VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Peto at 2010-11-18 16:03:24
Microsoft Windows 7 Ultimate
System drive C: has 24 GB (47%) free of 51 GB
Total RAM: 3069 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:26, on 18. 11. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Opera\opera.exe
C:\wamp\wampmanager.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\!rsit\RSIT.exe
C:\Program Files\trend micro\Peto.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 5145 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-07-31 1115728]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-31 8092192]
"avast!"=C:\Program Files\Avast4\ashDisp.exe [2009-11-24 81000]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"NVIDIA driver monitor"=C:\Users\Public\nvsvc32.exe []
"Steam"=C:\Program Files\Steam\Steam.exe [2010-11-18 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-11-15 15:38:55 ----D---- C:\Program Files\Steam
2010-11-15 15:38:55 ----D---- C:\Program Files\Common Files\Steam
2010-11-15 15:26:41 ----D---- C:\Users\Peto\AppData\Roaming\Tunngle
2010-11-15 15:26:41 ----D---- C:\ProgramData\Tunngle
2010-11-15 15:26:33 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2010-11-15 15:26:31 ----D---- C:\Program Files\Tunngle
2010-11-14 12:05:36 ----D---- C:\!jaro
2010-11-01 22:17:00 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 22:17:00 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-01 22:17:00 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-01 22:17:00 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-01 22:16:59 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-01 22:16:59 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-01 22:16:59 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-01 22:16:59 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-11-01 22:16:58 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-01 22:16:58 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 22:16:58 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-01 22:16:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-11-01 22:16:57 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-01 22:16:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-01 22:16:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-01 22:16:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-01 22:16:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-01 22:16:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-01 22:16:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-01 22:16:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-01 22:16:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-01 22:16:55 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-01 22:16:54 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-01 22:16:53 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-01 22:16:52 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-01 22:16:51 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-01 22:16:51 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-01 22:16:51 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-01 22:16:51 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-01 22:16:51 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-01 22:16:50 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-01 22:16:50 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-01 22:16:50 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-01 22:16:50 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-01 22:16:50 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-01 22:16:49 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-01 22:16:48 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-01 22:16:47 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-01 22:16:41 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-01 22:16:40 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-01 22:16:40 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-01 22:16:40 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-01 22:16:40 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-01 22:16:39 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-01 22:16:39 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-01 22:16:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-01 22:16:38 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-01 12:43:49 ----D---- C:\Users\Peto\AppData\Roaming\IrfanView
2010-11-01 12:43:48 ----D---- C:\Program Files\IrfanView
2010-10-31 13:39:54 ----D---- C:\Users\Peto\AppData\Roaming\Malwarebytes
2010-10-31 13:39:44 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-10-31 13:39:43 ----D---- C:\ProgramData\Malwarebytes
2010-10-31 13:39:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-31 13:39:43 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-10-29 17:24:20 ----D---- C:\Program Files\trend micro
2010-10-29 17:24:19 ----D---- C:\rsit
2010-10-29 17:23:40 ----D---- C:\Program Files\!rsit
2010-10-27 19:00:33 ----D---- C:\Program Files\Adobe Reader 9.0
2010-10-23 17:49:09 ----D---- C:\Program Files\Solid Edge V20
2010-10-22 21:27:52 ----D---- C:\Windows\system32\custom matrices
2010-10-22 21:27:49 ----D---- C:\Windows\system32\QuickTime
2010-10-22 21:27:49 ----D---- C:\Windows\system32\C2MP
2010-10-19 19:08:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-10-19 19:04:23 ----D---- C:\Program Files\Adobe Media Player
2010-10-19 19:02:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-10-19 19:02:56 ----D---- C:\Program Files\Adobe

