VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marie Hrynečková at 2010-12-18 10:26:15
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 16 GB (22%) free of 71 GB
Total RAM: 1014 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:01, on 18.12.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\MARIEH~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Marie Hrynečková\Desktop\RSIT.exe
C:\Program Files\trend micro\Marie Hrynečková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
O4 - HKCU\..\Run: [ICQ]
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {43E944B6-763F-4DED-8CB6-82B0204082E0} (webViewer Control) - http://web.hb-ware.cz/kamera/WebViewerProj_single.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D9FDD1F3-73E8-4D37-9149-43B7B576EB0A} (WebCamX Control) - http://ns.hb-ware.cz:8888/WebCamX.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10257 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"Acer Tour"= []
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-15 850704]
"eRecoveryService"= []
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-02 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-02 133656]
"Skytel"=C:\Windows\Skytel.exe [2007-05-29 1826816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-05-22 151552]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2007-10-25 956296]
"ICQ"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-02 200704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-12-18 10:15:51 ----D---- C:\Program Files\Microsoft Security Client
2010-12-18 08:57:37 ----D---- C:\Program Files\trend micro
2010-12-18 08:57:35 ----D---- C:\rsit
2010-12-15 14:47:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 14:47:26 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 14:47:25 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 14:47:25 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 14:47:24 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 14:47:24 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 14:47:17 ----A---- C:\Windows\system32\consent.exe
2010-12-15 14:47:15 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 14:47:14 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 14:47:13 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 14:47:09 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 14:47:08 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 14:47:07 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 14:47:06 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 14:47:04 ----A---- C:\Windows\system32\ieapfltr.dll
2010-12-15 14:47:03 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 14:47:03 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 14:47:01 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 14:47:01 ----A---- C:\Windows\system32\ieaksie.dll
2010-12-15 14:47:00 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 14:47:00 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 14:46:59 ----A---- C:\Windows\system32\occache.dll
2010-12-15 14:46:59 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 14:46:58 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 14:46:58 ----A---- C:\Windows\system32\ieencode.dll
2010-12-15 14:46:45 ----A---- C:\Windows\system32\tzres.dll
2010-11-27 08:33:09 ----D---- C:\Users\Marie Hrynečková\AppData\Roaming\BlackBean

======List of files/folders modified in the last 1 months======

2010-12-18 10:26:46 ----D---- C:\Windows\Temp
2010-12-18 10:20:02 ----SHD---- C:\System Volume Information
2010-12-18 10:17:08 ----D---- C:\Windows
2010-12-18 10:16:59 ----SHD---- C:\Windows\Installer
2010-12-18 10:16:42 ----D---- C:\Windows\inf
2010-12-18 10:16:42 ----AD---- C:\Windows\System32
2010-12-18 10:16:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-18 10:16:40 ----D---- C:\Windows\system32\catroot
2010-12-18 10:16:40 ----AD---- C:\Windows\system32\drivers
2010-12-18 10:16:29 ----SD---- C:\ProgramData\Microsoft
2010-12-18 10:15:51 ----RD---- C:\Program Files
2010-12-18 10:02:24 ----SD---- C:\Users\Marie Hrynečková\AppData\Roaming\Microsoft
2010-12-18 10:02:18 ----HD---- C:\ProgramData
2010-12-18 09:48:12 ----D---- C:\Windows\winsxs
2010-12-18 08:57:37 ----D---- C:\Windows\Prefetch
2010-12-16 06:20:51 ----D---- C:\Program Files\Windows Mail
2010-12-16 06:20:45 ----D---- C:\Program Files\Internet Explorer
2010-12-16 06:18:18 ----D---- C:\Windows\rescache
2010-12-16 06:01:46 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 06:01:05 ----D---- C:\ProgramData\Microsoft Help
2010-12-16 06:00:18 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-03-02 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-06-15 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-31 1780576]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-25 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-19 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-08 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-01-08 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-08 16560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2007-06-12 51040]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WisINT15;WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-03 272024]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]

-----------------EOF-----------------

Dobrý večer

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Omlouvám se, že reaguji za dost dlouho.Není to můj PC.

