VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2010-10-07 21:26:55
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 25 GB (32%) free of 76 GB
Total RAM: 1790 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:27:52, on 7. 10. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WeFi\WeFi.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Opera 10 Beta\opera.exe
C:\Users\Peter\AppData\Local\Opera\Opera 10 Beta\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Peter.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1010543460-352621153-4045495549-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'HypoUverSqlSvc')
O4 - HKUS\S-1-5-21-1010543460-352621153-4045495549-1004\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'HypoUverSqlSvc')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.53.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{521D3468-3DE6-47FF-B9FF-05DA50215B7A}: NameServer = 213.151.200.30 213.151.208.161
O17 - HKLM\System\CS1\Services\Tcpip\..\{521D3468-3DE6-47FF-B9FF-05DA50215B7A}: NameServer = 213.151.200.30 213.151.208.161
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - - (no file)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Session Launcher Service (FUSServices) - Unknown owner - C:\Windows\system32\FUSServices.exe
O23 - Service: Služba Google Update (gupdate1c9cfdecf607b6e) (gupdate1c9cfdecf607b6e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

--
End of file - 7805 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{80BFC650-AE24-41E1-A1E6-8845B3172C3D}.job
C:\Windows\tasks\WefiStartup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-09-16 2890592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-28 202256]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-09-15 2745696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll [2007-03-07 112304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2010-10-07 21:22:04 ----A---- C:\Windows\ntbtlog.txt
2010-10-06 10:33:43 ----HD---- C:\$AVG
2010-10-06 08:36:05 ----D---- C:\Users\Peter\AppData\Roaming\AVG10
2010-10-06 08:34:46 ----HD---- C:\ProgramData\Common Files
2010-10-06 08:32:10 ----D---- C:\Windows\system32\drivers\AVG
2010-10-06 08:32:10 ----D---- C:\ProgramData\AVG10
2010-10-06 08:31:16 ----D---- C:\Program Files\AVG
2010-10-06 08:20:03 ----D---- C:\ProgramData\MFAData
2010-09-26 20:13:52 ----D---- C:\ProgramData\Latshaw Systems
2010-09-26 20:13:17 ----D---- C:\Program Files\File Synchronizer
2010-09-22 11:21:54 ----D---- C:\Users\Peter\AppData\Roaming\MetaQuotes
2010-09-22 11:21:54 ----D---- C:\ProgramData\MetaQuotes
2010-09-22 11:21:40 ----D---- C:\Program Files\InstaTrader 5
2010-09-18 12:13:59 ----D---- C:\Program Files\Conduit
2010-09-18 12:13:58 ----D---- C:\Program Files\Zynga
2010-09-13 16:27:40 ----A---- C:\Windows\system32\drivers\AVGIDSEH.sys

