VIRY.CZ

Dobrý den prosim o pomoc s tymhle virem, dneska odpoledne mi avast zacel zachytavat tenhle vir a vubec nevim co s tim podle rady jsem si stahnul rsit.exe spustil a hodil sem log.
dekuji predem za kazdou pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Piggie at 2011-01-20 23:47:24
Microsoft Windows 7 Ultimate
System drive C: has 94 GB (47%) free of 200 GB
Total RAM: 3070 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:48:33, on 20.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Razer\Mamba\RazerTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Citrus Alarm Clock\citrusac.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\Piggie\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\Piggie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Razer Mamba Driver] C:\Program Files\Razer\Mamba\RazerTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [NvCplDaemonTool] rundll32.exe C:\Users\Piggie\pload2D.dll,_IWMPEvents
O4 - Startup: scansdiskja14.dll
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11405 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-24 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2011-01-01 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo0.dll [2011-01-01 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2010-03-23 158520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo0.dll [2011-01-01 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2011-01-01 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-24 1190920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2007-09-06 393216]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-01-19 8452640]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2010-10-22 524288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2010-11-24 274608]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-12-06 1910152]
"Razer Mamba Driver"=C:\Program Files\Razer\Mamba\RazerTray.exe [2009-12-15 3278728]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 135664]
"Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2010-06-01 5252408]
"Citrus Alarm Clock"=C:\Program Files\Citrus Alarm Clock\citrusac.exe [2001-10-21 513024]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-12-12 395640]
"NvCplDaemonTool"=C:\Users\Piggie\pload2D.dll,_IWMPEvents []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-07-12 178712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2008-07-29 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

