VIRY.CZ

Zdravim,
mohl bych Vas poprosit o kontrolu logu ? Mam WIN7 a uz par dni mam problem, ze nemuzu nikde uploadovat zadny soubory, nemuzu v programech jako je corel importovat ani kliknout na Soubor->otevrit , protoze to vubec nic neudela. Stejne tak jako, kdyz chci uploadovat soubor treba pres ulozto, tak po kliknuti se proste nic nestane. Diky moc za pomoc, nevim si s tim uz rady. Stejne tak jako treba zde, kde bych mohl vybrat soubor, ale kdyz na to kliknu taky se nic nestane.

Windows Vista SP 0 (build 7600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.7600.16385 (win7_rtm.090713-1255)
Log vygenerován: 24.11.2010 22:27:05
================================================================

Běžící procesy
================================================================

C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
C:\PROGRAM FILES\VIA\VIAUDIOI\VDECK\VDECK.EXE

Scanner
================================================================
[?] sp_rsser.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Nemá okno
Soubor 70%

[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]

[R] AvastUI.exe
Spouští se po startu HKLM Run [avast5]

[?] issch.exe
Spouští se po startu HKLM Run [ISUSScheduler]
Nemá okno
Soubor 7%

[?] VDeck.exe
Spouští se po startu HKLM Run [HDAudDeck]
Soubor 7%

[R] GrooveMonitor.exe
Ověřený Microsoft: Ne
Spouští se po startu HKLM Run [GrooveMonitor]

[R] GoogleDesktop.exe
Spouští se po startu HKLM Run [Google Desktop Search]

[R] GoogleDesktop.exe
Spouští se po startu HKLM Run [Google Desktop Search]

[R] DTLite.exe
Spouští se po startu HKCU Run [DAEMON Tools Lite]
EntryPoint v sekci: .VMP1
|_ Celkový počet sekcí: 6

[S] dllhost.exe
Proces se nepodařilo otevřít
ROOTKIT? Skrytá cesta
Spouští se po startu HKCU Run [SpywareTerminatorUpdate]
Nelze otevřít

Po spuštění
================================================================

HKCU Run
|_ [!][SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
|_ [?][ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
|_ [R][Google Update] C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe /c
|_ [R][DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun

HKLM Run
|_ [R][avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui
|_ [?][QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime
|_ [?][ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start
|_ [?][HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
|_ [R][Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
|_ [?][CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title=CorelDRAW Graphics Suite 12 /date=112710 serial=dr12ccn-1517996-ebk lang=CZ

HKLM ShellServiceObjectDelayLoad
|_ [X][WebCheck] (Soubor nenalezen)

HKLM IC
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll

HKLM AppInit_DLLs
|_ [?][AppInit_DLLs] C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL

Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Google Update Service (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS

[!] Spyware Terminator Realtime Shield Service
|_ Cesta: C:\Program Files\Spyware Terminator\sp_rsser.exe
| |_ Výrobce: Crawler.com
| |_ Popis: Spyware Terminator Realtime Shield 32-bit Service
| |_ MD5: 642180B8F50E7FC1FBAF87C718E259D6
|
|_ Jméno: sp_rssrv
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Hardlock
|_ Cesta: C:\Windows\system32\drivers\hardlock.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Hardlock
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ATK0110 ACPI UTILITY
|_ Cesta: C:\Windows\system32\DRIVERS\ASACPI.sys
| |_ Výrobce:
| |_ Popis: ATK0110 ACPI Utility
| |_ MD5: 0F24624106D8042E7F27882D9D6FF5C0
|
|_ Jméno: MTsensor
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Guardant Emulator Driver
|_ Cesta: C:\Windows\system32\Drivers\NSHE.SYS
| |_ Výrobce: T0r0 2008
| |_ Popis: DongleEmulator for HASP, Sentinel, etc
| |_ MD5: F8E396F5E703D7A8F37D90F59C776268
|
|_ Jméno: NSHE
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency: HARDLOCK