======List of files/folders modified in the last 1 months======

2010-10-07 21:27:19 ----D---- C:\Windows\Prefetch
2010-10-07 21:27:12 ----D---- C:\Windows\temp
2010-10-07 21:27:11 ----D---- C:\Program Files\trend micro
2010-10-07 21:23:12 ----D---- C:\ProgramData\WeFi
2010-10-07 21:22:57 ----D---- C:\Windows\System32
2010-10-07 21:22:27 ----D---- C:\Windows\system32\LogFiles
2010-10-07 21:22:04 ----D---- C:\Windows
2010-10-07 21:06:25 ----D---- C:\Windows\inf
2010-10-07 21:06:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-07 15:36:25 ----D---- C:\Projection
2010-10-07 12:44:14 ----SHD---- C:\System Volume Information
2010-10-07 08:06:10 ----A---- C:\Windows\system32\acovcnt.exe
2010-10-07 08:01:21 ----D---- C:\Windows\system32\catroot2
2010-10-06 08:36:14 ----SHD---- C:\Windows\Installer
2010-10-06 08:34:46 ----D---- C:\ProgramData
2010-10-06 08:33:56 ----D---- C:\Windows\system32\drivers
2010-10-06 08:32:53 ----D---- C:\Windows\system32\catroot
2010-10-06 08:31:16 ----RD---- C:\Program Files
2010-10-06 08:19:42 ----D---- C:\ProgramData\Alwil Software
2010-10-04 10:25:37 ----D---- C:\Users\Peter\AppData\Roaming\Skype
2010-10-04 08:10:50 ----D---- C:\Users\Peter\AppData\Roaming\skypePM
2010-10-02 16:35:56 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-10-02 16:35:55 ----D---- C:\Windows\Minidump
2010-10-02 14:31:25 ----D---- C:\Program Files\Google
2010-09-26 20:06:01 ----D---- C:\Program Files\Siber Systems
2010-09-26 19:54:24 ----D---- C:\Users\Peter\AppData\Roaming\GoodSync
2010-09-22 10:26:31 ----D---- C:\Program Files\Opera 10 Beta
2010-09-22 10:14:28 ----D---- C:\Program Files\Wustenrot
2010-09-20 08:22:34 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-04-30 721904]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-09-07 298448]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-04 281760]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-24 133512]
R2 enodpl;enodpl; C:\Windows\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-04 25888]
R2 tandpl;tandpl; C:\Windows\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
R3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-12 2159384]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-22 105576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-04-01 1807744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-17 190512]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 ay0n4b4y;ay0n4b4y; C:\Windows\system32\drivers\ay0n4b4y.sys []
S3 catchme;catchme; \??\C:\Users\Peter\AppData\Local\Temp\catchme.sys []
S3 cpuz130;cpuz130; \??\C:\Users\Peter\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-09-17 27672]
S3 esihdrv;esihdrv; \??\C:\Users\Peter\AppData\Local\Temp\esihdrv.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 XMLDIUSB;XML USB Device Interface; C:\Windows\System32\Drivers\XMLDIUSB.sys [2008-01-16 33152]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG10\avgfws.exe [2010-09-10 3210176]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-09-03 6104144]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400]
R2 FUSServices;Session Launcher Service; C:\Windows\system32\FUSServices.exe [2008-08-27 10752]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MSSQL$CSOB;SQL Server (CSOB); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-04-29 75064]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WindowBlinds;Stardock WindowBlinds; C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe [2007-06-18 226992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 WefiEngSvc;WeFi Engine Service; C:\Program Files\WeFi\WefiEngSvc.exe [2010-02-24 133976]
S2 gupdate1c9cfdecf607b6e;Služba Google Update (gupdate1c9cfdecf607b6e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-08 133104]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4770

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

7. 10. 2010 23:30:49
mbam-log-2010-10-07 (23-30-49).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 163253
Uplynulý čas: 10 min, 21 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Log je OK. Vyčistěte PC CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a zkuste obnovu systému k datu, kdy korektně fungoval.

Podľa mňa je zavírený. Keď pripojím externý disk, tak mám na ňom skryté súbory s ikonkou koša. Manuálne ich vymažem a hneď sú späť. Takže to ide jedine z PC

Keď sa dorobí hĺbkový scan z antimalvare, tak ho sem hodím.

OK. Případně ještě použijte ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4770

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

9. 10. 2010 11:47:32
mbam-log-2010-10-09 (11-47-32).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 319897
Uplynulý čas: 1 hod, 38 min, 59 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Toto není log z ComboFix, nýbrž z MBAM.

Áno ja viem, sľúbil som hĺbkový scan z MBAM a toto je scan z ComboFix

ComboFix 10-10-08.01 - Peter . 10. 2010 13:26:24.8.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.1790.941 [GMT 2:00]
Running from: C:\Users\Peter\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\TestBrowser.html
C:\Users\Peter\AppData\Roaming\PnkBstrB.exe
C:\Windows\system32\AutoRun.inf

.
((((((((((((((((((((((((( Files Created from 2010-09-09 to 2010-10-09 )))))))))))))))))))))))))))))))
.