Provedl jsem vše podle pokynů.

Log následuje.

Díky!

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5468

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

6.1.2011 10:24:17
mbam-log-2011-01-06 (10-23-56).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 333959
Uplynulý čas: 1 hodin, 18 minut, 42 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 7
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XTTB00001.XTTB00001Toolbar (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\SYSTEM32\APISLICE.DLL (Trojan.Agent) -> Value: APISLICE.DLL -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Káťa\AppData\Local\Temp\comver.dll (Adware.GameSpyArcade) -> No action taken.
c:\Windows\System32\APISlice.dll (Trojan.Agent) -> No action taken.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> No action taken.

Otestujte na www.virustotal.com
c:\Windows\System32\APISlice.dll

Antivirus Version Last Update Result
AhnLab-V3 2011.01.04.03 2011.01.04 -
AntiVir 7.11.1.24 2011.01.04 -
Antiy-AVL 2.0.3.7 2011.01.04 Trojan/Win32.Agent.gen
Avast 4.8.1351.0 2011.01.04 -
Avast5 5.0.677.0 2011.01.04 Win32:PUP-gen
AVG 9.0.0.851 2011.01.04 -
BitDefender 7.2 2011.01.04 -
CAT-QuickHeal 11.00 2011.01.04 -
ClamAV 0.96.4.0 2011.01.04 -
Command 5.2.11.5 2011.01.04 -
Comodo 7292 2011.01.04 -
DrWeb 5.0.2.03300 2011.01.04 -
Emsisoft 5.1.0.1 2011.01.04 Trojan-PSW.Win32.Agent.uyr!A2
eSafe 7.0.17.0 2011.01.02 -
eTrust-Vet 36.1.8080 2011.01.04 -
F-Prot 4.6.2.117 2011.01.04 -
F-Secure 9.0.16160.0 2011.01.04 -
Fortinet 4.2.254.0 2011.01.03 -
GData 21 2011.01.04 -
Ikarus T3.1.1.90.0 2011.01.04 -
Jiangmin 13.0.900 2011.01.04 Trojan/PSW.Agent.nbp
K7AntiVirus 9.75.3435 2011.01.04 -
Kaspersky 7.0.0.125 2011.01.04 -
McAfee 5.400.0.1158 2011.01.04 -
McAfee-GW-Edition 2010.1C 2011.01.04 -
Microsoft 1.6402 2011.01.04 -
NOD32 5759 2011.01.04 -
Norman 6.06.12 2011.01.03 -
nProtect 2011-01-04.01 2011.01.04 Trojan-PWS/W32.Agent.73728.Z
Panda 10.0.2.7 2011.01.04 -
PCTools 7.0.3.5 2011.01.04 -
Prevx 3.0 2011.01.04 -
Rising 22.81.01.03 2011.01.04 Trojan.Win32.Generic.5256B5D6
Sophos 4.60.0 2011.01.04 -
SUPERAntiSpyware 4.40.0.1006 2011.01.04 -
TheHacker 6.7.0.1.110 2011.01.03 -
TrendMicro 9.120.0.1004 2011.01.04 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.04 -
VBA32 3.12.14.2 2011.01.04 TrojanPSW.Agent.uyr
VIPRE 7952 2011.01.04 Trojan.Win32.Generic!BT
ViRobot 2011.1.4.4236 2011.01.04 -
VirusBuster 13.6.127.0 2011.01.04 -