[?] Realtek 8167 NT Driver
|_ Cesta: C:\Windows\system32\DRIVERS\Rt86win7.sys
| |_ Výrobce: Realtek Corporation
| |_ Popis: Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver
| |_ MD5: 3983CEA05BB855351D75F5482B6C42CE
|
|_ Jméno: RTL8167
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] sptd
|_ Cesta: C:\Windows\System32\Drivers\sptd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: sptd
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Spyware Terminator Driver 2
|_ Cesta: C:\Windows\system32\drivers\sp_rsdrv2.sys
| |_ Výrobce: ?
| |_ Popis: ?
| |_ MD5: 8831252BCF05FCFB5ABD116A22E552D8
|
|_ Jméno: sp_rsdrv2
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] VIA High Definition Audio Driver Service
|_ Cesta: C:\Windows\system32\drivers\viahduaa.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: VIA High Definition Audio Function Driver
| |_ MD5: 136D8C141515EBE185754459D83FD45F
|
|_ Jméno: VIAHdAudAddService
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[!] sptcontmenu.dll
|_ Cesta: C:\Program Files\Spyware Terminator\sptcontmenu.dll
|_ MD5: A5E97B2B88CC48FC178E88BF6E02F5EC
|_ Výrobce: Crawler.com
|_ Procesy
|_ explorer.exe (2776)

[?] 7-zip.dll
|_ Cesta: C:\Program Files\7-Zip\7-zip.dll
|_ MD5: 20B2C339361E82A6707533BAC481FCE4
|_ Výrobce: Igor Pavlov
|_ Procesy
|_ explorer.exe (2776)

[?] googledesktophyper.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll
|_ MD5: BC272885EEEE1234E856C2FA65FC1A3E
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)

[?] googledesktopresources_en.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
|_ MD5: A4B20D256CD8F7BA4F303CB6DBDD7BE7
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)
|_ chrome.exe (2816)
|_ chrome.exe (3476)

[?] googledesktopcommon.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll
|_ MD5: 543786F4FB229A1EEEBC820F86D50D7E
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)

[?] atl80.dll
|_ Cesta: C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
|_ MD5: 3E9A33113D663D8BD5ED38858E669652
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ explorer.exe (2776)
|_ GrooveMonitor.exe (3108)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)
|_ javaw.exe (5184)
|_ UPM.exe (7708)
|_ UPM.exe (5024)

[?] googledesktopdeskbar2.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopDeskbar2.dll
|_ MD5: DF2C77792700C5E4AB182F68D3FAC905
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3300)

[?] vmicapi.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
|_ MD5: F9E91D9E8C7D1141B9B74AC4C5779619
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)

[?] skin.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
|_ MD5: 4BE6A497117883B8DFDBBC5A75411CB5
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)

[?] qsapoapi.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
|_ MD5: E5E41D0974EEEC563F1FFBAD40167A5B
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)

[?] gzlib.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\gzlib.dll
|_ MD5: 97F1AC7B9D7D9A5F28DCEA8009914AD9
|_ Výrobce:
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)

[?] googledesktopapi2.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
|_ MD5: D5BBBA3E9B11C11AC51D75AB9BAE9C93
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ chrome.exe (3284)

[?] googleservices.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleServices.dll
|_ MD5: FAACB8DE84F2BD375BCABF661A9299B0
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)

[?] googleuiengine.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleUIEngine.dll
|_ MD5: D42F6815A327FCADC5E3D5925EC92EB2
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3300)

[?] googledesktopssd.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopSSD.dll
|_ MD5: 0F6C873CC521CA26526FD1AA8E1C44C6
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3300)

[?] mfc80u.dll
|_ Cesta: C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
|_ MD5: 686B224B4987C22B153FBB545FEE9657
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ DTLite.exe (4012)

[?] go36f4~1.dll
|_ Cesta: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
|_ MD5: 2010517CC8E09E07087E50A04689012E
|_ Výrobce: Google
|_ Procesy
|_ chrome.exe (3284)
|_ chrome.exe (2816)
|_ chrome.exe (3476)

[?] gcswf32.dll
|_ Cesta: C:\Users\Lukas\AppData\Local\Google\Chrome\Application\7.0.517.44\gcswf32.dll
|_ MD5: 956BDB632F35E98335E77B91FFB6B52F
|_ Výrobce: ?
|_ Procesy
|_ chrome.exe (2816)