C:\Users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
scansdiskja14.dll
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Call Graph\xulrunner\xulrunner.exe"="C:\Program Files\Call Graph\xulrunner\xulrunner.exe:*:Enabled:Call Graph Browser"
"C:\Program Files\Call Graph\CallGraph.exe"="C:\Program Files\Call Graph\CallGraph.exe:*:Enabled:Call Graph"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2011-01-20 23:47:29 ----D---- C:\Program Files\trend micro
2011-01-20 23:47:24 ----D---- C:\rsit
2011-01-20 15:26:26 ----SHD---- C:\$RECYCLE.BIN
2011-01-20 15:26:22 ----A---- C:\ComboFix.txt
2011-01-20 15:14:23 ----A---- C:\Windows\zip.exe
2011-01-20 15:14:23 ----A---- C:\Windows\SWSC.exe
2011-01-20 15:14:23 ----A---- C:\Windows\SWREG.exe
2011-01-20 15:14:23 ----A---- C:\Windows\sed.exe
2011-01-20 15:14:23 ----A---- C:\Windows\PEV.exe
2011-01-20 15:14:23 ----A---- C:\Windows\NIRCMD.exe
2011-01-20 15:14:23 ----A---- C:\Windows\MBR.exe
2011-01-20 15:14:23 ----A---- C:\Windows\grep.exe
2011-01-20 15:14:16 ----D---- C:\Windows\ERDNT
2011-01-20 15:10:56 ----D---- C:\Qoobox
2011-01-20 15:10:32 ----A---- C:\Windows\SWXCACLS.exe
2011-01-20 14:59:22 ----D---- C:\Program Files\CCleaner
2011-01-19 19:18:02 ----D---- C:\PFiles
2011-01-19 13:51:49 ----D---- C:\ProgramData\Sun
2011-01-19 13:51:45 ----D---- C:\Program Files\Common Files\Java
2011-01-19 13:51:34 ----A---- C:\Windows\system32\javaws.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\javaw.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\java.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-15 19:42:21 ----D---- C:\Program Files\Z8Games
2011-01-12 10:31:38 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 10:31:38 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 10:31:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 10:29:57 ----A---- C:\Windows\system32\odbc32.dll
2011-01-02 03:56:54 ----D---- C:\Users\Piggie\AppData\Roaming\AIMP
2011-01-02 03:56:08 ----D---- C:\Program Files\AIMP2
2011-01-01 18:53:00 ----D---- C:\Program Files\VentriloMIX
2010-12-28 00:20:27 ----D---- C:\Users\Piggie\AppData\Roaming\RIFT
2010-12-28 00:20:07 ----D---- C:\Program Files\RIFT
2010-12-16 19:21:20 ----D---- C:\Program Files\Razer
2010-12-15 09:31:40 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 09:31:37 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 09:31:37 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 09:31:37 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 09:31:37 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 09:31:36 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 09:31:36 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 09:31:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 09:31:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 09:31:31 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 09:31:31 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 09:31:31 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 09:31:30 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 09:31:30 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 09:31:30 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 09:31:26 ----A---- C:\Windows\system32\webio.dll
2010-12-15 09:31:26 ----A---- C:\Windows\system32\consent.exe
2010-12-15 09:31:26 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 09:31:26 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 09:31:25 ----A---- C:\Windows\system32\win32k.sys
2010-12-13 12:35:20 ----D---- C:\Users\Piggie\AppData\Roaming\Chime
2010-12-13 08:01:12 ----D---- C:\found.000
2010-12-10 14:49:49 ----D---- C:\Program Files\Common Files\Skype
2010-12-10 00:10:05 ----AH---- C:\Windows\system32\hamachi.sys
2010-12-10 00:10:03 ----D---- C:\Program Files\LogMeIn Hamachi
2010-12-09 23:42:24 ----D---- C:\Users\Piggie\AppData\Roaming\Hamachi
2010-12-09 15:25:05 ----A---- C:\Windows\ScUnin.pif
2010-12-09 15:25:05 ----A---- C:\Windows\ScUnin.exe
2010-12-06 09:30:22 ----D---- C:\Program Files\RapidShareManager
2010-12-06 09:19:04 ----A---- C:\Windows\_MSRSTRT.EXE
2010-12-06 08:43:54 ----A---- C:\Windows\libem.INI
2010-12-06 08:43:19 ----D---- C:\Users\Piggie\AppData\Roaming\BITS
2010-12-06 08:43:16 ----D---- C:\Users\Piggie\AppData\Roaming\FlashGetBHO
2010-12-06 08:43:13 ----D---- C:\Program Files\FlashGet Network
2010-12-04 00:37:25 ----A---- C:\Windows\AutoKMS.ini
2010-12-04 00:37:25 ----A---- C:\Windows\AutoKMS.exe
2010-12-03 19:05:17 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-12-03 19:05:14 ----D---- C:\Program Files\Common Files\DESIGNER
2010-12-03 19:04:25 ----D---- C:\Program Files\Microsoft Sync Framework
2010-12-03 18:58:47 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-12-03 18:57:54 ----D---- C:\Program Files\Microsoft Analysis Services
2010-11-28 17:53:09 ----D---- C:\Users\Piggie\AppData\Roaming\IrfanView
2010-11-28 17:53:09 ----D---- C:\Program Files\IrfanView
2010-11-27 20:13:47 ----D---- C:\ProgramData\boost_interprocess
2010-11-26 09:44:41 ----A---- C:\Windows\system32\npptNT2.sys
2010-11-26 09:44:33 ----D---- C:\Program Files\Common Files\INCA Shared
2010-11-25 17:31:48 ----D---- C:\Users\Piggie\AppData\Roaming\ijjigame
2010-11-25 17:26:07 ----D---- C:\Temp
2010-11-25 17:26:07 ----A---- C:\Windows\system32\ijjiSetup.exe
2010-11-25 17:26:07 ----A---- C:\Windows\system32\ijjiProcessRestarter.exe