======List of files/folders modified in the last 1 months======

2010-11-18 16:03:25 ----D---- C:\Windows\Temp
2010-11-18 16:03:08 ----D---- C:\Windows\Prefetch
2010-11-15 18:18:37 ----D---- C:\Windows\System32
2010-11-15 18:18:37 ----D---- C:\Windows\inf
2010-11-15 18:18:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-15 18:12:52 ----D---- C:\Windows\system32\drivers
2010-11-15 15:45:44 ----D---- C:\Windows\system32\Tasks
2010-11-15 15:38:57 ----SHD---- C:\Windows\Installer
2010-11-15 15:38:55 ----RD---- C:\Program Files
2010-11-15 15:38:55 ----D---- C:\Program Files\Common Files
2010-11-15 15:31:02 ----HD---- C:\ProgramData
2010-11-15 15:26:50 ----D---- C:\Windows\system32\catroot
2010-11-15 15:26:49 ----D---- C:\Windows\system32\DriverStore
2010-11-15 15:26:33 ----RSD---- C:\Windows\Fonts
2010-11-12 10:54:51 ----D---- C:\Windows\system32\NDF
2010-11-11 20:16:53 ----D---- C:\Windows\system32\wdi
2010-11-09 14:07:19 ----D---- C:\Users\Peto\AppData\Roaming\PSpad
2010-11-09 12:39:07 ----D---- C:\Windows\Logs
2010-11-01 22:17:22 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-01 22:16:47 ----RSD---- C:\Windows\assembly
2010-11-01 12:15:45 ----SHD---- C:\System Volume Information
2010-11-01 12:13:38 ----D---- C:\Users\Peto\AppData\Roaming\Adobe
2010-10-28 14:07:22 ----D---- C:\ProgramData\Adobe
2010-10-27 19:00:36 ----D---- C:\Program Files\Common Files\Adobe
2010-10-23 17:27:53 ----HD---- C:\Windows\system32\GroupPolicy
2010-10-19 20:04:16 ----D---- C:\Users\Peto\AppData\Roaming\uTorrent
2010-10-19 19:14:12 ----D---- C:\Windows\system32\config
2010-10-19 19:04:00 ----D---- C:\Windows\winsxs
2010-10-19 17:39:26 ----D---- C:\Program Files\uTorrent
2010-10-19 12:19:22 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-02 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-24 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2010-07-31 21000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-31 2807392]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-08-23 48640]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a7u3fdbx;a7u3fdbx; C:\Windows\system32\drivers\a7u3fdbx.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast4\ashServ.exe [2009-11-24 138680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-15 403240]
R3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
R3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-27 85096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-31 1343400]

-----------------EOF-----------------

Hezké dopoledne

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 5005

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24. 11. 2010 18:27:45
mbam-log-2010-11-24 (18-27-45).txt

Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 245569
Uplynulý čas: 39 min, 45 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Dakujem

Poprosím o nový log ze Rsitu. Spouštěl jste nějaký skener?

okrem MBAM som nic nespustal, ale pravidelne do pc pcham zavirene USB zo skoly, kde na tych XPckach nie su ani service packy, tak som sa chcel uistit ze zabezpecenie pc je voci tomuto obranyschopne, nech sa paci novy log, este raz dakujem za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Peto at 2010-12-04 12:05:42
Microsoft Windows 7 Ultimate
System drive C: has 24 GB (47%) free of 51 GB
Total RAM: 3069 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:06:11, on 4. 12. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\PSPad\PSPad.exe
C:\wamp\wampmanager.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\!rsit\RSIT.exe
C:\Program Files\trend micro\Peto.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.42:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{50A8BB01-8D74-4B6A-B620-1522485C3782}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 5376 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-07-31 1115728]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-31 8092192]
"avast!"=C:\Program Files\Avast4\ashDisp.exe [2009-11-24 81000]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"NVIDIA driver monitor"=C:\Users\Public\nvsvc32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2010-11-18 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-11-25 20:45:01 ----D---- C:\Program Files\Common Files\SWF Studio
2010-11-25 20:41:51 ----D---- C:\Windows\system32\URTTEMP
2010-11-25 20:40:43 ----A---- C:\Windows\SimNetPC_LOG.txt
2010-11-25 20:40:28 ----A---- C:\Windows\S7IEPG_LOG.TXT
2010-11-25 20:39:58 ----A---- C:\Windows\system32\s7esetdx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\s7wcaotx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\S7OTBLEX.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\S7OINTFX.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\s7erwlcx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\MelbReg.dll
2010-11-25 20:39:18 ----A---- C:\Windows\S7IVILOG.TXT
2010-11-25 20:39:17 ----A---- C:\Windows\IsUninst.exe
2010-11-25 20:35:42 ----A---- C:\Windows\S7SDD_LOG.TXT
2010-11-25 20:35:25 ----A---- C:\Windows\Microwin.ini
2010-11-25 20:35:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-15 15:38:55 ----D---- C:\Program Files\Steam
2010-11-15 15:38:55 ----D---- C:\Program Files\Common Files\Steam
2010-11-15 15:26:41 ----D---- C:\Users\Peto\AppData\Roaming\Tunngle
2010-11-15 15:26:41 ----D---- C:\ProgramData\Tunngle
2010-11-15 15:26:33 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2010-11-15 15:26:31 ----D---- C:\Program Files\Tunngle
2010-11-14 12:05:36 ----D---- C:\!jaro