2010-10-09 11:34:37 . 2010-10-09 11:34:37 -------- d-----w- C:\Users\Public\AppData\Local\temp
2010-10-09 11:34:37 . 2010-10-09 11:34:37 -------- d-----w- C:\Users\HypoUverSqlSvc\AppData\Local\temp
2010-10-09 11:34:37 . 2010-10-09 11:34:37 -------- d-----w- C:\Users\Default\AppData\Local\temp
2010-10-09 11:34:37 . 2010-10-09 11:34:37 -------- d-----w- C:\Users\Big Lebowski\AppData\Local\temp
2010-10-09 11:23:58 . 2010-10-09 11:24:36 -------- d-----w- C:\32788R22FWJFW
2010-10-07 20:11:26 . 2010-04-29 13:39:38 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-10-07 20:11:25 . 2010-04-29 13:39:26 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys
2010-10-07 20:11:24 . 2010-10-07 20:11:34 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-06 08:33:43 . 2010-10-06 08:33:43 -------- d-----w- C:\$AVG
2010-10-06 06:36:05 . 2010-10-06 06:36:05 -------- d-----w- C:\Users\Peter\AppData\Roaming\AVG10
2010-10-06 06:34:46 . 2010-10-06 06:34:46 -------- d--h--w- C:\ProgramData\Common Files
2010-10-06 06:32:10 . 2010-10-09 07:54:54 -------- d-----w- C:\Windows\system32\drivers\AVG
2010-10-06 06:32:10 . 2010-10-06 06:35:32 -------- d-----w- C:\ProgramData\AVG10
2010-10-06 06:31:16 . 2010-10-06 06:31:16 -------- d-----w- C:\Program Files\AVG
2010-10-06 06:20:03 . 2010-10-06 06:31:29 -------- d-----w- C:\ProgramData\MFAData
2010-09-26 18:14:04 . 2010-09-26 18:14:04 -------- d-----w- C:\Users\Peter\AppData\Local\Latshaw_Systems
2010-09-26 18:13:52 . 2010-09-26 18:13:52 -------- d-----w- C:\ProgramData\Latshaw Systems
2010-09-26 18:13:17 . 2010-09-26 18:13:18 -------- d-----w- C:\Program Files\File Synchronizer
2010-09-24 10:47:23 . 2010-09-24 10:47:42 -------- d-----w- C:\Users\Big Lebowski\AppData\Roaming\HP
2010-09-22 09:21:54 . 2010-09-22 09:21:54 -------- d-----w- C:\Users\Peter\AppData\Roaming\MetaQuotes
2010-09-22 09:21:54 . 2010-09-22 09:21:54 -------- d-----w- C:\ProgramData\MetaQuotes
2010-09-22 09:21:40 . 2010-09-22 14:00:04 -------- d-----w- C:\Program Files\InstaTrader 5
2010-09-21 18:37:40 . 2010-09-21 18:37:40 932288 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\23883\AdobeARM.exe
2010-09-21 18:37:40 . 2010-09-21 18:37:40 932288 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\16745\AdobeARM.exe
2010-09-21 18:37:40 . 2010-09-21 18:37:40 70584 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\23883\AdobeExtractFiles.dll
2010-09-21 18:37:40 . 2010-09-21 18:37:40 70584 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\16745\AdobeExtractFiles.dll
2010-09-21 18:37:40 . 2010-09-21 18:37:40 338856 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\23883\ReaderUpdater.exe
2010-09-21 18:37:40 . 2010-09-21 18:37:40 338856 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\23883\AcrobatUpdater.exe
2010-09-21 18:37:40 . 2010-09-21 18:37:40 338856 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\16745\ReaderUpdater.exe
2010-09-21 18:37:40 . 2010-09-21 18:37:40 338856 ----a-w- C:\ProgramData\Adobe\Reader\9.3\ARM\16745\AcrobatUpdater.exe
2010-09-18 10:13:59 . 2010-09-18 10:13:59 -------- d-----w- C:\Program Files\Conduit
2010-09-18 10:13:58 . 2010-09-18 10:13:59 -------- d-----w- C:\Program Files\Zynga
2010-09-13 14:27:40 . 2010-09-13 14:27:40 25680 ----a-w- C:\Windows\system32\drivers\AVGIDSEH.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-09 11:17:30 . 2009-04-29 15:56:09 136873 ----a-w- C:\ProgramData\nvModes.dat
2010-10-09 11:16:27 . 2009-02-24 03:11:26 45056 ----a-w- C:\Windows\system32\acovcnt.exe
2010-10-09 10:33:00 . 2010-04-19 12:47:34 -------- d-----w- C:\ProgramData\WeFi
2010-10-07 19:27:11 . 2009-10-16 05:11:28 -------- d-----w- C:\Program Files\trend micro
2010-10-06 06:32:53 . 2006-11-02 10:25:05 51200 ----a-w- C:\Windows\Inf\infpub.dat
2010-10-06 06:32:53 . 2006-11-02 10:25:05 143360 ----a-w- C:\Windows\Inf\infstrng.dat
2010-10-06 06:32:52 . 2006-11-02 10:25:05 86016 ----a-w- C:\Windows\Inf\infstor.dat
2010-10-06 06:19:42 . 2010-09-06 05:45:21 -------- d-----w- C:\ProgramData\Alwil Software
2010-10-04 08:25:37 . 2010-02-18 16:16:16 -------- d-----w- C:\Users\Peter\AppData\Roaming\Skype
2010-10-04 06:10:50 . 2010-02-18 16:18:54 -------- d-----w- C:\Users\Peter\AppData\Roaming\skypePM
2010-10-02 14:35:56 . 2010-03-17 07:10:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2010-10-02 12:31:25 . 2009-04-30 13:21:11 -------- d-----w- C:\Program Files\Google
2010-09-26 18:06:01 . 2010-07-21 16:06:18 -------- d-----w- C:\Program Files\Siber Systems
2010-09-26 17:54:24 . 2010-07-21 16:06:25 -------- d-----w- C:\Users\Peter\AppData\Roaming\GoodSync
2010-09-22 08:26:31 . 2009-08-04 09:53:22 -------- d-----w- C:\Program Files\Opera 10 Beta
2010-09-22 08:14:28 . 2010-08-27 06:29:35 -------- d-----w- C:\Program Files\Wustenrot
2010-09-20 06:22:34 . 2009-04-29 19:54:41 -------- d-----w- C:\Program Files\CCleaner
2010-09-11 21:58:13 . 2010-08-06 16:42:36 680 ----a-w- C:\Users\Peter\AppData\Local\d3d9caps.dat
2010-09-07 01:49:00 . 2010-09-07 01:49:00 298448 ----a-w- C:\Windows\system32\drivers\avgtdix.sys
2010-09-07 01:48:56 . 2010-09-07 01:48:56 34384 ----a-w- C:\Windows\system32\drivers\avgmfx86.sys
2010-09-07 01:48:54 . 2010-09-07 01:48:54 249424 ----a-w- C:\Windows\system32\drivers\avgldx86.sys
2010-09-07 01:48:50 . 2010-09-07 01:48:50 26064 ----a-w- C:\Windows\system32\drivers\avgrkx86.sys
2010-09-06 05:45:21 . 2010-09-06 05:45:21 -------- d-----w- C:\Program Files\Alwil Software
2010-09-06 05:24:28 . 2009-11-25 15:36:29 -------- d-----w- C:\Program Files\Common Files\Java
2010-09-06 05:23:55 . 2009-11-25 15:36:31 -------- d-----w- C:\Program Files\Java
2010-09-04 20:16:42 . 2009-02-24 00:57:10 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2010-09-04 16:56:49 . 2010-09-04 16:39:06 -------- d-----w- C:\Users\Peter\AppData\Roaming\Prison Break
2010-09-04 16:52:13 . 2010-09-04 16:52:13 281760 ----a-w- C:\Windows\system32\drivers\atksgt.sys
2010-09-04 16:52:12 . 2010-09-04 16:52:12 25888 ----a-w- C:\Windows\system32\drivers\lirsgt.sys
2010-09-04 16:52:03 . 2010-06-14 22:01:38 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2010-09-04 16:51:40 . 2010-06-14 22:02:23 -------- d-----w- C:\Program Files\AGEIA Technologies
2010-09-03 20:04:39 . 2010-09-03 20:04:29 -------- d-----w- C:\Program Files\AC3Filter
2010-08-22 11:44:42 . 2010-08-22 11:44:42 -------- d-----w- C:\Users\Peter\AppData\Roaming\Petroglyph
2010-08-19 19:42:38 . 2010-08-19 19:42:38 27216 ----a-w- C:\Windows\system32\drivers\AVGIDSShim.sys
2010-08-19 19:42:38 . 2010-08-19 19:42:38 123472 ----a-w- C:\Windows\system32\drivers\AVGIDSDriver.sys
2010-08-19 19:42:36 . 2010-08-19 19:42:36 30288 ----a-w- C:\Windows\system32\drivers\AVGIDSFilter.sys
2010-08-17 15:56:04 . 2010-03-09 07:25:39 -------- d-----w- C:\Users\Peter\AppData\Roaming\BitTorrent
2010-08-17 07:33:49 . 2009-02-24 03:11:41 -------- d-----w- C:\ProgramData\NVIDIA
2010-08-17 07:22:57 . 2010-08-17 07:16:43 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-08-17 07:20:09 . 2010-08-17 07:20:09 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2010-08-14 20:05:25 . 2010-08-14 18:26:57 -------- d-----w- C:\Program Files\Csob
2010-08-14 19:04:41 . 2010-08-13 19:22:50 444952 ----a-w- C:\Windows\system32\wrap_oal.dll
2010-08-14 19:04:41 . 2010-08-13 19:22:49 109080 ----a-w- C:\Windows\system32\OpenAL32.dll
2010-08-14 18:39:38 . 2010-08-14 18:39:38 -------- d-----w- C:\Users\Peter\AppData\Roaming\CSOB
2010-08-14 18:27:05 . 2010-08-14 18:13:18 -------- d-----w- C:\Program Files\Microsoft SQL Server
2010-08-14 18:16:56 . 2009-04-29 17:48:10 -------- d-----w- C:\Program Files\Microsoft.NET
2010-08-13 19:22:51 . 2010-08-13 19:22:51 -------- d-----w- C:\Program Files\OpenAL
2010-07-18 00:35:35 . 2010-04-23 07:25:15 145869 ----a-w- C:\Windows\hpoins21.dat
2010-07-17 03:00:04 . 2010-09-06 05:23:59 423656 ----a-w- C:\Windows\system32\deployJava1.dll
2010-07-12 02:34:02 . 2010-07-12 02:34:02 54112 ----a-w- C:\Windows\system32\drivers\avgfwd6x.sys
2009-11-09 19:46:51 . 2009-11-04 19:03:25 49903648 --sha-w- C:\Windows\System32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 15:07:20 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-03-28 17:48:06 202256]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 02:04:47 35760]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 08:06:33 976832]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 19:34:40 49152]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 09:44:46 248552]
"AVG_TRAY"="C:\Program Files\AVG\AVG10\avgtray.exe" [2010-09-15 03:29:10 2745696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2007-03-07 09:08:58 112304 ----a-w- C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync\0C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