2010-11-25 17:26:03 ----D---- C:\Program Files\REACTOR
2010-11-25 16:54:33 ----D---- C:\ijji
2010-11-24 14:08:45 ----D---- C:\Program Files\Common Files\xing shared
2010-11-24 14:08:40 ----A---- C:\Windows\system32\rmoc3260.dll
2010-11-24 14:08:21 ----A---- C:\Windows\system32\pndx5032.dll
2010-11-24 14:08:21 ----A---- C:\Windows\system32\pndx5016.dll
2010-11-24 14:08:13 ----D---- C:\Program Files\real
2010-11-24 11:18:53 ----D---- C:\Program Files\SCi
2010-11-23 22:12:20 ----D---- C:\ProgramData\Hewlett-Packard
2010-11-23 11:24:25 ----A---- C:\Windows\system32\WING32.DLL
2010-11-23 11:24:20 ----A---- C:\Windows\IsUn0405.exe
2010-11-20 16:56:27 ----D---- C:\ProgramData\Electronic Arts
2010-11-20 16:56:27 ----D---- C:\ProgramData\EA Core
2010-11-20 14:04:19 ----D---- C:\Program Files\DAEMON Tools Lite
2010-11-20 00:42:09 ----D---- C:\Program Files\Conduit
2010-11-20 00:42:06 ----D---- C:\Program Files\ConduitEngine
2010-11-20 00:42:03 ----D---- C:\Program Files\uTorrentBar
2010-11-20 00:42:02 ----D---- C:\extensions
2010-11-20 00:41:56 ----D---- C:\Program Files\uTorrent
2010-11-20 00:23:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-11-20 00:23:24 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-11-20 00:23:24 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-11-20 00:23:23 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-11-20 00:23:23 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-11-20 00:23:13 ----A---- C:\Windows\system32\aswBoot.exe
2010-11-20 00:15:07 ----D---- C:\Program Files\PFConfig
2010-11-16 08:09:48 ----D---- C:\Program Files\Common Files\Spigot
2010-11-16 08:09:48 ----D---- C:\Program Files\Application Updater
2010-11-09 11:01:11 ----D---- C:\Program Files\ProtectDisc Driver Installer
2010-11-09 10:49:19 ----RA---- C:\Windows\system32\tmp7590.tmp
2010-11-09 10:42:44 ----D---- C:\Users\Piggie\AppData\Roaming\Avanquest
2010-11-07 23:12:55 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-11-07 23:12:55 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-11-07 23:12:54 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-11-07 23:12:54 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-11-07 23:12:54 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-11-07 23:12:53 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-11-07 23:12:53 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-11-07 23:12:52 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-11-07 20:20:54 ----D---- C:\Program Files\eMule
2010-11-06 17:12:32 ----D---- C:\Users\Piggie\AppData\Roaming\Tropico 3
2010-11-06 02:01:46 ----D---- C:\Program Files\Kalypso
2010-11-06 00:58:59 ----D---- C:\Users\Piggie\AppData\Roaming\Code Force Limited
2010-11-06 00:16:17 ----D---- C:\Windows\Distant Worlds
2010-11-06 00:16:17 ----D---- C:\Matrix Games
2010-11-04 02:41:24 ----D---- C:\Users\Piggie\AppData\Roaming\Chirurgie Simulation
2010-11-03 12:14:38 ----D---- C:\Users\Piggie\AppData\Roaming\BlackBean
2010-11-03 08:59:27 ----D---- C:\Users\Piggie\AppData\Roaming\.minecraft
2010-11-02 00:38:35 ----D---- C:\Program Files\QS
2010-11-02 00:37:01 ----D---- C:\Program Files\TeamViewer
2010-11-01 23:52:39 ----D---- C:\Users\Piggie\AppData\Roaming\TeamViewer
2010-10-27 12:27:30 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 12:27:29 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 12:27:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-10-26 14:23:27 ----D---- C:\ProgramData\Codemasters
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_vml_p4.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_vml_p3.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_vml_def.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_p4.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_p3.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_lapack64.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_lapack32.dll
2010-10-26 12:11:42 ----A---- C:\Windows\system32\mkl_def.dll
2010-10-26 12:11:41 ----A---- C:\Windows\system32\rapture3d_oal.dll
2010-10-26 12:11:41 ----A---- C:\Windows\system32\libguide40.dll
2010-10-26 12:11:38 ----D---- C:\Program Files\BRS
2010-10-26 12:11:02 ----D---- C:\Windows\system32\xlive
2010-10-26 12:11:01 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-10-26 12:10:37 ----RA---- C:\Windows\system32\tmp8829.tmp
2010-10-26 12:08:47 ----RA---- C:\Windows\system32\tmp8828.tmp
2010-10-21 14:56:49 ----A---- C:\Windows\system32\drivers\btwrchid.sys
2010-10-21 14:56:49 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2010-10-21 14:56:49 ----A---- C:\Windows\system32\drivers\btwaudio.sys
2010-10-21 14:56:47 ----A---- C:\Windows\system32\BtwRSupport.dll
2010-10-21 14:56:42 ----D---- C:\Windows\system32\es-MX
2010-10-21 14:56:42 ----D---- C:\Windows\system32\es-AR
2010-10-21 14:56:36 ----D---- C:\Program Files\Synaptics
2010-10-21 14:56:13 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2010-10-21 14:56:13 ----A---- C:\Windows\system32\SynTPCo4.dll
2010-10-21 14:56:13 ----A---- C:\Windows\system32\SynTPAPI.dll
2010-10-21 14:56:13 ----A---- C:\Windows\system32\SynCtrl.dll
2010-10-21 14:56:13 ----A---- C:\Windows\system32\SynCOM.dll
2010-10-21 14:56:13 ----A---- C:\Windows\system32\drivers\SynTP.sys
2010-10-21 10:42:38 ----A---- C:\Windows\BR040286.exe
2010-10-21 10:42:38 ----A---- C:\Windows\BR040264.exe