======List of files/folders modified in the last 1 months======

2010-12-04 12:06:11 ----D---- C:\Windows\Prefetch
2010-12-04 12:06:04 ----D---- C:\Windows\Temp
2010-12-04 12:06:04 ----D---- C:\Program Files\trend micro
2010-12-01 11:58:06 ----D---- C:\Windows\system32\NDF
2010-11-30 22:06:29 ----D---- C:\Windows\System32
2010-11-30 22:06:29 ----D---- C:\Windows\inf
2010-11-30 22:06:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-30 13:18:19 ----D---- C:\Windows\system32\Tasks
2010-11-25 21:17:55 ----SHD---- C:\System Volume Information
2010-11-25 20:59:31 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-25 20:59:30 ----D---- C:\Windows
2010-11-25 20:59:25 ----SHD---- C:\Windows\Installer
2010-11-25 20:59:24 ----D---- C:\Program Files\Common Files
2010-11-25 20:59:17 ----D---- C:\Windows\system32\drivers
2010-11-25 20:58:59 ----RD---- C:\Program Files
2010-11-25 20:58:42 ----RSD---- C:\Windows\Fonts
2010-11-25 20:58:30 ----SD---- C:\Users\Peto\AppData\Roaming\Microsoft
2010-11-25 20:50:59 ----HD---- C:\ProgramData
2010-11-25 20:42:35 ----D---- C:\Windows\Registration
2010-11-25 20:42:26 ----RSD---- C:\Windows\assembly
2010-11-25 20:41:51 ----D---- C:\Program Files\Internet Explorer
2010-11-25 20:40:44 ----D---- C:\Windows\system32\DriverStore
2010-11-25 20:40:44 ----D---- C:\Windows\system32\catroot
2010-11-25 20:39:58 ----D---- C:\Windows\Setup
2010-11-24 16:46:57 ----D---- C:\Users\Peto\AppData\Roaming\uTorrent
2010-11-11 20:16:53 ----D---- C:\Windows\system32\wdi
2010-11-09 14:07:19 ----D---- C:\Users\Peto\AppData\Roaming\PSpad
2010-11-09 12:39:07 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-02 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-24 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
R2 s7otranx;s7otranx; C:\Windows\System32\Drivers\s7otranx.sys [2005-06-23 494135]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2010-07-31 21000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-31 2807392]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-08-23 48640]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 S7oppilx;Siemens PC/PPI Cable; C:\Windows\System32\Drivers\S7oppilx.sys [2005-06-23 133688]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ampr58sf;ampr58sf; C:\Windows\system32\drivers\ampr58sf.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 s7oppitx;s7oppitx; C:\Windows\System32\Drivers\S7oppitx.sys [2005-06-23 76343]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast4\ashServ.exe [2009-11-24 138680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
R3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-27 85096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-15 403240]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-31 1343400]

-----------------EOF-----------------

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

nech sa paci, log z CF:

ComboFix 10-12-22.05 - Peto . 12. 2010 15:03:53.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3069.2281 [GMT 1:00]
Running from: c:\users\Peto\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-11-23 to 2010-12-23 )))))))))))))))))))))))))))))))
.