MD5 : 232a802875df9e544890003c00a03760
SHA1 : 6306a48693e9326c75c705738deb7fe2e943df0a
SHA256: a22122c6aeaf65dcf35ce40d137db24a69b7e3e5e770debfa8f7544fa8a55afa
ssdeep: 768:/eOdguobPRBQnEDLoYsAfiGjrgaWva7mGKflzXUbn1lK42PpORyOAtfM/zVe:/Xd4bPRoUj
sAfldWC7mXUbq5xXtfMr
File size : 73728 bytes
First seen: 2010-04-21 22:56:12
Last seen : 2011-01-04 17:03:43
Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: Copyright (C) 2005
product......: APISlice Dynamic Link Library
description..: APISlice Dynamic Link Library
original name: APISlice.dll
internal name: APISlice
file version.: 2, 5, 5, 4035
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

PEiD: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x3893
timedatestamp....: 0x462F11BB (Wed Apr 25 08:30:51 2007)
machinetype......: 0x14C (Intel I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x975A, 0xA000, 6.37, f31551f7bd1840d50ac8ad92f2465e7a
.rdata, 0xB000, 0x2BAF, 0x3000, 5.11, 455542f14ec552f48218af225c69a7eb
.data, 0xE000, 0x1B00, 0x1000, 2.35, cbea6855972822f4b1a9f52cad4eb995
.rsrc, 0x10000, 0x3D8, 0x1000, 3.71, d40d33a225dddecaa87266788171a63f
.reloc, 0x11000, 0x1538, 0x2000, 3.05, b6c98efe0d8fc6a5f4b53bf8a5c74a4a

[[ 3 import(s) ]]
advapi32.dll: LookupPrivilegeValueA, AdjustTokenPrivileges, OpenProcessToken
kernel32.dll: LoadLibraryA, GetLastError, GetModuleHandleA, FreeLibrary, VirtualProtect, VirtualQuery, WideCharToMultiByte, CreateProcessW, CreateProcessA, GetModuleFileNameA, GetProcAddress, SetLastError, WriteProfileStringA, GetProfileStringA, LeaveCriticalSection, VirtualFreeEx, WaitForSingleObject, CreateRemoteThread, WriteProcessMemory, VirtualAllocEx, OpenProcess, GetCurrentProcessId, GetCurrentProcess, Sleep, CreateThread, FormatMessageA, EnterCriticalSection, DeleteCriticalSection, CloseHandle, InitializeCriticalSection, HeapAlloc, HeapFree, RtlUnwind, GetCurrentThreadId, GetCommandLineA, GetVersionExA, GetProcessHeap, VirtualFree, VirtualAlloc, HeapReAlloc, HeapDestroy, HeapCreate, ExitProcess, WriteFile, GetStdHandle, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, InterlockedDecrement, HeapSize, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetCPInfo, GetACP, GetOEMCP, RaiseException, MultiByteToWideChar, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW
user32.dll: wsprintfA, SendMessageA

[[ 6 export(s) ]]
SliceAPIByProcess, SliceAPIByProcessEx, SliceAPIGlobalProcess, UnSliceAPIByProcess, UnSliceAPIByProcessEx, UnSliceAPIGlobalProcess

ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 40960
EntryPoint: 0x3893
FileDescription: APISlice Dynamic Link Library
FileFlagsMask: 0x0017
FileOS: Win32
FileSize: 72 kB
FileSubtype: 0
FileType: Win32 DLL
FileVersion: 2, 5, 5, 4035
FileVersionNumber: 2.5.5.4035
ImageVersion: 0.0
InitializedDataSize: 28672
InternalName: APISlice
LanguageCode: Neutral
LegalCopyright: Copyright (C) 2005
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Dynamic link library
OriginalFilename: APISlice.dll
PEType: PE32
ProductName: APISlice Dynamic Link Library
ProductVersion: 2, 5, 5, 4035
ProductVersionNumber: 2.5.5.4035
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2007:04:25 10:30:51+02:00
UninitializedDataSize: 0

V mbamu vše smazat

Po opakovaném scanu MBAM nic nenašel. Mám ještě provést nějakou kontrolu, nebo už je všechno OK?

Jak se chová počítač?