======List of files/folders modified in the last 3 months======

2011-01-20 23:48:28 ----D---- C:\Users\Piggie\AppData\Roaming\uTorrent
2011-01-20 23:47:29 ----RD---- C:\Program Files
2011-01-20 23:47:15 ----D---- C:\Downloads
2011-01-20 23:46:58 ----D---- C:\Windows\Temp
2011-01-20 23:44:28 ----D---- C:\Users\Piggie\AppData\Roaming\Skype
2011-01-20 23:19:55 ----D---- C:\Users\Piggie\AppData\Roaming\Xfire
2011-01-20 23:12:06 ----D---- C:\Users\Piggie\AppData\Roaming\skypePM
2011-01-20 23:09:45 ----D---- C:\Program Files\League of Legends
2011-01-20 21:58:00 ----D---- C:\Windows
2011-01-20 21:45:45 ----D---- C:\Windows\system32\config
2011-01-20 21:12:36 ----D---- C:\Windows\System32
2011-01-20 21:12:36 ----D---- C:\Windows\inf
2011-01-20 21:12:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-20 21:08:52 ----D---- C:\Windows\system32\catroot2
2011-01-20 21:08:52 ----D---- C:\Windows\system32\catroot
2011-01-20 21:08:50 ----D---- C:\Windows\winsxs
2011-01-20 15:34:56 ----D---- C:\Users\Piggie\AppData\Roaming\ICQ
2011-01-20 15:24:12 ----A---- C:\Windows\system.ini
2011-01-20 15:24:05 ----D---- C:\Windows\system32\drivers\etc
2011-01-20 15:23:36 ----D---- C:\ProgramData
2011-01-20 15:21:09 ----D---- C:\Windows\system32\drivers
2011-01-20 15:21:09 ----D---- C:\Windows\AppPatch
2011-01-20 15:21:08 ----D---- C:\Program Files\Common Files
2011-01-20 15:05:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-20 15:02:56 ----D---- C:\Windows\Minidump
2011-01-20 15:02:56 ----D---- C:\Windows\debug
2011-01-19 23:26:26 ----D---- C:\Users\Piggie\AppData\Roaming\vlc
2011-01-19 20:18:35 ----SHD---- C:\System Volume Information
2011-01-19 19:18:03 ----SHD---- C:\Windows\Installer
2011-01-19 13:51:21 ----D---- C:\Program Files\Java
2011-01-19 13:46:00 ----D---- C:\Windows\system32\Tasks
2011-01-19 02:20:22 ----D---- C:\Windows\Prefetch
2011-01-16 10:17:24 ----D---- C:\ProgramData\Xfire
2011-01-15 01:18:10 ----D---- C:\ProgramData\Microsoft Help
2011-01-14 17:46:46 ----D---- C:\Windows\Tasks
2011-01-14 17:46:46 ----D---- C:\Windows\system32\wfp
2011-01-14 17:46:46 ----D---- C:\Windows\system32\DriverStore
2011-01-14 17:46:36 ----D---- C:\Windows\system32\wbem
2011-01-14 17:46:36 ----D---- C:\Windows\registration
2011-01-14 17:44:09 ----D---- C:\Windows\system32\LogFiles
2011-01-12 19:12:27 ----A---- C:\Windows\system32\MRT.exe
2011-01-05 19:33:49 ----D---- C:\Program Files\ICQ7.0
2011-01-05 10:59:39 ----D---- C:\Windows\system32\NDF
2011-01-04 14:08:35 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-04 11:17:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-01 18:45:44 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-28 00:22:28 ----D---- C:\Windows\system32\directx
2010-12-26 19:51:25 ----D---- C:\Users\Piggie\AppData\Roaming\Real
2010-12-26 15:53:21 ----D---- C:\Users\Piggie\AppData\Roaming\Ventrilo
2010-12-24 04:53:08 ----D---- C:\Windows\rescache
2010-12-16 18:57:03 ----D---- C:\Program Files\SpeedFan
2010-12-16 02:33:54 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 02:33:54 ----D---- C:\Program Files\Windows Mail
2010-12-16 02:33:53 ----D---- C:\Windows\system32\migration
2010-12-16 02:33:53 ----D---- C:\Program Files\Internet Explorer
2010-12-15 09:24:51 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-12-14 17:28:40 ----D---- C:\ProgramData\Blizzard Entertainment
2010-12-14 17:09:47 ----D---- C:\Program Files\Minilyrics
2010-12-13 17:17:08 ----D---- C:\Lyrics
2010-12-12 04:18:46 ----D---- C:\Seznamy stop
2010-12-10 14:49:49 ----RD---- C:\Program Files\Skype
2010-12-10 14:49:43 ----D---- C:\ProgramData\Skype
2010-12-10 02:11:48 ----D---- C:\Users\Piggie\AppData\Roaming\TS3Client
2010-12-06 09:20:29 ----D---- C:\Program Files\FlashGet
2010-12-06 08:43:36 ----D---- C:\Users\Piggie\AppData\Roaming\FlashGet
2010-12-03 21:23:14 ----D---- C:\Windows\Microsoft.NET
2010-12-03 21:22:26 ----RSD---- C:\Windows\assembly
2010-12-03 19:14:19 ----D---- C:\Program Files\Common Files\microsoft shared
2010-12-03 19:14:03 ----D---- C:\Windows\ShellNew
2010-12-03 19:13:43 ----A---- C:\Windows\win.ini
2010-12-03 19:13:40 ----D---- C:\Program Files\Common Files\System
2010-12-03 19:06:36 ----RSD---- C:\Windows\Fonts
2010-12-03 19:06:06 ----D---- C:\Program Files\MSBuild
2010-12-03 19:04:27 ----D---- C:\Program Files\Microsoft Office
2010-12-03 19:04:25 ----SD---- C:\ProgramData\Microsoft
2010-12-03 19:04:25 ----D---- C:\Program Files\Microsoft.NET
2010-12-03 19:04:25 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-11-29 15:38:06 ----SD---- C:\Users\Piggie\AppData\Roaming\Microsoft
2010-11-27 23:11:48 ----D---- C:\ProgramData\PMB Files
2010-11-27 19:58:36 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-11-27 14:55:36 ----D---- C:\Program Files\Common Files\Steam
2010-11-25 17:26:07 ----D---- C:\Windows\Downloaded Program Files
2010-11-24 14:08:20 ----A---- C:\Windows\system32\pncrt.dll
2010-11-24 14:08:16 ----A---- C:\Windows\system32\msvcp71.dll
2010-11-24 14:08:13 ----D---- C:\Program Files\Common Files\Real
2010-11-24 11:18:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-23 11:24:25 ----D---- C:\Windows\system
2010-11-09 10:49:19 ----A---- C:\Windows\system32\OpenAL32.dll
2010-11-09 10:49:14 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-03 09:45:01 ----D---- C:\Windows\Logs
2010-10-27 14:19:29 ----D---- C:\Windows\ehome
2010-10-26 12:10:37 ----D---- C:\Program Files\OpenAL
2010-10-26 12:10:37 ----A---- C:\Windows\system32\wrap_oal.dll
2010-10-21 15:04:30 ----D---- C:\Program Files\1C Company
2010-10-21 14:56:43 ----D---- C:\Windows\system32\zh-TW
2010-10-21 14:56:43 ----D---- C:\Windows\system32\zh-CN
2010-10-21 14:56:43 ----D---- C:\Windows\system32\sv-SE
2010-10-21 14:56:43 ----D---- C:\Windows\system32\ru-RU
2010-10-21 14:56:43 ----D---- C:\Windows\system32\pt-BR
2010-10-21 14:56:43 ----D---- C:\Windows\system32\pl-PL
2010-10-21 14:56:43 ----D---- C:\Windows\system32\nl-NL
2010-10-21 14:56:42 ----D---- C:\Windows\system32\nb-NO
2010-10-21 14:56:42 ----D---- C:\Windows\system32\ko-KR
2010-10-21 14:56:42 ----D---- C:\Windows\system32\ja-JP
2010-10-21 14:56:42 ----D---- C:\Windows\system32\it-IT
2010-10-21 14:56:42 ----D---- C:\Windows\system32\fr-FR
2010-10-21 14:56:42 ----D---- C:\Windows\system32\fi-FI
2010-10-21 14:56:42 ----D---- C:\Windows\system32\es-ES
2010-10-21 14:56:42 ----D---- C:\Windows\system32\en-US
2010-10-21 14:56:42 ----D---- C:\Windows\system32\de-DE
2010-10-21 14:56:42 ----D---- C:\Windows\system32\da-DK
2010-10-21 14:41:09 ----D---- C:\Users\Piggie\AppData\Roaming\runic games
2010-10-21 10:42:38 ----RSD---- C:\Windows\Media
2010-10-21 10:42:38 ----D---- C:\Windows\twain_32
2010-10-21 10:42:38 ----D---- C:\Windows\Options

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-08 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-07-28 685056]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-11-30 15392]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-03-05 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-03-05 38400]
R3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AVerA310USB.sys [2009-05-06 26752]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AVerA310Cap.sys [2009-05-06 47104]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-11-02 59904]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-01-19 2991328]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-07 192816]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-30 79664]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 catchme;catchme; \??\C:\Users\Piggie\AppData\Local\Temp\catchme.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2010-02-02 23456]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 UsbFltr;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2009-11-10 12416]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;Sony Ericsson USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;Služba WinUSB; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 XDva379;XDva379; \??\C:\Windows\system32\XDva379.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-20 122984]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-09 655624]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-11-23 4012424]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-18 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]

-----------------EOF-----------------

Zdravim a pekny den preji

Vy umite pracovat s ComboFixem a lustit jeho log ze si jej aplikujete

Jeho log je treba pomoci prikazu a skriptu dolustit - udelal jste to

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Vlozte mi sem jeho log C:\combofix.txt

dobry den delam trochu lajcky v oboru ale ne nijak moc ten combo fix jsem zkousel protoze to byla prvni vec co jsem nasel na tomto forku nekolikrat a az potom ten co to doporucujete v faq

s pocitacema umim ale s timto zkusenosti nemam

ComboFix 11-01-19.03 - Piggie 20.01.2011 15:16:37.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.1814 [GMT 1:00]
Spuštěný z: c:\downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\CFLog
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\IE\4.1\config.ini
c:\program files\Dealio Toolbar\IE\4.1\deALiotoolbarie.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\programdata\hpe7286.dll
c:\users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
c:\users\Piggie\Documents\cc_20110120_150633.reg
c:\windows\system32\uninstall.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-20 do 2011-01-20 )))))))))))))))))))))))))))))))
.