2010-12-23 14:09 . 2010-12-23 14:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-22 09:36 . 2010-12-22 09:36 -------- d-----w- c:\program files\Universal Extractor
2010-12-21 20:06 . 2010-12-21 20:06 -------- d-----w- c:\program files\ConduitEngine
2010-12-21 20:06 . 2010-12-21 20:06 -------- d-----w- c:\program files\uTorrentBar
2010-12-17 08:06 . 2010-12-17 08:09 -------- d-----w- c:\program files\AutoCAD 2009
2010-12-13 20:03 . 2010-12-13 20:06 -------- d-----w- c:\users\Peto\AppData\Roaming\Winamp
2010-12-13 19:56 . 2010-12-13 20:06 -------- d-----w- c:\program files\Winamp Detect
2010-12-13 18:32 . 2010-12-13 18:32 99850 ----a-w- C:\cc_20101213_193243.reg
2010-12-13 18:31 . 2010-12-13 18:31 -------- d-----w- c:\program files\CCleaner
2010-12-13 18:28 . 2010-12-13 18:32 -------- d-----w- c:\users\Peto\AppData\Roaming\Media Player Classic
2010-12-13 18:26 . 2010-12-13 18:26 -------- d-----w- c:\users\Peto\AppData\Roaming\DivX
2010-12-13 18:25 . 2010-12-13 18:25 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-12-13 17:32 . 2010-12-13 18:14 -------- d-----w- c:\program files\Real
2010-12-08 20:26 . 2010-12-08 20:46 -------- d-----w- c:\users\Peto\AppData\Roaming\TeamViewer
2010-12-08 09:07 . 2010-12-08 09:07 -------- d-----w- c:\users\Peto\AppData\Roaming\OpenOffice.org
2010-12-08 09:03 . 2010-12-08 09:03 -------- d-----w- c:\program files\OpenOffice.org 3
2010-12-04 14:18 . 2010-12-04 14:18 -------- d-----w- c:\users\Peto\AppData\Local\Mozilla
2010-11-25 19:45 . 2010-11-25 19:45 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-11-25 19:42 . 2010-11-25 19:58 -------- d-----w- c:\users\Peto\AppData\Local\ApplicationHistory
2010-11-25 19:41 . 2010-11-25 19:41 -------- d-----w- c:\windows\system32\URTTEMP
2010-11-25 19:39 . 2001-08-10 09:05 217088 ----a-w- c:\windows\system32\s7esetdx.dll
2010-11-25 19:39 . 2002-08-28 11:26 495669 ----a-w- c:\windows\system32\S7OINTFX.dll
2010-11-25 19:39 . 2002-08-28 11:22 69685 ----a-w- c:\windows\system32\S7OTBLEX.dll
2010-11-25 19:39 . 2002-08-28 11:20 110645 ----a-w- c:\windows\system32\s7wcaotx.dll
2010-11-25 19:39 . 2000-02-10 13:12 40960 ----a-w- c:\windows\system32\MelbReg.dll
2010-11-25 19:39 . 1999-11-05 13:27 33280 ----a-w- c:\windows\system32\s7erwlcx.dll
2010-11-25 19:39 . 1998-10-29 16:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-11-25 19:35 . 2010-11-25 19:58 -------- d--h--w- c:\program files\InstallShield Installation Information

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 12:57 . 2010-09-29 12:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-09-29 12:56 . 2010-09-29 12:56 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.

------- Sigcheck -------

[-] 2010-08-31 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-11-29 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-07-31 1115728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-31 8092192]
"avast!"="c:\program files\Avast4\ashDisp.exe" [2009-11-24 81000]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-18 14:56 1242448 ----a-w- c:\program files\Steam\Steam.exe

R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-31 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSP;avast! Self Protection; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]

.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = 172.16.0.42:8080
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {50A8BB01-8D74-4B6A-B620-1522485C3782} = 192.168.1.1
FF - ProfilePath - c:\users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\6g5my5y2.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Flash Video Downloader - Youtube Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-AdobeBridge - (no file)

.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-12-23 15:11:31
ComboFix-quarantined-files.txt 2010-12-23 14:11

Pre-Run: 24 131 837 952 bytes free
Post-Run: 24 103 325 696 bytes free

- - End Of File - - DA6078A576A1AFF8D968CC2970F56C87

Jak to ted vypadá s počítačem?