R2 avgfws;AVG Firewall;C:\Program Files\AVG\AVG10\avgfws.exe [2010-09-09 23:45:18 3210176]
R2 FUSServices;Session Launcher Service;C:\Windows\system32\FUSServices.exe [2008-08-27 01:53:06 10752]
R2 gupdate1c9cfdecf607b6e;Služba Google Update (gupdate1c9cfdecf607b6e);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-08 13:13:19 133104]
R2 SBSDWSCService;SBSD Security Center Service; [x]
R3 cpuz130;cpuz130;C:\Users\Peter\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 esihdrv;esihdrv;C:\Users\Peter\AppData\Local\Temp\esihdrv.sys [x]
R3 WefiEngSvc;WeFi Engine Service;C:\Program Files\WeFi\WefiEngSvc.exe [2010-02-24 12:08:26 133976]
R3 XMLDIUSB;XML USB Device Interface;C:\Windows\system32\Drivers\XMLDIUSB.sys [2008-01-16 21:47:06 33152]
R4 sptd;sptd;C:\Windows\system32\Drivers\sptd.sys [2009-04-30 18:33:09 721904]
S0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 14:27:40 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 01:48:50 26064]
S1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 02:34:02 54112]
S1 Avgldx86;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 01:48:54 249424]
S1 Avgtdix;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdix.sys [2010-09-07 01:49:00 298448]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-09-03 08:35:50 6104144]
S2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-09-09 23:45:22 265400]
S2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-24 18:23:54 133512]
S2 MSSQL$CSOB;SQL Server (CSOB);C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 15:29:54 29178224]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 19:42:38 123472]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 19:42:36 30288]
S3 AVGIDSShim;AVGIDSShim;C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 19:42:38 27216]
S3 CRFILTER;USB Mass Storage Filter;C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 06:00:45 6656]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 22:07:37 105576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 18:14:42 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-10-09 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-08 13:13:40 . 2009-05-08 13:13:19]