2011-01-20 14:24 . 2011-01-20 14:24 -------- d-----w- c:\users\Piggie\AppData\Local\temp
2011-01-20 14:24 . 2011-01-20 14:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-20 13:59 . 2011-01-20 13:59 -------- d-----w- c:\program files\CCleaner
2011-01-19 18:18 . 2011-01-19 18:18 -------- d-----w- C:\PFiles
2011-01-19 12:51 . 2011-01-19 12:51 -------- d-----w- c:\program files\Common Files\Java
2011-01-19 12:51 . 2010-11-12 17:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-18 10:39 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E0140D17-6040-49C6-A122-61A3986502B2}\mpengine.dll
2011-01-15 18:42 . 2011-01-15 18:42 -------- d-----w- c:\program files\Z8Games
2011-01-13 11:49 . 2011-01-13 11:49 -------- d-----w- c:\users\Public\RaKeplan
2011-01-13 11:49 . 2011-01-13 11:49 -------- d-----w- c:\users\Public\totalcmd
2011-01-13 11:48 . 2011-01-13 11:48 -------- d-----w- c:\users\Public\pek
2011-01-13 11:46 . 2011-01-13 11:47 -------- d-----w- c:\users\Public\Age of Empires 2 - Conquerors
2011-01-12 09:29 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 09:29 . 2010-10-16 04:33 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 09:29 . 2010-10-16 04:33 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 09:29 . 2010-10-16 04:33 987136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 09:29 . 2010-10-16 04:33 208896 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-02 02:56 . 2011-01-19 00:31 -------- d-----w- c:\users\Piggie\AppData\Roaming\AIMP
2011-01-02 02:56 . 2011-01-02 02:56 -------- d-----w- c:\program files\AIMP2
2011-01-02 01:39 . 2011-01-02 01:39 176488 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10136.bin
2011-01-01 17:53 . 2011-01-01 17:53 -------- d-----w- c:\program files\VentriloMIX
2010-12-27 23:20 . 2011-01-14 16:46 -------- d-----w- c:\users\Piggie\AppData\Roaming\RIFT
2010-12-27 23:20 . 2011-01-16 13:02 -------- d-----w- c:\program files\RIFT

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-09 14:25 . 2010-12-09 14:25 967 ----a-w- c:\windows\ScUnin.pif
2010-12-09 14:25 . 2010-12-09 14:25 94208 ----a-w- c:\windows\ScUnin.exe
2010-12-06 08:19 . 2010-12-06 08:19 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-12-03 23:37 . 2010-12-03 23:37 614400 ----a-w- c:\windows\AutoKMS.exe
2010-11-24 13:08 . 2010-01-09 00:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-23 19:33 . 2010-11-26 08:45 4012424 ----a-w- c:\windows\system32\GameMon.des
2010-11-23 10:24 . 2010-11-23 10:24 12800 ----a-w- c:\windows\system\WING32.DLL
2010-11-09 09:49 . 2010-01-13 09:22 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-04 05:52 . 2010-12-15 08:31 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48 . 2010-12-15 08:31 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41 . 2010-12-15 08:31 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08 . 2010-12-15 08:31 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41 . 2010-12-15 08:31 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40 . 2010-12-15 08:31 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40 . 2010-12-15 08:31 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39 . 2010-12-15 08:31 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-15 08:31 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34 . 2010-12-15 08:31 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-27 04:32 . 2010-12-15 08:31 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-26 11:10 . 2010-01-13 09:22 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-08 11:33 610304 --sha-w- c:\windows\System32\pload2D.dll
2009-12-08 11:33 610304 --sha-w- c:\windows\System32\config\systemprofile\pload2D.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo0.dll" [2011-01-01 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-01 15:37 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-01-01 15:37 3911776 ----a-w- c:\program files\uTorrentBar\tbuTo0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTo0.dll" [2011-01-01 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-01-01 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTo0.dll" [2011-01-01 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-01-01 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-08 135664]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"Citrus Alarm Clock"="c:\program files\Citrus Alarm Clock\citrusac.exe" [2001-10-21 513024]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-12 395640]
"NvCplDaemonTool"="c:\users\Piggie\pload2D.dll" [2009-12-08 610304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-24 1190920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2007-09-06 393216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-01-19 8452640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2010-10-22 524288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-24 274608]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"Razer Mamba Driver"="c:\program files\Razer\Mamba\RazerTray.exe" [2009-12-15 3278728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NvCplDaemonTool"="c:\windows\system32\pload2D.dll" [2009-12-08 610304]

c:\users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
scansdiskja14.dll [2009-12-8 610304]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-7-9 3493776]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2010-2-2 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-08 18:24 135664 ----atw- c:\users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-07-12 15:36 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2008-07-29 18:29 200704 ----a-w- c:\windows\PLFSetI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-07 09:35 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-02-02 23456]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-11-23 4012424]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2009-11-10 12416]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]
R3 XDva379;XDva379;c:\windows\system32\XDva379.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-08 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S3 A310;AVerMedia A310 DVB-T;c:\windows\system32\DRIVERS\AVerA310USB.sys [2009-05-06 26752]
S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device;c:\windows\system32\drivers\AVerA310Cap.sys [2009-05-06 47104]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-11-02 59904]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]

.
Obsah adresáře 'Naplánované úlohy'

2011-01-20 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2010-12-03 23:37]

2011-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000Core.job
- c:\users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 18:24]

2011-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000UA.job
- c:\users\Piggie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 18:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mojebanka.cz/
mStart Page = hxxp://www.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stahnou vse FlashGet3 - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard
AddRemove-HaaliMkx - c:\windows\system32\uninstall.exe