nezaznamenavam ziadne problemy, dakujem za pomoc

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

ako som uz povedaal, nezaznamenavam nijake problemy, cistice som spustil, dakujem za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Peto at 2010-12-23 22:13:57
Microsoft Windows 7 Ultimate
System drive C: has 23 GB (44%) free of 51 GB
Total RAM: 3069 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:41, on 23. 12. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PSPad\PSPad.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\!rsit\RSIT.exe
C:\Program Files\trend micro\Peto.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.42:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O1 - Hosts: 127.0.0.2 plogger.localhost
O1 - Hosts: 127.0.0.3 riesenia.localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{50A8BB01-8D74-4B6A-B620-1522485C3782}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 5299 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2010-07-31 1115728]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-31 8092192]
"avast!"=C:\Program Files\Avast4\ashDisp.exe [2009-11-24 81000]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2010-11-18 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-12-23 22:13:57 ----D---- C:\rsit
2010-12-23 15:11:00 ----SHD---- C:\$RECYCLE.BIN
2010-12-23 15:01:24 ----D---- C:\Windows\ERDNT
2010-12-22 10:36:44 ----D---- C:\Program Files\Universal Extractor
2010-12-21 21:06:18 ----D---- C:\Program Files\ConduitEngine
2010-12-21 21:06:15 ----D---- C:\Program Files\uTorrentBar
2010-12-17 09:06:33 ----D---- C:\Program Files\AutoCAD 2009
2010-12-17 09:06:28 ----D---- C:\Config.Msi
2010-12-13 21:03:39 ----D---- C:\Users\Peto\AppData\Roaming\Winamp
2010-12-13 20:56:35 ----D---- C:\Program Files\Winamp Detect
2010-12-13 20:56:21 ----D---- C:\Users\Peto\AppData\Roaming\Winamp_
2010-12-13 19:31:14 ----D---- C:\Program Files\CCleaner
2010-12-13 19:28:19 ----D---- C:\Users\Peto\AppData\Roaming\Media Player Classic
2010-12-13 19:26:15 ----D---- C:\Users\Peto\AppData\Roaming\DivX
2010-12-13 19:25:11 ----D---- C:\Program Files\Combined Community Codec Pack
2010-12-13 18:32:40 ----D---- C:\Program Files\Real
2010-12-13 18:32:22 ----D---- C:\ProgramData\Real
2010-12-13 18:32:22 ----D---- C:\Program Files\RealPlayer
2010-12-13 18:18:26 ----D---- C:\Users\Peto\AppData\Roaming\Real
2010-12-08 21:26:43 ----D---- C:\Users\Peto\AppData\Roaming\TeamViewer
2010-12-08 10:07:05 ----D---- C:\Users\Peto\AppData\Roaming\OpenOffice.org
2010-12-08 10:03:17 ----D---- C:\Program Files\OpenOffice.org 3
2010-12-04 15:18:49 ----D---- C:\Users\Peto\AppData\Roaming\Mozilla
2010-12-04 15:18:26 ----D---- C:\Program Files\Mozilla Firefox
2010-11-25 20:45:01 ----D---- C:\Program Files\Common Files\SWF Studio
2010-11-25 20:41:51 ----D---- C:\Windows\system32\URTTEMP
2010-11-25 20:39:58 ----A---- C:\Windows\system32\s7esetdx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\s7wcaotx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\S7OTBLEX.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\S7OINTFX.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\s7erwlcx.dll
2010-11-25 20:39:57 ----A---- C:\Windows\system32\MelbReg.dll
2010-11-25 20:39:17 ----A---- C:\Windows\IsUninst.exe
2010-11-25 20:35:25 ----A---- C:\Windows\Microwin.ini
2010-11-25 20:35:18 ----HD---- C:\Program Files\InstallShield Installation Information

