:\programdata\DivX
2010-07-27 13:30 . 2009-09-12 18:22 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\users\Macher\AppData\Roaming\pcouffin.sys
2010-02-10 02:18 . 2010-07-12 15:21 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\Macher\Program Files\DNA\btdna.exe" [2009-10-07 323392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-13 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Google Update"="c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-02 133104]
"Updater shortcut"="c:\program files\T-Mobile\web'n'walk Manager\WTGU.exe" [2008-06-19 857544]
"NortonUpdateAgent"="c:\programdata\Norton\NUA.exe" [2010-09-07 1819504]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1021224]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 858632]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DataCardMonitor"="c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2010-09-11 253952]
"MRT"="c:\windows\system32\MRT.exe" [2010-09-17 35552200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9b2e1252ad2a7;Google Update Service (gupdate1c9b2e1252ad2a7);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 WisINT15;WisINT15;c:\elements\1stboot\WisINT15.SYS [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-04-24 717296]
S0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2007-11-06 39472]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090303.001\IDSvix86.sys [2008-09-12 270384]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005Core.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005UA.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-24 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Anna.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-21 20:41]

2010-01-01 c:\windows\Tasks\NSSstub.job
- c:\windows\System32\Adobe\Shockwave 11\nssstub.exe [2009-12-30 18:36]

2010-09-24 c:\windows\Tasks\User_Feed_Synchronization-{B30772A6-9845-4F37-B3EC-FF81B840CEAB}.job
- c:\windows\system32\msfeedssync.exe [2010-08-13 04:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280
uDefault_Search_URL = hxxp://search13.net/
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\PageRage\tbPage.dll
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll
BHO-{9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\PageRage\tbPage.dll
BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\Yontoo Layers Client\YontooIEClient.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Toolbar-{9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\PageRage\tbPage.dll
Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-Acer Tour Reminder - (no file)
HKCU-Run-PC Suite Tray - d:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-WarReg_PopUp - c:\acer\WR_PopUp\WarReg_PopUp.exe
HKLM-Run-DataMngr - c:\program files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Audacity_is1 - d:\program files\Audacity\unins000.exe
AddRemove-BearShare MediaBar - c:\program files\BearShare Applications\MediaBar\UnwiseLauncher.exe
AddRemove-BitTorrent - d:\program files\BitTorrent\uninst.exe
AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe
AddRemove-Dave Mirra freestyle BMX - d:\program files\Dave Mirra freestyle BMX\uninstall.exe
AddRemove-DoremiSoft AVI to 3GP Converter - d:\program files\DoremiSoft\Free AVI to 3GP Converter\uninst.exe
AddRemove-EADM - c:\program files\Electronic Arts\EADM\Uninstall.exe
AddRemove-GameSpy Arcade - d:\progra~1\GAMESP~1\UNWISE.EXE
AddRemove-GTA San Andreas SK - d:\program files\Rockstar Games\GTA San Andreas\Uninstall GTA_SA_SK.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-Map Mod Switcher - c:\gta3mms\uninstall.exe
AddRemove-Mozilla Firefox (3.6.3) - d:\program files\Mozilla Firefox\uninstall\helper.exe
AddRemove-Nokia Maps Updater_is1 - d:\program files\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe
AddRemove-NSSSetupTemp.{3FADAA19-E595-44CA-A072-58B6B0851768} - c:\program files\Common Files\Symantec Shared\NSSSetup\{3FADAA19-E595-44CA-A072-58B6B0851768}_2_0_0\NSSSetup.exe
AddRemove-Sony Ericsson Themes Creator - d:\program files\Sony Ericsson\Themes Creator\Uninstall.exe
AddRemove-Stylish Profile - c:\program files\Stylish Profile\uninstall.exe
AddRemove-The Sims - d:\program files\The Sims\Uninst.isu
AddRemove-ViceTXD - d:\program files\Rockstar Games\Grand Theft Auto Vice City\ViceTXD\Uninstall.exe
AddRemove-VLC media player - d:\program files\VideoLAN\VLC\uninstall.exe
AddRemove-Yahoo! Search Defender - c:\progra~1\Yahoo!\SEARCH~1\UNINST~1.EXE
AddRemove-Yahoo! Software Update - c:\progra~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - d:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - d:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1 - d:\program files\VDownloader\unins000.exe
AddRemove-{AEEAE013-92F1-4515-B278-139F1A692A36} - c:\acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-24 20:54
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DataCardMonitor = c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe?.WSH;.MSC?PROCESSOR_ARCHITECTUR?}?FI_???:??????IDENTIFIER=x86 Family 6 Model 22 Stepping 1, GenuineIntel?PROCESSOR_LEVEL=6?PROCESSOR_REVISION=1601?ProgramData=c:\programdata?programfiles=c:\P