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c4,d5,8b,92,c3,a7,b8,40,93,4a,cd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c4,d5,8b,92,c3,a7,b8,40,93,4a,cd,\

[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Piggie\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Piggie\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A7C7D71C-FA17-4E0F-6792-C64D4DED9988}*]
"bbffpkioiaflpeobondafgcdfggeaembcnhl"=hex:63,62,67,6c,61,65,6a,70,6c,70,66,6e,
69,63,6a,63,63,65,6d,6d,64,65,6f,68,67,68,62,62,69,61,69,6f,6f,62,62,68,6b,\
"abffpkioiaflpeobonaamhioioblopbdoa"=hex:64,62,68,68,61,62,6c,6c,6f,67,65,6c,
6a,6e,70,62,6e,6a,68,63,66,67,67,6a,6a,61,61,64,6c,64,69,64,63,64,68,62,66,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-20 15:26:22
ComboFix-quarantined-files.txt 2011-01-20 14:26

Před spuštěním: Volných bajtů: 99 106 541 568
Po spuštění: Volných bajtů: 98 585 235 456

- - End Of File - - A41E58FCCE33B657237000C2185438D0

ComboFix neni vsemohouci, neumi mazat nove hrozby, ty je treba domazavat pres skript, ktery tezko vytvorite kdyz neznate prikazy ktere CFko vyuziva

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

File::
c:\program files\ConduitEngine\ConduitEngin1.dll
c:\windows\Tasks\AutoKMS.job
c:\windows\AutoKMS.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000UA.job

Collect::
c:\users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scansdiskja14.dll

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"Messenger (Yahoo!)"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"TkBellExe"=-
"LogMeIn Hamachi Ui"=-
"Razer Mamba Driver"=-
"SunJavaUpdateSched"=-
"NvCplDaemonTool"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

Driver::
XDva379

Folder::
c:\program files\uTorrentBar

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A7C7D71C-FA17-4E0F-6792-C64D4DED9988}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

RegNull::
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A7C7D71C-FA17-4E0F-6792-C64D4DED9988}*]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegLockDel::
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A7C7D71C-FA17-4E0F-6792-C64D4DED9988}*]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

DDS::
IE: Stahnou vse FlashGet3 - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

je mozne ze mi ho nod32 smazal? mam avastafree hlasil mi to driv ze to porad blokoval neco, potom jsem sem napsal projel jsem to cccleanerem avastem v hloubce a jeste nodem32 v hloubce a naslo mi to tak jsem to nechal smazat a od ty doby mi to avast nehlasi vlastne od vcerejska je mozne ze je to smazane nebo to antivir nenasel?

Spise to AV nenasel, provedte prosim krok s ComboFixem a jeho skriptem, je terba jeste hodne veci domazat coz prave udela ten skript...

ComboFix 11-01-22.03 - Piggie 23.01.2011 12:35:26.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.1958 [GMT 1:00]
Spuštěný z: c:\users\Piggie\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Piggie\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\program files\ConduitEngine\ConduitEngin1.dll"
"c:\windows\AutoKMS.exe"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000UA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ConduitEngine\ConduitEngin1.dll
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo0.dll
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3844571585-3890463366-497773982-1000UA.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XDVA379
-------\Service_XDva379

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.

2011-01-23 11:43 . 2011-01-23 11:46 -------- d-----w- c:\users\Piggie\AppData\Local\temp
2011-01-23 11:43 . 2011-01-23 11:43 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-01-23 11:43 . 2011-01-23 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-22 11:46 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4719A6A3-1544-4F42-959D-ABB457B0F8DD}\mpengine.dll
2011-01-21 02:03 . 2011-01-21 02:03 -------- d-----w- c:\users\Piggie\AppData\Local\ESET
2011-01-21 00:11 . 2011-01-21 00:11 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\ESET
2011-01-21 00:08 . 2011-01-21 00:08 -------- d-----w- c:\program files\ESET
2011-01-20 23:50 . 2011-01-21 00:01 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
2011-01-20 23:17 . 2011-01-20 23:17 -------- d-----w- c:\program files\Enigma Software Group
2011-01-20 22:47 . 2011-01-20 22:48 -------- d-----w- c:\program files\trend micro
2011-01-20 22:47 . 2011-01-20 22:48 -------- d-----w- C:\rsit
2011-01-20 13:59 . 2011-01-20 13:59 -------- d-----w- c:\program files\CCleaner
2011-01-19 18:18 . 2011-01-19 18:18 -------- d-----w- C:\PFiles
2011-01-19 12:51 . 2011-01-19 12:51 -------- d-----w- c:\program files\Common Files\Java
2011-01-19 12:51 . 2010-11-12 17:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-15 18:42 . 2011-01-15 18:42 -------- d-----w- c:\program files\Z8Games
2011-01-13 11:49 . 2011-01-13 11:49 -------- d-----w- c:\users\Public\RaKeplan
2011-01-13 11:49 . 2011-01-13 11:49 -------- d-----w- c:\users\Public\totalcmd
2011-01-13 11:48 . 2011-01-13 11:48 -------- d-----w- c:\users\Public\pek
2011-01-13 11:46 . 2011-01-13 11:47 -------- d-----w- c:\users\Public\Age of Empires 2 - Conquerors
2011-01-12 09:29 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 09:29 . 2010-10-16 04:33 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 09:29 . 2010-10-16 04:33 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 09:29 . 2010-10-16 04:33 987136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 09:29 . 2010-10-16 04:33 208896 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-02 02:56 . 2011-01-23 11:32 -------- d-----w- c:\users\Piggie\AppData\Roaming\AIMP
2011-01-02 02:56 . 2011-01-02 02:56 -------- d-----w- c:\program files\AIMP2
2011-01-02 01:39 . 2011-01-02 01:39 176488 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10136.bin
2011-01-01 17:53 . 2011-01-01 17:53 -------- d-----w- c:\program files\VentriloMIX
2010-12-27 23:20 . 2011-01-14 16:46 -------- d-----w- c:\users\Piggie\AppData\Roaming\RIFT
2010-12-27 23:20 . 2011-01-16 13:02 -------- d-----w- c:\program files\RIFT