======List of files/folders modified in the last 1 months======

2010-12-23 22:14:35 ----D---- C:\Windows\Temp
2010-12-23 22:14:13 ----D---- C:\Windows\Prefetch
2010-12-23 22:14:04 ----D---- C:\Program Files\trend micro
2010-12-23 22:13:10 ----D---- C:\ProgramData
2010-12-23 22:12:54 ----D---- C:\Windows
2010-12-23 22:04:49 ----SHD---- C:\System Volume Information
2010-12-23 15:09:41 ----A---- C:\Windows\system.ini
2010-12-23 15:07:01 ----D---- C:\Windows\system32\drivers
2010-12-23 15:07:01 ----D---- C:\Windows\System32
2010-12-23 15:07:01 ----D---- C:\Windows\AppPatch
2010-12-23 15:07:00 ----D---- C:\Program Files\Common Files
2010-12-22 15:15:36 ----SHD---- C:\Windows\Installer
2010-12-22 15:08:26 ----D---- C:\Users\Peto\AppData\Roaming\Adobe
2010-12-22 15:08:17 ----D---- C:\Program Files\Adobe
2010-12-22 15:05:12 ----D---- C:\Program Files\Common Files\Adobe
2010-12-22 10:40:16 ----D---- C:\Users\Peto\AppData\Roaming\uTorrent
2010-12-22 10:36:44 ----RD---- C:\Program Files
2010-12-21 21:05:14 ----D---- C:\Program Files\uTorrent
2010-12-20 08:59:13 ----D---- C:\Windows\inf
2010-12-20 08:59:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-20 08:04:43 ----D---- C:\Windows\system32\NDF
2010-12-17 09:59:05 ----D---- C:\Windows\system32\Tasks
2010-12-17 09:23:39 ----D---- C:\Program Files\Opera
2010-12-17 09:11:19 ----RSD---- C:\Windows\assembly
2010-12-17 09:11:19 ----D---- C:\Windows\Microsoft.NET
2010-12-17 09:09:55 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-12-17 09:09:51 ----RSD---- C:\Windows\Fonts
2010-12-17 09:09:19 ----D---- C:\Windows\Downloaded Program Files
2010-12-17 09:06:33 ----D---- C:\Users\Peto\AppData\Roaming\Autodesk
2010-12-17 09:06:33 ----D---- C:\ProgramData\Autodesk
2010-12-13 21:06:45 ----D---- C:\Program Files\Winamp
2010-12-13 19:32:09 ----D---- C:\Windows\debug
2010-12-13 19:05:43 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-12-13 17:16:03 ----SD---- C:\Users\Peto\AppData\Roaming\Microsoft
2010-12-08 10:24:21 ----D---- C:\Windows\system32\config
2010-12-08 10:04:14 ----D---- C:\Windows\winsxs
2010-11-25 20:59:31 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-25 20:42:35 ----D---- C:\Windows\Registration
2010-11-25 20:41:51 ----D---- C:\Program Files\Internet Explorer
2010-11-25 20:40:44 ----D---- C:\Windows\system32\DriverStore
2010-11-25 20:40:44 ----D---- C:\Windows\system32\catroot
2010-11-25 20:39:58 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-02 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-24 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
R2 s7otranx;s7otranx; C:\Windows\System32\Drivers\s7otranx.sys [2005-06-23 494135]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2010-07-31 21000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-31 2807392]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-08-23 48640]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 S7oppilx;Siemens PC/PPI Cable; C:\Windows\System32\Drivers\S7oppilx.sys [2005-06-23 133688]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys []
S3 a77cowej;a77cowej; C:\Windows\system32\drivers\a77cowej.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\Peto\AppData\Local\Temp\catchme.sys []
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 s7oppitx;s7oppitx; C:\Windows\System32\Drivers\S7oppitx.sys [2005-06-23 76343]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast4\ashServ.exe [2009-11-24 138680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-09-14 716024]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-27 85096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-15 403240]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-31 1343400]

-----------------EOF-----------------

Ještě odinstalujte tyto dva toolbary
O3 - Toolbar: uTorrentBar Toolbar
O3 - Toolbar: Conduit Engine

a smažte složky
C:\Program Files\ConduitEngine
C:\Program Files\uTorrentBar

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"Malwarebytes Anti-Malware (reboot)"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.

Pokud nejsou problémy, je to vše

vykonane, dakujem, stastne a vesele sviatky prajem

Není zač, Vám také hezké vánoce

VIRY.CZ

Preventivka, vopred dakujem za skontrolovanie.

Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.

Re: Preventivka, vopred dakujem za skontrolovanie.