[?] awt.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\awt.dll
|_ MD5: 5DEEDBBF0C31641925832E3D5FFD630C
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] dcpr.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\dcpr.dll
|_ MD5: F23A7D1CC6F854ED59EB8D5E52893106
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] fontmanager.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\fontmanager.dll
|_ MD5: 9224A31667776E2E74D2C0B3531CB666
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] hpi.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\hpi.dll
|_ MD5: 70FE398D1050459C164BEF4CDAC1CF53
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] java.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\java.dll
|_ MD5: 8D8530720C7EE2621D56600787CBB630
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] mlib_image.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\mlib_image.dll
|_ MD5: EEB97821594068227405D7E6EE9BFDDA
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] net.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\net.dll
|_ MD5: AADC80A8F0867D632FB7D8B523E704EC
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] nio.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\nio.dll
|_ MD5: D5EDC76DFADE2BE98C44A5B65A49F115
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] sunmscapi.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\sunmscapi.dll
|_ MD5: 6F300CDD7C19D0B0D95FDD2F84FBFB70
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] verify.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\verify.dll
|_ MD5: 75E396AA1F886EC91D976A9050B98C01
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] zip.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\zip.dll
|_ MD5: 575A48A01DB1F33F3EF7AC658ABF9FB8
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

[?] jvm.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\client\jvm.dll
|_ MD5: 91914C2BA8B7DE1ACD625C23B833B30A
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)

================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ] - Not Registered =(

Dobré ranko

Můžete si stahnout soubor přes flešku z jiného pc?

Vložte log ze Rsitu s názvem LOG.TXT, viz můj podpis Obrázek

.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Zdravim,
co se tyce kopirovani pres flashku, tak to pokud vim problem neni. Nahravat, kopirovat, vsechno muzu, jen mi proste nevyskakuje okno, kdyz potrebuju otevrit soubor v nejakem programu (funguje to treba v office), ale v nicem jinem ne.
Zde je Log z Rsitu.

Diky

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukas at 2010-11-28 03:13:38
Microsoft Windows 7 Ultimate
System drive C: has 249 GB (52%) free of 477 GB
Total RAM: 2047 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:45, on 28.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title="CorelDRAW Graphics Suite 12" /date=121310 serial=dr12ccn-1517996-ebk lang=CZ
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6829 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-17 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 1417216]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [2004-06-22 729088]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-11-22 3037696]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Google Update"=C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-28 03:13:38 ----D---- C:\rsit
2010-11-28 03:13:38 ----D---- C:\Program Files\trend micro
2010-11-24 22:22:48 ----D---- C:\Program Files\Ultimate Process Manager
2010-11-24 22:06:22 ----D---- C:\Users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 22:04:26 ----D---- C:\Program Files\ImgBurn
2010-11-24 19:23:24 ----D---- C:\Windows\pss
2010-11-24 19:21:40 ----SHD---- C:\Config.Msi
2010-11-22 23:26:36 ----D---- C:\Users\Lukas\AppData\Roaming\Spyware Terminator
2010-11-22 23:26:36 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2010-11-22 23:26:35 ----D---- C:\ProgramData\Spyware Terminator
2010-11-22 23:26:34 ----D---- C:\Program Files\Spyware Terminator
2010-11-22 23:03:12 ----D---- C:\Program Files\Windows Live Safety Center
2010-11-22 22:42:56 ----D---- C:\Program Files\Recuva
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files\Adobe
2010-11-22 21:41:32 ----D---- C:\Users\Lukas\AppData\Roaming\Systweak
2010-11-22 21:41:27 ----D---- C:\Program Files\RegClean Pro
2010-11-22 21:18:56 ----A---- C:\Windows\ntbtlog.txt
2010-11-21 18:15:10 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-21 18:13:57 ----A---- C:\Windows\system32\msdri.dll
2010-11-21 18:13:57 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-21 18:13:55 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-21 18:13:48 ----A---- C:\Windows\system32\wmp.dll
2010-11-21 18:13:45 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-21 18:13:42 ----A---- C:\Windows\system32\mshtml.dll
2010-11-21 18:13:42 ----A---- C:\Windows\system32\iertutil.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\urlmon.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\ieframe.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\wininet.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\mstime.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\ieui.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iepeers.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-21 18:13:36 ----A---- C:\Windows\system32\tzres.dll
2010-11-21 18:13:28 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-21 18:13:27 ----A---- C:\Windows\system32\schannel.dll
2010-11-21 18:13:26 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40.dll
2010-11-21 18:13:19 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-21 18:13:18 ----A---- C:\Windows\system32\ole32.dll
2010-11-21 18:13:18 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-21 18:13:16 ----A---- C:\Windows\system32\t2embed.dll
2010-11-21 18:13:15 ----A---- C:\Windows\system32\comctl32.dll
2010-11-21 18:13:14 ----A---- C:\Windows\system32\win32k.sys
2010-11-21 18:13:13 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-19 01:58:26 ----D---- C:\ProgramData\PopCap Games
2010-11-08 23:30:04 ----D---- C:\Program Files\QuickTime
2010-11-08 23:30:03 ----D---- C:\ProgramData\Apple Computer
2010-11-08 23:29:32 ----D---- C:\Program Files\Common Files\Apple
2010-11-08 23:29:20 ----D---- C:\ProgramData\Apple
2010-11-08 23:29:20 ----D---- C:\Program Files\Apple Software Update
2010-11-01 20:17:48 ----D---- C:\Program Files\QS