scanning hidden files ...


c:\windows\system32\sys_drv.dat 10040 bytes
c:\windows\system32\sys_drv_2.dat 7028 bytes
c:\windows\system32\WinFLdrv.sys 10752 bytes executable
c:\users\Macher\AppData\Roaming\systemfl.$dk 990 bytes

scan completed successfully
hidden files: 4

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4148)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\users\Macher\AppData\Local\Temp\RtkBtMnt.exe
c:\windows\system32\igfxsrvc.exe
c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\WerCon.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-09-24 21:14:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-24 19:13

Pre-Run: 13 860 622 336 bytes free
Post-Run: 17 739 309 056 bytes free

- - End Of File - - 2652098F944A81DF5687EB03F5975C40

Odtud: http://www.dll-files.com/dllindex/dll-f ... l?kernel32 stáhněte knihovnu kernel32.dll a rozbalte ji na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\system32\sys_drv.dat
c:\windows\system32\sys_drv_2.dat
c:\windows\system32\WinFLdrv.sys
c:\users\Macher\AppData\Roaming\systemfl.$dk

FCopy::
c:\users\Macher\Desktop\kernel32.dll | c:\windows\system32\kernel32.dll

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pustte. CF se spustí a vykoná příkazy ze skriptu.

ok vykonane....
Na ploche mi ostal priecinok z extrahovania kniznice kernel32 neviem ci ho mam vymazat alebo ho tam este nehat.

A pridavam LOG:

ComboFix 10-09-23.01 - Macher . 09. 2010 22:56:24.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.1014.244 [GMT 2:00]
Running from: c:\users\Macher\Desktop\ComboFix.exe
Command switches used :: c:\users\Macher\Desktop\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

file zipped: c:\users\Macher\AppData\Roaming\systemfl.$dk
file zipped: c:\windows\system32\sys_drv.dat
file zipped: c:\windows\system32\sys_drv_2.dat
file zipped: c:\windows\system32\WinFLdrv.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Macher\AppData\Roaming\systemfl.$dk
c:\windows\system32\sys_drv.dat
c:\windows\system32\sys_drv_2.dat
c:\windows\system32\WinFLdrv.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WinFLdrv
-------\Service_WinFLdrv


((((((((((((((((((((((((( Files Created from 2010-08-24 to 2010-09-24 )))))))))))))))))))))))))))))))
.