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-01-05.06 - Marie Hrynečková 06.01.2011 15:50:00.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1250.420.1029.18.1014.109 [GMT 1:00]
Spuštěný z: c:\users\Marie Hrynečková\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Káťa\AppData\Roaming\TMInc
c:\users\Káťa\AppData\Roaming\TMInc\game.cfg
c:\users\Káťa\AppData\Roaming\TMInc\user1.sav
c:\users\Marie Hrynečková\AppData\Roaming\TMInc
c:\users\Marie Hrynečková\AppData\Roaming\TMInc\game.cfg
c:\users\Marie Hrynečková\AppData\Roaming\TMInc\user1.sav

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-06 do 2011-01-06 )))))))))))))))))))))))))))))))
.

2011-01-06 15:06 . 2011-01-06 15:10 -------- d-----w- c:\users\Marie Hrynečková\AppData\Local\temp
2011-01-06 15:06 . 2011-01-06 15:06 -------- d-----w- c:\users\Káťa\AppData\Local\temp
2011-01-06 15:06 . 2011-01-06 15:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-06 08:01 . 2011-01-06 08:01 -------- d-----w- c:\users\Marie Hrynečková\AppData\Roaming\Malwarebytes
2011-01-06 08:01 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-06 08:01 . 2011-01-06 08:01 -------- d-----w- c:\programdata\Malwarebytes
2011-01-06 08:01 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-06 08:01 . 2011-01-06 08:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-06 07:17 . 2010-11-09 19:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B3EB101D-84D7-495C-8EE4-6CDA81793C2D}\mpengine.dll
2011-01-06 07:04 . 2011-01-06 07:04 -------- d-----w- c:\program files\CCleaner
2010-12-30 16:46 . 2010-12-30 16:46 -------- d-----w- c:\users\Káťa\AppData\Roaming\Google
2010-12-30 16:45 . 2010-12-30 16:46 -------- d-----w- c:\users\Káťa\AppData\Local\Google
2010-12-29 11:22 . 2011-01-06 08:01 -------- d-----w- c:\users\Marie Hrynečková\AppData\Local\Google
2010-12-29 11:21 . 2011-01-06 13:04 -------- d-----w- c:\program files\Google
2010-12-24 18:52 . 2010-12-24 18:52 -------- d-----w- c:\programdata\Synetic
2010-12-24 18:43 . 2010-12-24 18:43 -------- d-----w- c:\program files\City Interactive
2010-12-19 11:26 . 2010-11-09 19:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-18 09:21 . 2010-12-18 09:20 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2E0FFC9-A298-4DF1-9DF2-37A3A1D7F306}\gapaengine.dll
2010-12-18 09:15 . 2010-12-18 09:16 -------- d-----w- c:\program files\Microsoft Security Client
2010-12-18 07:57 . 2010-12-18 09:26 -------- d-----w- c:\program files\trend micro
2010-12-18 07:57 . 2010-12-18 08:00 -------- d-----w- C:\rsit
2010-12-17 16:42 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F564B8C3-AF2D-4100-8537-99FB1B3E5055}\mpengine.dll
2010-12-15 13:46 . 2010-10-20 17:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-15 13:46 . 2010-10-20 15:51 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2010-12-15 13:46 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-15 13:37 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-24 20:25 . 2010-10-24 20:25 54144 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2010-10-24 20:25 . 2010-10-24 20:25 43392 ----a-w- c:\windows\system32\drivers\MpNWMon.sys
2010-10-24 20:25 . 2010-10-24 20:25 165264 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2010-10-19 20:51 . 2009-10-02 19:28 222080 ------w- c:\windows\system32\MpSigStub.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2007-10-25 956296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-15 850704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-02 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-02 133656]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

c:\users\K śa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [N/A]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-1-19 711472]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-25 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-29 136176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
R3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\DRIVERS\ipw3gnet.sys [2007-06-12 51040]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 WisINT15;WisINT15;c:\elements\1stboot\WisINT15.SYS [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - MBAMSwissArmy