======List of files/folders modified in the last 1 months======

2010-11-28 03:13:45 ----D---- C:\Windows\Prefetch
2010-11-28 03:13:38 ----RD---- C:\Program Files
2010-11-28 03:13:10 ----D---- C:\Windows\Temp
2010-11-28 03:11:11 ----D---- C:\Windows\System32
2010-11-28 03:11:07 ----D---- C:\ProgramData\NVIDIA
2010-11-26 01:49:52 ----D---- C:\Windows\system32\config
2010-11-26 00:07:57 ----D---- C:\Program Files\JDownloader
2010-11-25 22:11:52 ----SHD---- C:\System Volume Information
2010-11-25 20:58:04 ----D---- C:\Windows
2010-11-25 20:46:18 ----D---- C:\Windows\inf
2010-11-25 20:46:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-24 20:06:37 ----D---- C:\Windows\debug
2010-11-24 20:02:12 ----D---- C:\Windows\system32\Msdtc
2010-11-24 19:21:41 ----SHD---- C:\Windows\Installer
2010-11-24 19:15:21 ----SD---- C:\ProgramData\Microsoft
2010-11-24 19:14:46 ----HD---- C:\Windows\system32\GroupPolicy
2010-11-24 02:27:27 ----D---- C:\Windows\rescache
2010-11-22 23:26:37 ----D---- C:\Windows\system32\drivers
2010-11-22 23:26:35 ----D---- C:\ProgramData
2010-11-22 23:03:12 ----D---- C:\Windows\Downloaded Program Files
2010-11-22 22:37:43 ----D---- C:\ProgramData\Adobe
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files
2010-11-22 22:37:40 ----D---- C:\Program Files\Adobe
2010-11-22 22:01:47 ----D---- C:\Windows\winsxs
2010-11-22 21:51:46 ----D---- C:\Windows\system32\appmgmt
2010-11-22 21:50:50 ----D---- C:\Windows\system32\DriverStore
2010-11-22 21:50:50 ----D---- C:\Windows\system32\catroot
2010-11-22 19:00:00 ----SHD---- C:\$Recycle.Bin
2010-11-22 18:59:52 ----RD---- C:\Users
2010-11-21 18:38:23 ----D---- C:\Windows\Microsoft.NET
2010-11-21 18:38:08 ----RSD---- C:\Windows\assembly
2010-11-21 18:28:59 ----D---- C:\Windows\system32\migration
2010-11-21 18:28:59 ----D---- C:\Windows\system32\cs-CZ
2010-11-21 18:28:59 ----D---- C:\Windows\ehome
2010-11-21 18:28:59 ----D---- C:\Program Files\Internet Explorer
2010-11-21 18:28:58 ----D---- C:\Windows\AppPatch
2010-11-21 18:28:58 ----D---- C:\Program Files\Windows Media Player
2010-11-21 18:13:08 ----D---- C:\Windows\system32\catroot2
2010-11-18 13:51:32 ----D---- C:\Series
2010-11-02 16:47:16 ----A---- C:\Windows\system32\MRT.exe
2010-11-01 20:36:16 ----D---- C:\Users\Lukas\AppData\Roaming\Miranda
2010-10-31 15:39:48 ----D---- C:\Program Files\abgx360