2010-09-24 21:15 . 2010-09-24 21:23 -------- d-----w- c:\users\Macher\AppData\Local\temp
2010-09-24 21:15 . 2010-09-24 21:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-24 21:15 . 2010-09-24 21:15 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-09-24 21:15 . 2010-09-24 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-24 21:15 . 2010-09-24 21:15 -------- d-----w- c:\users\Anna\AppData\Local\temp
2010-09-24 20:51 . 2010-09-24 20:51 -------- d-----w- C:\32788R22FWJFW
2010-09-24 15:21 . 2010-09-24 15:22 -------- d-----w- C:\rsit
2010-09-24 15:04 . 2010-09-24 15:21 -------- d-----w- c:\program files\trend micro
2010-09-22 14:18 . 2010-09-22 14:23 -------- d-----w- c:\program files\The KMPlayer
2010-09-15 11:42 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 11:42 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 11:37 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 11:29 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-11 21:52 . 2010-09-11 21:52 -------- d-----w- c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers
2010-09-11 21:49 . 2010-09-11 22:02 -------- d-----w- c:\program files\DVDVideoSoft
2010-09-11 21:27 . 2010-09-11 21:36 5 ----a-w- c:\windows\system32\SySatm.dat
2010-09-11 21:25 . 2010-09-11 21:25 -------- d-----w- c:\program files\Crystal Software
2010-09-11 21:10 . 2010-09-23 18:44 -------- d-----w- c:\users\Macher\AppData\Roaming\HCM Updater
2010-09-11 21:04 . 2008-04-17 13:42 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-09-11 21:04 . 2008-04-17 13:42 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-09-11 21:04 . 2008-04-17 13:42 101632 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-09-11 21:04 . 2008-04-17 13:42 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2010-09-11 21:04 . 2008-04-17 13:42 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-09-11 20:56 . 2008-02-11 15:08 475136 ----a-w- c:\windows\system32\bmnet.dll
2010-09-11 20:56 . 2008-02-11 15:08 270336 ----a-w- c:\windows\system32\bminstall.dll
2010-09-11 20:56 . 2008-02-11 15:08 126976 ----a-w- c:\windows\system32\bmdumpd.bin
2010-09-11 20:56 . 2008-02-11 15:07 18816 ----a-w- c:\windows\system32\drivers\tcpipBM.sys
2010-09-11 20:56 . 2008-02-11 15:05 8464 ----a-w- c:\windows\system32\sporder.dll
2010-09-11 20:56 . 2008-02-11 15:05 719360 ----a-w- c:\windows\system32\bmutil.dll
2010-09-11 20:55 . 2010-09-11 20:55 -------- d-----w- c:\program files\T-Mobile
2010-09-06 15:13 . 2010-09-06 15:13 -------- d-----w- c:\program files\Common Files\Java
2010-09-04 14:31 . 2010-09-04 14:35 -------- d-----w- c:\users\Macher\AppData\Local\Nero
2010-09-03 18:05 . 2010-09-03 18:05 -------- d-----w- c:\program files\Conduit
2010-09-03 18:04 . 2010-09-03 18:05 -------- d-----w- c:\program files\Softonic-Eng7
2010-09-03 15:26 . 2010-09-03 15:26 -------- d-----w- c:\program files\iPod
2010-08-30 21:21 . 2010-08-30 21:22 -------- d-----w- c:\program files\QuickTime
2010-08-30 21:08 . 2010-08-30 21:09 -------- d-----w- c:\program files\Safari
2010-08-30 20:57 . 2010-09-03 16:57 -------- d-----w- c:\program files\iTunes
2010-08-27 15:19 . 2007-11-06 07:06 11568 ----a-w- c:\windows\system32\drivers\UimFIO.sys
2010-08-27 15:19 . 2007-11-06 07:06 32080 ----a-w- c:\windows\system32\drivers\UimBus.sys
2010-08-27 15:19 . 2007-11-06 07:06 131672 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
2010-08-27 15:15 . 2007-11-06 07:06 39472 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-08-27 15:15 . 2008-01-21 15:43 247560 ----a-w- c:\windows\system32\prgiso.dll
2010-08-27 15:15 . 2008-01-21 15:43 4244744 ----a-w- c:\windows\system32\qtp-mt334.dll
2010-08-27 15:15 . 2008-01-21 15:43 13576 ----a-w- c:\windows\system32\wnaspi32.dll
2010-08-27 15:12 . 2010-08-27 15:17 -------- d-----w- c:\program files\Paragon Software
2010-08-26 11:49 . 2010-08-26 11:49 -------- d-----w- c:\users\Anna\AppData\Roaming\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-24 21:27 . 2008-12-16 19:29 -------- d-----w- c:\users\Macher\AppData\Roaming\Skype
2010-09-24 21:24 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\DNA
2010-09-24 21:20 . 2010-08-03 21:31 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-24 21:18 . 2008-03-25 20:35 12 ----a-w- c:\windows\bthservsdp.dat
2010-09-24 18:56 . 2008-12-16 19:32 -------- d-----w- c:\users\Macher\AppData\Roaming\skypePM
2010-09-24 17:56 . 2008-04-25 15:15 -------- d-----w- c:\program files\Norton Security Scan
2010-09-24 10:38 . 2009-11-19 08:24 -------- d-----w- c:\users\Anna\AppData\Roaming\DNA
2010-09-24 10:12 . 2009-01-28 18:22 40126 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-24 10:12 . 2009-01-28 18:22 111372 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-24 09:59 . 2008-06-29 13:09 -------- d-----w- c:\program files\Steam
2010-09-23 15:55 . 2008-08-11 07:48 -------- d-----w- c:\program files\Common Files\Steam