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-09 14:25 . 2010-12-09 14:25 967 ----a-w- c:\windows\ScUnin.pif
2010-12-09 14:25 . 2010-12-09 14:25 94208 ----a-w- c:\windows\ScUnin.exe
2010-12-06 08:19 . 2010-12-06 08:19 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-11-24 13:08 . 2010-01-09 00:42 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-23 19:33 . 2010-11-26 08:45 4012424 ----a-w- c:\windows\system32\GameMon.des
2010-11-23 10:24 . 2010-11-23 10:24 12800 ----a-w- c:\windows\system\WING32.DLL
2010-11-09 09:49 . 2010-01-13 09:22 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-04 05:52 . 2010-12-15 08:31 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48 . 2010-12-15 08:31 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41 . 2010-12-15 08:31 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08 . 2010-12-15 08:31 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41 . 2010-12-15 08:31 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40 . 2010-12-15 08:31 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40 . 2010-12-15 08:31 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39 . 2010-12-15 08:31 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-15 08:31 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34 . 2010-12-15 08:31 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-27 04:32 . 2010-12-15 08:31 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-26 11:10 . 2010-01-13 09:22 445016 ----a-w- c:\windows\system32\wrap_oal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Citrus Alarm Clock"="c:\program files\Citrus Alarm Clock\citrusac.exe" [2001-10-21 513024]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-12 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-24 1190920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2007-09-06 393216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-01-19 8452640]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2010-10-22 524288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2219184]

c:\users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-7-9 3493776]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2010-2-2 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-07-12 15:36 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2008-07-29 18:29 200704 ----a-w- c:\windows\PLFSetI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-07 09:35 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-02-02 23456]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-11-23 4012424]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2009-11-10 12416]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-08 691696]
S1 aswSP;aswSP; [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S3 A310;AVerMedia A310 DVB-T;c:\windows\system32\DRIVERS\AVerA310USB.sys [2009-05-06 26752]
S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device;c:\windows\system32\drivers\AVerA310Cap.sys [2009-05-06 47104]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-11-02 59904]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]

.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mojebanka.cz/
mStart Page = hxxp://www.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: ????3?? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Piggie\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
HKCU-Run-NvCplDaemonTool - c:\users\Piggie\pload2D.dll
AddRemove-uTorrentBar Toolbar - c:\progra~1\uTorrentBar\UNWISE.EXE

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Piggie\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-3844571585-3890463366-497773982-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Piggie\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5680)
c:\program files\Xfire\xfire_toucan_43094.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\System32\rundll32.exe
c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-01-23 12:51:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-23 11:51
ComboFix2.txt 2011-01-20 14:26

Před spuštěním: Volných bajtů: 93 314 519 040
Po spuštění: Volných bajtů: 92 911 058 944

- - End Of File - - 0E23EAF5EE0DDDECADF825ADE906B954

Ten NOD32 mate legalni

Pokud ano tak odinstalujte Avast. Pokud na NOD nemate zakoupenou licenci, tak Avasta ponechte a odintalujte NOD. Kazdopadne je v systemu nutne mit jen jeden antivir, jinak bude dochazet ke kolizi a nestabilite PC.

Jak se chova PC

mel jsem tam free avast toho noda jsem nainstaloval vcera jen kvuli tomu abych vyzkousel jestli to nenajde neco nasel a smazal, je to licence na 30 dni pc se chova normalne uz od ty doby co jsem to smazal nodem, jen kdyz zapnu pc objevi se mi error ze nejde zapnout neco.dll drive to avast ukazoval jako ten malware.

NODa odinstalujte, dle meho je to zbytecna investice - Avast v.5 je lepsi jak NOD...

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Dejte novy log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Piggie at 2011-01-23 20:39:48
Microsoft Windows 7 Ultimate
System drive C: has 96 GB (48%) free of 200 GB
Total RAM: 3070 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:40:06, on 23.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Citrus Alarm Clock\citrusac.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\Piggie.exe
C:\Users\Piggie\AppData\Local\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 9415 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-24 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2010-03-23 158520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-24 1190920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2007-09-06 393216]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-01-19 8452640]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2010-10-22 524288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Citrus Alarm Clock"=C:\Program Files\Citrus Alarm Clock\citrusac.exe [2001-10-21 513024]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-12-12 395640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-07-12 178712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2008-07-29 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

C:\Users\Piggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Call Graph\xulrunner\xulrunner.exe"="C:\Program Files\Call Graph\xulrunner\xulrunner.exe:*:Enabled:Call Graph Browser"
"C:\Program Files\Call Graph\CallGraph.exe"="C:\Program Files\Call Graph\CallGraph.exe:*:Enabled:Call Graph"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-23 20:39:48 ----D---- C:\rsit
2011-01-23 12:45:18 ----D---- C:\$RECYCLE.BIN
2011-01-21 00:17:29 ----D---- C:\Program Files\Enigma Software Group
2011-01-20 23:47:29 ----D---- C:\Program Files\trend micro
2011-01-20 14:59:22 ----D---- C:\Program Files\CCleaner
2011-01-19 19:18:02 ----D---- C:\PFiles
2011-01-19 13:51:49 ----D---- C:\ProgramData\Sun
2011-01-19 13:51:45 ----D---- C:\Program Files\Common Files\Java
2011-01-19 13:51:34 ----A---- C:\Windows\system32\javaws.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\javaw.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\java.exe
2011-01-19 13:51:34 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-15 19:42:21 ----D---- C:\Program Files\Z8Games
2011-01-12 10:31:38 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 10:31:38 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 10:31:38 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 10:31:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 10:31:37 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 10:29:57 ----A---- C:\Windows\system32\odbc32.dll
2011-01-02 03:56:54 ----D---- C:\Users\Piggie\AppData\Roaming\AIMP
2011-01-02 03:56:08 ----D---- C:\Program Files\AIMP2
2011-01-01 18:53:00 ----D---- C:\Program Files\VentriloMIX
2010-12-28 00:20:27 ----D---- C:\Users\Piggie\AppData\Roaming\RIFT
2010-12-28 00:20:07 ----D---- C:\Program Files\RIFT