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-17 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-11-22 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]
S2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acxna6f7;acxna6f7; C:\Windows\system32\drivers\acxna6f7.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-22 496128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Porad nepomohlo, navic pri prvnim pokusu combofix vyvolal bluescreen a behem prubehu to porad psalo ze to nemuze neco otevrit (ADVAPI32.DLL). Tak nevim co se deje. Tady je LOG, ktery se na podruh podaril vytvorit.

ComboFix 10-11-27.01 - Lukas 28.11.2010 14:48:38.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2047.1211 [GMT 1:00]
Spuštěný z: c:\users\Lukas\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-28 )))))))))))))))))))))))))))))))
.

2010-11-28 13:55 . 2010-11-28 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\users\Lukas\AppData\Roaming\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\programdata\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- C:\rsit
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- c:\program files\trend micro
2010-11-24 21:22 . 2010-11-24 21:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-11-24 21:06 . 2010-11-24 21:06 -------- d-----w- c:\users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 21:04 . 2010-11-24 21:04 -------- d-----w- c:\program files\ImgBurn
2010-11-22 22:03 . 2010-11-24 18:21 -------- d-----w- c:\program files\Windows Live Safety Center
2010-11-22 21:42 . 2010-11-22 21:42 -------- d-----w- c:\program files\Recuva
2010-11-22 21:37 . 2010-11-22 21:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-11-22 20:44 . 2000-05-22 14:58 140488 ----a-w- C:\comdlg32.ocx
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\users\Lukas\AppData\Roaming\Systweak
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\program files\RegClean Pro
2010-11-22 17:59 . 2010-11-22 18:00 -------- d-----w- c:\users\Test
2010-11-21 17:15 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-11-21 17:11 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F0834A8-C4E5-492B-AD29-D895AD48A77A}\mpengine.dll
2010-11-21 17:10 . 2010-08-27 05:30 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-19 00:58 . 2010-11-19 01:02 -------- d-----w- c:\programdata\PopCap Games
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\program files\QuickTime
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\programdata\Apple Computer
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Common Files\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\users\Lukas\AppData\Local\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\programdata\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Apple Software Update
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-11-01 19:17 . 2010-11-01 19:17 -------- d-----w- c:\program files\QS

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-08-17 02:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-23 20:20 . 2010-09-23 20:20 191488 ----a-w- c:\windows\system32\hlvdd.dll
2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-17 01:58 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-08-17 01:58 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-08-17 01:59 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-08-17 01:59 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-08-17 01:59 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-08-17 01:59 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-08-17 01:59 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-02 01:33 . 2010-09-02 01:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-09-02 01:33 . 2010-09-02 01:33 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"Google Update"="c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-17 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 1417216]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe" [2004-06-22 729088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-16 691696]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]

.
Obsah adresáře 'Naplánované úlohy'

2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]

2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]

2010-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]

2010-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-11-28 14:57:03
ComboFix-quarantined-files.txt 2010-11-28 13:57

Před spuštěním: Volných bajtů: 265 435 803 648
Po spuštění: Volných bajtů: 265 221 464 064

- - End Of File - - E8485FB058EF2F7A0537DE10F458CE02

Log je v pořádku. Jaký používáte prohlížeč?

Pouzivam Google Chrome, ale nefunguje to ani v exploreru ani v mozille. A hlavne nebude to prohlizecem, jelikoz to nefunguje treba ani v adobe readeru, corelu atd.....

Zkoušel jste obnovu systému k datu, kdy to fungovalo?

Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.

Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.

Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.

Pošlu sem kolegu

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

VIRY.CZ

Kontrolu logu

Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu

Re: Kontrolu logu