2010-09-17 15:22 . 2007-07-24 12:03 -------- d-----w- c:\programdata\Microsoft Help
2010-09-17 14:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-14 14:28 . 2009-12-16 17:34 -------- d-----w- c:\programdata\Norton
2010-09-13 13:48 . 2010-01-14 15:58 -------- d-----w- c:\program files\Opera
2010-09-11 22:02 . 2009-01-18 21:28 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-09-11 21:41 . 2010-07-25 20:12 -------- d-----w- c:\users\Macher\AppData\Roaming\Vso
2010-09-06 15:11 . 2010-05-01 08:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-04 14:17 . 2010-07-28 18:47 -------- d-----w- c:\program files\Nero
2010-09-04 13:59 . 2008-03-25 15:26 -------- d-----w- c:\program files\Yahoo!
2010-09-04 13:57 . 2010-07-05 20:06 -------- d-----w- c:\program files\Nokia
2010-09-03 17:23 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\BitTorrent
2010-09-03 16:43 . 2008-12-27 21:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-03 15:26 . 2008-12-24 10:43 -------- d-----w- c:\program files\Common Files\Apple
2010-09-03 13:24 . 2010-06-12 14:53 -------- d-----w- c:\program files\Flock
2010-08-31 19:19 . 2010-06-10 14:12 -------- d-----w- c:\program files\BitTorrent
2010-08-27 15:17 . 2007-07-24 11:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-26 11:49 . 2008-03-25 14:58 107080 ----a-w- c:\users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-16 18:53 . 2010-08-16 18:32 -------- d-----w- c:\users\Macher\AppData\Roaming\vlc
2010-08-16 18:29 . 2010-08-16 18:29 -------- d-----w- c:\program files\VideoLAN
2010-08-13 11:50 . 2010-08-13 11:50 -------- d-----w- c:\program files\Movie Maker 2.6
2010-08-13 09:08 . 2009-09-01 16:41 680 ----a-w- c:\users\Macher\AppData\Local\d3d9caps.dat
2010-07-29 21:26 . 2010-07-29 21:25 -------- d-----w- c:\program files\Java
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E8C.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E3D.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E2D.tmp
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\program files\Common Files\Nero
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\programdata\Nero
2010-07-28 19:11 . 2010-05-16 12:52 -------- d-----w- c:\users\Macher\AppData\Roaming\Nero
2010-07-28 18:17 . 2008-11-29 18:27 107080 ----a-w- c:\users\Macher\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-28 16:08 . 2010-07-28 16:08 -------- d-----w- c:\program files\ABCgames Cheater
2010-07-28 15:36 . 2008-06-27 13:05 -------- d-----w- c:\program files\EACOM
2010-07-28 15:36 . 2008-06-29 13:33 -------- d-----w- c:\program files\Electronic Arts
2010-07-28 15:35 . 2010-06-14 20:44 -------- d-----w- c:\program files\DVD Decrypter
2010-07-27 20:43 . 2010-07-27 20:43 180224 ----a-w- c:\windows\system32\WinVd32.sys
2010-07-27 20:42 . 2010-07-27 20:42 7680 ----a-w- c:\windows\system32\WinFLsrv.exe
2010-07-27 20:42 . 2010-07-27 20:42 -------- d-----w- c:\program files\Folder Lock 6
2010-07-27 13:30 . 2010-03-31 15:29 -------- d-----w- c:\programdata\DivX
2010-07-27 13:30 . 2009-09-12 18:22 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\users\Macher\AppData\Roaming\pcouffin.sys
2010-02-10 02:18 . 2010-07-12 15:21 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2008-03-26 06:27 . 2008-03-26 06:17 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\Macher\Program Files\DNA\btdna.exe" [2009-10-07 323392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-13 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Google Update"="c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-02 133104]
"Updater shortcut"="c:\program files\T-Mobile\web'n'walk Manager\WTGU.exe" [2008-06-19 857544]
"NortonUpdateAgent"="c:\programdata\Norton\NUA.exe" [2010-09-07 1819504]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1021224]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 858632]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DataCardMonitor"="c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2010-09-11 253952]
"MRT"="c:\windows\system32\MRT.exe" [2010-09-17 35552200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9b2e1252ad2a7;Google Update Service (gupdate1c9b2e1252ad2a7);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 WisINT15;WisINT15;c:\elements\1stboot\WisINT15.SYS [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-04-24 717296]
S0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2007-11-06 39472]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090303.001\IDSvix86.sys [2008-09-12 270384]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005Core.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005UA.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-24 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Anna.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-21 20:41]