======List of files/folders modified in the last 1 months======

2011-01-23 20:39:59 ----D---- C:\Windows\Prefetch
2011-01-23 20:39:55 ----D---- C:\Windows\Temp
2011-01-23 20:39:45 ----D---- C:\Downloads
2011-01-23 20:37:38 ----D---- C:\Users\Piggie\AppData\Roaming\uTorrent
2011-01-23 20:20:11 ----D---- C:\Users\Piggie\AppData\Roaming\Skype
2011-01-23 20:11:11 ----D---- C:\Windows\system32\config
2011-01-23 19:56:04 ----D---- C:\Windows\System32
2011-01-23 19:56:04 ----D---- C:\Windows
2011-01-23 19:55:26 ----D---- C:\Windows\Minidump
2011-01-23 19:51:30 ----SHD---- C:\System Volume Information
2011-01-23 19:50:56 ----SHD---- C:\Windows\Installer
2011-01-23 19:50:15 ----D---- C:\ProgramData
2011-01-23 19:50:14 ----RD---- C:\Program Files
2011-01-23 19:50:12 ----D---- C:\Windows\system32\DriverStore
2011-01-23 19:50:12 ----D---- C:\Windows\system32\drivers
2011-01-23 19:50:12 ----D---- C:\Windows\system32\catroot
2011-01-23 19:50:12 ----D---- C:\Windows\inf
2011-01-23 16:00:57 ----D---- C:\Users\Piggie\AppData\Roaming\skypePM
2011-01-23 13:30:59 ----D---- C:\Windows\system32\Tasks
2011-01-23 13:30:53 ----D---- C:\Users\Piggie\AppData\Roaming\ICQ
2011-01-23 12:45:24 ----A---- C:\Windows\system.ini
2011-01-23 12:45:15 ----D---- C:\Windows\system32\drivers\etc
2011-01-23 12:42:44 ----D---- C:\Windows\Tasks
2011-01-23 12:42:44 ----D---- C:\Users\Piggie\AppData\Roaming\FlashGetBHO
2011-01-23 12:42:41 ----D---- C:\Program Files\ConduitEngine
2011-01-23 12:39:58 ----D---- C:\Windows\AppPatch
2011-01-23 12:39:57 ----D---- C:\Program Files\Common Files
2011-01-23 12:33:02 ----D---- C:\Users\Piggie\AppData\Roaming\Xfire
2011-01-22 13:07:04 ----D---- C:\Program Files\League of Legends
2011-01-22 12:44:19 ----D---- C:\ProgramData\Xfire
2011-01-21 08:53:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-21 00:16:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-21 00:15:11 ----D---- C:\Users\Piggie\AppData\Roaming\vlc
2011-01-20 21:08:52 ----D---- C:\Windows\system32\catroot2
2011-01-20 21:08:50 ----D---- C:\Windows\winsxs
2011-01-20 15:05:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-20 15:02:56 ----D---- C:\Windows\debug
2011-01-20 11:10:35 ----D---- C:\Users\Piggie\AppData\Roaming\.minecraft
2011-01-19 13:51:21 ----D---- C:\Program Files\Java
2011-01-15 01:18:10 ----D---- C:\ProgramData\Microsoft Help
2011-01-14 17:46:46 ----D---- C:\Windows\system32\wfp
2011-01-14 17:46:46 ----D---- C:\Users\Piggie\AppData\Roaming\IrfanView
2011-01-14 17:46:36 ----D---- C:\Windows\system32\wbem
2011-01-14 17:46:36 ----D---- C:\Windows\registration
2011-01-14 17:44:09 ----D---- C:\Windows\system32\LogFiles
2011-01-12 19:12:27 ----A---- C:\Windows\system32\MRT.exe
2011-01-05 19:33:49 ----D---- C:\Program Files\ICQ7.0
2011-01-05 10:59:39 ----D---- C:\Windows\system32\NDF
2011-01-04 14:08:35 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-04 11:18:10 ----D---- C:\Program Files\Kalypso
2011-01-04 11:17:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-30 04:23:54 ----D---- C:\Program Files\RapidShareManager
2010-12-28 00:22:28 ----D---- C:\Windows\system32\directx
2010-12-26 19:51:25 ----D---- C:\Users\Piggie\AppData\Roaming\Real
2010-12-26 15:53:21 ----D---- C:\Users\Piggie\AppData\Roaming\Ventrilo
2010-12-24 20:03:16 ----D---- C:\ProgramData\boost_interprocess
2010-12-24 04:53:08 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-07-12 305176]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-08 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-07-28 685056]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-11-30 15392]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-03-05 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-03-05 38400]
R3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AVerA310USB.sys [2009-05-06 26752]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AVerA310Cap.sys [2009-05-06 47104]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-11-02 59904]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-01-19 2991328]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-07 192816]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-30 79664]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2010-02-02 23456]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 UsbFltr;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2009-11-10 12416]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;Sony Ericsson USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;Služba WinUSB; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-10-22 386560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-20 122984]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-09 655624]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-11-23 4012424]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-18 403240]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]

-----------------EOF-----------------

Bluepiggie píše:jen kdyz zapnu pc objevi se mi error ze nejde zapnout neco.dll drive to avast ukazoval jako ten malware.

Muzete sem prosim dat screen te hlasky - navod na screen http://www.viry.cz/forum/viewtopic.php?f=11&t=14114

tak uz se nic neobjevuje dekuju mnohokrat za pomoc

Nemate zac, rad jsem pomohl

VIRY.CZ

prosim o pomoc s win32:Malware-gen

prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen

Re: prosim o pomoc s win32:Malware-gen