2010-10-09 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-08 13:13:40 . 2009-05-08 13:13:19]

2010-10-09 C:\Windows\Tasks\User_Feed_Synchronization-{80BFC650-AE24-41E1-A1E6-8845B3172C3D}.job
- C:\Windows\system32\msfeedssync.exe [2010-06-22 06:58:09 . 2010-05-04 04:30:19]

2010-10-09 C:\Windows\Tasks\WefiStartup.job
- C:\Program Files\WeFi\WefiStartup.exe [2010-02-24 12:08:38 . 2010-02-24 12:08:38]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: C:\Windows\system32\wpclsp.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/update ... 0.53.0.cab
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)

MBAM nic nenašel, zatoi CF smazal 3 položky. Nastala nějaká změna?

Windows funguje teraz dobre asi skúsím aktuálizáciu windowsu.

Na externom disku už nie su vírusy.

Mám ešte otázku. Aký intivirusový program je podľa Vás ten najideálnejší?
Vidím, že ESET už stráca prvotné priečky vo virus buletinu a do popredia ide AVG, AVAST a pod.

Z tech free bych dopručil bud Avast, nebo Aviru. Z placených Kaspersky, Norton a ani Eset není špatný.

Posledná otázka čo mám napísať do príklazového riadka aby sa odinštalova combofix?

combofix /uninstall

VIRY.CZ

Spomalenie systému a padanie windows

Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows

Re: Spomalenie systému a padanie windows