2010-09-24 c:\windows\Tasks\User_Feed_Synchronization-{B30772A6-9845-4F37-B3EC-FF81B840CEAB}.job
- c:\windows\system32\msfeedssync.exe [2010-08-13 04:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280
uDefault_Search_URL = hxxp://search13.net/
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-24 23:22
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DataCardMonitor = c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe?.WSH;.MSC?PROCESSOR_ARCHITECTUR?}?FI_???:??????IDENTIFIER=x86 Family 6 Model 22 Stepping 1, GenuineIntel?PROCESSOR_LEVEL=6?PROCESSOR_REVISION=1601?ProgramData=c:\programdata?programfiles=c:\P

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4796)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\windows\system32\igfxsrvc.exe
c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\users\Macher\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Completion time: 2010-09-24 23:42:47 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-24 21:42
ComboFix2.txt 2010-09-24 19:14

Pre-Run: 17 615 839 232 bytes free
Post-Run: 18 028 167 168 bytes free

- - End Of File - - 78784B67EB6518D27F0CD555F20D02FF
Upload was successful

uz je to vyriesene alebo este treba nieco robit?

Ještě jednou spustte ComboFix tímto skriptem:

Driver::
Akamai

nemozem teraz vypnut norton internet security...
predtym som to zapol a povipinal vsetko ale neraz mi to vobec na nic nereaguje.....

Zkuste to ignorovat, nemělo by to v tomto případě vadit.

ok podarilo sa mi ho permanentne vypnut....

dam aj log:

ComboFix 10-09-23.01 - Macher . 09. 2010 20:53:21.3.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.1014.294 [GMT 2:00]
Running from: c:\users\Macher\Desktop\ComboFix.exe
Command switches used :: c:\users\Macher\Desktop\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Akamai


((((((((((((((((((((((((( Files Created from 2010-08-25 to 2010-09-25 )))))))))))))))))))))))))))))))
.