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-29 11:22]

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-29 11:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
DPF: {43E944B6-763F-4DED-8CB6-82B0204082E0} - hxxp://web.hb-ware.cz/kamera/WebViewerProj_single.cab
DPF: {D9FDD1F3-73E8-4D37-9149-43B7B576EB0A} - hxxp://ns.hb-ware.cz:8888/WebCamX.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-06 16:10
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-01-06 16:16:00
ComboFix-quarantined-files.txt 2011-01-06 15:15

Před spuštěním: Volných bajtů: 15 791 566 848
Po spuštění: Volných bajtů: 16 017 485 824

- - End Of File - - C80123199A32FD8BF0B1F41C08A8A824

Co počítač?

Zdá se OK

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Počítač se zdá OK.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marie Hrynečková at 2011-01-07 19:17:32
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 16 GB (22%) free of 71 GB
Total RAM: 1014 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:00, on 7.1.2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\MARIEH~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Users\Marie Hrynečková\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2V4059EI\RSIT[1].exe
C:\Program Files\trend micro\Marie Hrynečková.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
O4 - HKCU\..\Run: [ICQ]
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {43E944B6-763F-4DED-8CB6-82B0204082E0} (webViewer Control) - http://web.hb-ware.cz/kamera/WebViewerProj_single.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D9FDD1F3-73E8-4D37-9149-43B7B576EB0A} (WebCamX Control) - http://ns.hb-ware.cz:8888/WebCamX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D350D9EE-2BB9-491E-8199-FD231FFF6843}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10109 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{855F3B16-6D32-4fe6-8A56-BBB695989046}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-15 850704]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-02 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-02 133656]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-05-22 151552]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2007-10-25 956296]
"ICQ"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-02 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2011-01-07 19:17:32 ----D---- C:\rsit
2011-01-06 17:22:21 ----A---- C:\Windows\UC.PIF
2011-01-06 17:22:21 ----A---- C:\Windows\RAR.PIF
2011-01-06 17:22:21 ----A---- C:\Windows\PKZIP.PIF
2011-01-06 17:22:21 ----A---- C:\Windows\PKUNZIP.PIF
2011-01-06 17:22:21 ----A---- C:\Windows\NOCLOSE.PIF
2011-01-06 17:22:20 ----A---- C:\Windows\LHA.PIF
2011-01-06 17:22:20 ----A---- C:\Windows\ARJ.PIF
2011-01-06 17:22:19 ----D---- C:\Users\Marie Hrynečková\AppData\Roaming\GHISLER
2011-01-06 17:22:19 ----D---- C:\totalcmd
2011-01-06 16:16:13 ----SHD---- C:\$RECYCLE.BIN
2011-01-06 16:16:03 ----D---- C:\Windows\temp
2011-01-06 15:45:33 ----D---- C:\Windows\ERDNT
2011-01-06 15:41:12 ----D---- C:\Qoobox
2011-01-06 09:01:32 ----D---- C:\Users\Marie Hrynečková\AppData\Roaming\Malwarebytes
2011-01-06 09:01:12 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-01-06 09:01:11 ----D---- C:\ProgramData\Malwarebytes
2011-01-06 09:01:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-06 09:01:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-06 08:04:25 ----D---- C:\Program Files\CCleaner
2010-12-29 12:21:14 ----D---- C:\ProgramData\Google
2010-12-29 12:21:14 ----D---- C:\Program Files\Google
2010-12-24 19:52:28 ----D---- C:\ProgramData\Synetic
2010-12-24 19:43:04 ----D---- C:\Program Files\City Interactive
2010-12-18 10:15:51 ----D---- C:\Program Files\Microsoft Security Client
2010-12-18 08:57:37 ----D---- C:\Program Files\trend micro
2010-12-15 14:47:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 14:47:26 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 14:47:25 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 14:47:25 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 14:47:24 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 14:47:24 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 14:47:17 ----A---- C:\Windows\system32\consent.exe
2010-12-15 14:47:15 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 14:47:14 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 14:47:13 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 14:47:09 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 14:47:08 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 14:47:07 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 14:47:06 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 14:47:04 ----A---- C:\Windows\system32\ieapfltr.dll
2010-12-15 14:47:03 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 14:47:03 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 14:47:01 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 14:47:01 ----A---- C:\Windows\system32\ieaksie.dll
2010-12-15 14:47:00 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 14:47:00 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 14:46:59 ----A---- C:\Windows\system32\occache.dll
2010-12-15 14:46:59 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 14:46:58 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 14:46:58 ----A---- C:\Windows\system32\ieencode.dll
2010-12-15 14:46:45 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 months======