2010-09-25 19:13 . 2010-09-25 19:28 -------- d-----w- c:\users\Macher\AppData\Local\temp
2010-09-25 19:13 . 2010-09-25 19:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-25 19:13 . 2010-09-25 19:13 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-09-25 19:13 . 2010-09-25 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-25 19:13 . 2010-09-25 19:13 -------- d-----w- c:\users\Anna\AppData\Local\temp
2010-09-25 18:29 . 2010-09-25 18:49 -------- d-----w- C:\32788R22FWJFW
2010-09-24 15:21 . 2010-09-24 15:22 -------- d-----w- C:\rsit
2010-09-24 15:04 . 2010-09-24 15:21 -------- d-----w- c:\program files\trend micro
2010-09-22 14:18 . 2010-09-22 14:23 -------- d-----w- c:\program files\The KMPlayer
2010-09-15 11:42 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 11:42 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 11:37 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 11:29 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-11 21:52 . 2010-09-11 21:52 -------- d-----w- c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers
2010-09-11 21:49 . 2010-09-11 22:02 -------- d-----w- c:\program files\DVDVideoSoft
2010-09-11 21:27 . 2010-09-11 21:36 5 ----a-w- c:\windows\system32\SySatm.dat
2010-09-11 21:25 . 2010-09-11 21:25 -------- d-----w- c:\program files\Crystal Software
2010-09-11 21:10 . 2010-09-23 18:44 -------- d-----w- c:\users\Macher\AppData\Roaming\HCM Updater
2010-09-11 21:04 . 2008-04-17 13:42 872192 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-09-11 21:04 . 2008-04-17 13:42 100864 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-09-11 21:04 . 2008-04-17 13:42 101632 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-09-11 21:04 . 2008-04-17 13:42 103680 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2010-09-11 21:04 . 2008-04-17 13:42 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-09-11 20:56 . 2008-02-11 15:08 475136 ----a-w- c:\windows\system32\bmnet.dll
2010-09-11 20:56 . 2008-02-11 15:08 270336 ----a-w- c:\windows\system32\bminstall.dll
2010-09-11 20:56 . 2008-02-11 15:08 126976 ----a-w- c:\windows\system32\bmdumpd.bin
2010-09-11 20:56 . 2008-02-11 15:07 18816 ----a-w- c:\windows\system32\drivers\tcpipBM.sys
2010-09-11 20:56 . 2008-02-11 15:05 8464 ----a-w- c:\windows\system32\sporder.dll
2010-09-11 20:56 . 2008-02-11 15:05 719360 ----a-w- c:\windows\system32\bmutil.dll
2010-09-11 20:55 . 2010-09-11 20:55 -------- d-----w- c:\program files\T-Mobile
2010-09-06 15:13 . 2010-09-06 15:13 -------- d-----w- c:\program files\Common Files\Java
2010-09-04 14:31 . 2010-09-04 14:35 -------- d-----w- c:\users\Macher\AppData\Local\Nero
2010-09-03 18:05 . 2010-09-03 18:05 -------- d-----w- c:\program files\Conduit
2010-09-03 18:04 . 2010-09-03 18:05 -------- d-----w- c:\program files\Softonic-Eng7
2010-09-03 15:26 . 2010-09-03 15:26 -------- d-----w- c:\program files\iPod
2010-08-30 21:21 . 2010-08-30 21:22 -------- d-----w- c:\program files\QuickTime
2010-08-30 21:08 . 2010-08-30 21:09 -------- d-----w- c:\program files\Safari
2010-08-30 20:57 . 2010-09-03 16:57 -------- d-----w- c:\program files\iTunes
2010-08-27 15:19 . 2007-11-06 07:06 11568 ----a-w- c:\windows\system32\drivers\UimFIO.sys
2010-08-27 15:19 . 2007-11-06 07:06 32080 ----a-w- c:\windows\system32\drivers\UimBus.sys
2010-08-27 15:19 . 2007-11-06 07:06 131672 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
2010-08-27 15:15 . 2007-11-06 07:06 39472 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-08-27 15:15 . 2008-01-21 15:43 247560 ----a-w- c:\windows\system32\prgiso.dll
2010-08-27 15:15 . 2008-01-21 15:43 4244744 ----a-w- c:\windows\system32\qtp-mt334.dll
2010-08-27 15:15 . 2008-01-21 15:43 13576 ----a-w- c:\windows\system32\wnaspi32.dll
2010-08-27 15:12 . 2010-08-27 15:17 -------- d-----w- c:\program files\Paragon Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-25 19:30 . 2008-12-16 19:29 -------- d-----w- c:\users\Macher\AppData\Roaming\Skype
2010-09-25 19:29 . 2008-12-16 19:32 -------- d-----w- c:\users\Macher\AppData\Roaming\skypePM
2010-09-25 19:26 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\DNA
2010-09-25 19:17 . 2008-03-25 20:35 12 ----a-w- c:\windows\bthservsdp.dat
2010-09-25 18:37 . 2010-08-03 21:31 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-25 11:46 . 2009-01-28 18:22 40126 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-25 11:46 . 2009-01-28 18:22 111372 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-24 17:56 . 2008-04-25 15:15 -------- d-----w- c:\program files\Norton Security Scan
2010-09-24 10:38 . 2009-11-19 08:24 -------- d-----w- c:\users\Anna\AppData\Roaming\DNA
2010-09-24 09:59 . 2008-06-29 13:09 -------- d-----w- c:\program files\Steam
2010-09-23 15:55 . 2008-08-11 07:48 -------- d-----w- c:\program files\Common Files\Steam
2010-09-17 15:22 . 2007-07-24 12:03 -------- d-----w- c:\programdata\Microsoft Help
2010-09-17 14:22 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-14 14:28 . 2009-12-16 17:34 -------- d-----w- c:\programdata\Norton
2010-09-13 13:48 . 2010-01-14 15:58 -------- d-----w- c:\program files\Opera
2010-09-11 22:02 . 2009-01-18 21:28 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-09-11 21:41 . 2010-07-25 20:12 -------- d-----w- c:\users\Macher\AppData\Roaming\Vso
2010-09-06 15:11 . 2010-05-01 08:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-04 14:17 . 2010-07-28 18:47 -------- d-----w- c:\program files\Nero
2010-09-04 13:59 . 2008-03-25 15:26 -------- d-----w- c:\program files\Yahoo!
2010-09-04 13:57 . 2010-07-05 20:06 -------- d-----w- c:\program files\Nokia
2010-09-03 17:23 . 2009-01-16 15:51 -------- d-----w- c:\users\Macher\AppData\Roaming\BitTorrent
2010-09-03 16:43 . 2008-12-27 21:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-03 15:26 . 2008-12-24 10:43 -------- d-----w- c:\program files\Common Files\Apple
2010-09-03 13:24 . 2010-06-12 14:53 -------- d-----w- c:\program files\Flock
2010-08-31 19:19 . 2010-06-10 14:12 -------- d-----w- c:\program files\BitTorrent
2010-08-27 15:17 . 2007-07-24 11:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-26 11:49 . 2010-08-26 11:49 -------- d-----w- c:\users\Anna\AppData\Roaming\Nero
2010-08-26 11:49 . 2008-03-25 14:58 107080 ----a-w- c:\users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-16 18:53 . 2010-08-16 18:32 -------- d-----w- c:\users\Macher\AppData\Roaming\vlc
2010-08-16 18:29 . 2010-08-16 18:29 -------- d-----w- c:\program files\VideoLAN
2010-08-13 11:50 . 2010-08-13 11:50 -------- d-----w- c:\program files\Movie Maker 2.6
2010-08-13 09:08 . 2009-09-01 16:41 680 ----a-w- c:\users\Macher\AppData\Local\d3d9caps.dat
2010-07-29 21:26 . 2010-07-29 21:25 -------- d-----w- c:\program files\Java
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E8C.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E3D.tmp
2010-07-29 21:04 . 2010-07-29 21:04 0 ----a-w- c:\windows\system32\REN9E2D.tmp
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\program files\Common Files\Nero
2010-07-29 11:46 . 2010-05-16 12:48 -------- d-----w- c:\programdata\Nero
2010-07-28 19:11 . 2010-05-16 12:52 -------- d-----w- c:\users\Macher\AppData\Roaming\Nero
2010-07-28 18:17 . 2008-11-29 18:27 107080 ----a-w- c:\users\Macher\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-28 16:08 . 2010-07-28 16:08 -------- d-----w- c:\program files\ABCgames Cheater
2010-07-28 15:36 . 2008-06-27 13:05 -------- d-----w- c:\program files\EACOM
2010-07-28 15:36 . 2008-06-29 13:33 -------- d-----w- c:\program files\Electronic Arts
2010-07-28 15:35 . 2010-06-14 20:44 -------- d-----w- c:\program files\DVD Decrypter
2010-07-27 20:43 . 2010-07-27 20:43 180224 ----a-w- c:\windows\system32\WinVd32.sys
2010-07-27 20:42 . 2010-07-27 20:42 7680 ----a-w- c:\windows\system32\WinFLsrv.exe
2010-07-27 20:42 . 2010-07-27 20:42 -------- d-----w- c:\program files\Folder Lock 6
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-07-25 20:12 . 2010-07-25 20:12 47360 ----a-w- c:\users\Macher\AppData\Roaming\pcouffin.sys
2010-02-10 02:18 . 2010-07-12 15:21 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2008-03-26 06:27 . 2008-03-26 06:17 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\Macher\Program Files\DNA\btdna.exe" [2009-10-07 323392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-13 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Google Update"="c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-02 133104]
"Updater shortcut"="c:\program files\T-Mobile\web'n'walk Manager\WTGU.exe" [2008-06-19 857544]
"NortonUpdateAgent"="c:\programdata\Norton\NUA.exe" [2010-09-07 1819504]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1021224]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 858632]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-07-13 47904]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DataCardMonitor"="c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2010-09-11 253952]
"MRT"="c:\windows\system32\MRT.exe" [2010-09-17 35552200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9b2e1252ad2a7;Google Update Service (gupdate1c9b2e1252ad2a7);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 WisINT15;WisINT15;c:\elements\1stboot\WisINT15.SYS [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-04-24 717296]
S0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2007-11-06 39472]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090303.001\IDSvix86.sys [2008-09-12 270384]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005Core.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3098185099-927410527-4192695400-1005UA.job
- c:\users\Macher\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-02 17:05]