2011-01-07 19:18:09 ----D---- C:\Windows\Prefetch
2011-01-07 19:13:51 ----AD---- C:\Windows\System32
2011-01-07 19:13:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-07 19:13:45 ----D---- C:\Windows\inf
2011-01-07 19:04:56 ----D---- C:\Windows
2011-01-07 18:59:28 ----D---- C:\Windows\Debug
2011-01-07 17:03:09 ----SHD---- C:\System Volume Information
2011-01-06 21:29:47 ----SHD---- C:\Windows\Installer
2011-01-06 17:08:24 ----RD---- C:\Users
2011-01-06 17:06:03 ----HD---- C:\Windows\system32\GroupPolicyUsers
2011-01-06 17:06:00 ----HD---- C:\Windows\system32\GroupPolicy
2011-01-06 16:10:25 ----A---- C:\Windows\system.ini
2011-01-06 16:10:11 ----D---- C:\Windows\system32\drivers\etc
2011-01-06 15:58:58 ----D---- C:\Windows\AppPatch
2011-01-06 15:58:58 ----AD---- C:\Windows\system32\drivers
2011-01-06 15:58:57 ----D---- C:\Program Files\Common Files
2011-01-06 14:04:22 ----D---- C:\Windows\cs-CZ
2011-01-06 14:04:22 ----D---- C:\Program Files\ICQToolbar
2011-01-06 09:01:11 ----D---- C:\ProgramData
2011-01-06 09:01:06 ----RD---- C:\Program Files
2011-01-06 08:46:24 ----D---- C:\Windows\Minidump
2011-01-04 15:52:28 ----D---- C:\Windows\system32\catroot2
2010-12-29 12:22:41 ----D---- C:\Windows\Tasks
2010-12-29 12:22:41 ----D---- C:\Windows\system32\Tasks
2010-12-29 12:12:36 ----D---- C:\Windows\system32\Adobe
2010-12-26 13:10:20 ----RSD---- C:\Windows\assembly
2010-12-18 10:16:40 ----D---- C:\Windows\system32\catroot
2010-12-18 10:16:29 ----SD---- C:\ProgramData\Microsoft
2010-12-18 10:02:24 ----SD---- C:\Users\Marie Hrynečková\AppData\Roaming\Microsoft
2010-12-18 09:48:12 ----D---- C:\Windows\winsxs
2010-12-16 06:20:51 ----D---- C:\Program Files\Windows Mail
2010-12-16 06:20:45 ----D---- C:\Program Files\Internet Explorer
2010-12-16 06:18:18 ----D---- C:\Windows\rescache
2010-12-16 06:01:46 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 06:01:05 ----D---- C:\ProgramData\Microsoft Help
2010-12-08 21:34:08 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-03-02 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-06-15 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-31 1780576]
R3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2007-06-12 51040]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-25 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-19 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-08 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-01-08 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-08 16560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WisINT15;WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-03 272024]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-29 136176]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]

-----------------EOF-----------------

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=-
"WMPNSCFG"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.

Smažte C:\Qoobox

A pokud nejsou problémy, je to vše

VIRY.CZ

Pomalý PC - prosím okontrolu

Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu

Re: Pomalý PC - prosím okontrolu