2010-09-24 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Anna.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-21 20:41]

2010-09-25 c:\windows\Tasks\User_Feed_Synchronization-{B30772A6-9845-4F37-B3EC-FF81B840CEAB}.job
- c:\windows\system32\msfeedssync.exe [2010-08-13 04:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280
uDefault_Search_URL = hxxp://search13.net/
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Macher\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DataCardMonitor = c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe?.WSH;.MSC?PROCESSOR_ARCHITECTUR?}?FI_???:??????IDENTIFIER=x86 Family 6 Model 22 Stepping 1, GenuineIntel?PROCESSOR_LEVEL=6?PROCESSOR_REVISION=1601?ProgramData=c:\programdata?programfiles=c:\P

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1524)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\windows\system32\igfxsrvc.exe
c:\users\Macher\AppData\Local\Temp\RtkBtMnt.exe
c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\WerCon.exe
c:\program files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
.
Completion time: 2010-09-25 21:47:00 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-25 19:46
ComboFix2.txt 2010-09-24 21:43
ComboFix3.txt 2010-09-24 19:14

Pre-Run: 18 746 060 800 bytes free
Post-Run: 18 613 682 176 bytes free

- - End Of File - - F1C4E986D88AE05C2452725A092CAE54

Log již vypadá čistý.

Dakujem za vas cas

A ak sa este mozem spytat, mohol tento problem nejako suvisiet s tym ze mi obcas prestane reagovat internet alebo windows prieskumnik a ine aplikacie a casto aj uplne zamrzne pocitac alebo je strasne pomaly. Doteraz som si myslel, ze to je plnym HDD alebo slabym procesorom ale teraz ma napadlo, ci to nahodou nebolo tymto.

S vypadáváním internetu to souviset může, se zamrzáním PC, nebo aplikací pravděpodobně ne. PC můžete zkusit vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .