VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by stanik at 2011-01-25 22:36:08
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (22%) free of 50 GB
Total RAM: 2046 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:16, on 25.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
E:\instalované programy\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Dokumenty\software\léčení vírů -logy\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\stanik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\INSTAL~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - E:\instalované programy\canon\Easy-WebPrint\EWPBrowseLoader.dll (file missing)
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll (file missing)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [P8000RCApp] C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe /runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\instalované programy\DAEMON Tools Lite\daemon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3510436479-1932850952-368464568-1001\..\Run: [DAEMON Tools Lite] "E:\instalované programy\DAEMON Tools Lite\daemon.exe" (User 'doma')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\INSTAL~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\INSTAL~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\INSTAL~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\INSTAL~1\SPYBOT~1\SDHelper.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

--
End of file - 7337 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\INSTAL~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - E:\instalované programy\canon\Easy-WebPrint\EWPBrowseLoader.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll []
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"JMB36X IDE Setup"=C:\Windows\JM\JMInsIDE.exe [2006-10-30 36864]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-23 4435968]
"DiscWizardMonitor.exe"=C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [2007-09-10 1188152]
"AcronisTimounterMonitor"=C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [2007-09-10 1962216]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [2007-09-04 148760]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2007-09-10 258134]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-07-23 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-07-23 8466432]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-07-23 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"P8000RCApp"=C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe [2008-02-05 676352]
"ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
"Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2008-08-08 153424]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-09-27 391096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*Restore"=C:\Windows\System32\rstrui.exe [2008-01-19 318464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"DAEMON Tools Lite"=E:\instalované programy\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-25 22:36:08 ----D---- C:\rsit
2011-01-12 21:26:07 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 21:25:55 ----A---- C:\Windows\system32\sdclt.exe

======List of files/folders modified in the last 1 months======

2011-01-25 22:36:16 ----D---- C:\Windows\Temp
2011-01-25 22:36:16 ----D---- C:\Windows\Prefetch
2011-01-25 22:36:16 ----D---- C:\Program Files\Trend Micro
2011-01-25 22:06:28 ----SHD---- C:\System Volume Information
2011-01-25 21:57:26 ----A---- C:\Windows\system32\bscs.ini
2011-01-25 21:57:10 ----D---- C:\Windows\system32\Msdtc
2011-01-25 21:57:09 ----D---- C:\Windows\system32\wbem
2011-01-25 21:57:09 ----D---- C:\Windows
2011-01-25 21:56:12 ----D---- C:\Windows\system32\config
2011-01-25 21:56:04 ----D---- C:\Windows\Tasks
2011-01-25 21:56:04 ----D---- C:\Windows\system32\spool
2011-01-25 21:56:04 ----D---- C:\Windows\system32\catroot2
2011-01-25 21:56:04 ----D---- C:\Windows\System32
2011-01-25 21:56:04 ----D---- C:\Windows\inf
2011-01-25 21:56:03 ----D---- C:\Windows\registration
2011-01-25 21:56:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-24 15:45:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-13 20:00:59 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 20:00:55 ----D---- C:\Windows\winsxs
2011-01-12 21:25:49 ----D---- C:\Windows\system32\catroot
2011-01-06 18:06:42 ----D---- C:\Program Files\Common Files\ArcSoft
2011-01-06 18:06:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-06 17:53:06 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2011-01-06 17:52:35 ----A---- C:\Windows\system32\REMOTEDEVICE.INI
2011-01-06 17:50:08 ----A---- C:\Windows\system32\SHORTCUT.INI
2011-01-06 17:48:40 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2011-01-06 17:39:10 ----SHD---- C:\Windows\Installer
2011-01-06 17:39:10 ----RD---- C:\Program Files
2011-01-06 17:39:10 ----D---- C:\Windows\system32\drivers
2011-01-06 17:39:10 ----D---- C:\Windows\system32\CodeIntegrity
2011-01-06 17:39:10 ----D---- C:\Program Files\IVT Corporation
2010-12-26 18:27:57 ----D---- C:\Program Files\DIFX
2010-12-26 18:27:56 ----DC---- C:\Windows\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-02-16 44928]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2008-01-20 120992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-01-20 715248]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2008-01-20 400864]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-01-20 32768]
R3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-23 879104]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-23 1769952]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-23 7568832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 a932og4i;a932og4i; C:\Windows\system32\drivers\a932og4i.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 38920]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-22 22416]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-01-21 15600]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-03-01 47360]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-03-25 99728]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2009-04-07 31952]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-09-04 410904]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-14 1155180]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Hezké odpoledne

Vy jste dělal obnovu systému? Co máte s počítačem za problémy?

ano. Jen mám trošku problém s MS Word. Některé dokumenty si množí řádky, nebo zase ukazují na řádcích jen háčky a čárky. Pohybem kurzoru se mi množí řádky a taky se mi zobrazí i písmena pod háčkama.. Možná je chyba jinde, ale chci vyloučit infekci.
Někdy se objevuje vytížení procesoru až 90% spolu s pamětí (60%). Tak nevím, Visty mám na kompu třetí rok.

Tak budeme hledat

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-01-25.05 - stanik 26.01.2011 20:37:05.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1146 [GMT 1:00]
Spuštěný z: C:\Users\doma\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\SLOVA.WAV
C:\Users\stanik\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-26 do 2011-01-26 )))))))))))))))))))))))))))))))
.

2011-01-25 21:36:08 . 2011-01-25 21:36:18 -------- d-----w- C:\rsit
2011-01-25 21:03:00 . 2011-01-20 09:39:46 5890896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{10EEBF73-B99C-4B12-A66C-26C602594D23}\mpengine.dll
2011-01-12 20:26:07 . 2010-12-28 15:55:03 413696 ----a-w- C:\Windows\system32\odbc32.dll
2011-01-12 20:26:07 . 2010-12-28 15:53:56 253952 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2011-01-12 20:26:07 . 2010-12-28 15:53:56 241664 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2011-01-12 20:26:07 . 2010-12-28 15:53:55 708608 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2011-01-12 20:26:07 . 2010-12-28 15:53:55 57344 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll
2011-01-12 20:26:07 . 2010-12-28 15:53:55 180224 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2011-01-12 20:25:55 . 2010-12-14 14:49:23 1169408 ----a-w- C:\Windows\system32\sdclt.exe
2011-01-06 14:52:40 . 2011-01-06 14:52:40 -------- d-----w- C:\Users\doma\AppData\Local\BMExplorer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-04 18:56:07 . 2010-12-15 11:15:24 345600 ----a-w- C:\Windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 . 2010-12-15 11:15:25 352768 ----a-w- C:\Windows\system32\taskschd.dll
2010-11-04 18:55:38 . 2010-12-15 11:15:24 270336 ----a-w- C:\Windows\system32\taskcomp.dll
2010-11-04 18:55:12 . 2010-12-15 11:15:25 601600 ----a-w- C:\Windows\system32\schedsvc.dll
2010-11-04 16:34:06 . 2010-12-15 11:15:24 171520 ----a-w- C:\Windows\system32\taskeng.exe
2010-11-02 06:01:54 . 2010-12-15 11:15:14 916480 ----a-w- C:\Windows\system32\wininet.dll
2010-11-02 05:57:41 . 2010-12-15 11:15:13 43520 ----a-w- C:\Windows\system32\licmgr10.dll
2010-11-02 05:57:27 . 2010-12-15 11:15:13 1469440 ----a-w- C:\Windows\system32\inetcpl.cpl
2010-11-02 05:57:11 . 2010-12-15 11:15:13 71680 ----a-w- C:\Windows\system32\iesetup.dll
2010-11-02 05:57:11 . 2010-12-15 11:15:13 109056 ----a-w- C:\Windows\system32\iesysprep.dll
2010-11-02 05:01:31 . 2010-12-15 11:15:13 385024 ----a-w- C:\Windows\system32\html.iec
2010-11-02 04:26:10 . 2010-12-15 11:15:13 133632 ----a-w- C:\Windows\system32\ieUnatt.exe
2010-11-02 04:24:44 . 2010-12-15 11:15:12 1638912 ----a-w- C:\Windows\system32\mshtml.tlb
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"DAEMON Tools Lite"="E:\instalované programy\DAEMON Tools Lite\daemon.exe" [2007-12-29 12:05:17 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\Windows\JM\JMInsIDE.exe" [2006-10-30 12:44:18 36864]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-23 07:51:42 4435968]
"DiscWizardMonitor.exe"="C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2007-09-10 12:43:30 1188152]
"AcronisTimounterMonitor"="C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe" [2007-09-10 12:46:12 1962216]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" [2007-09-04 10:59:44 148760]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 23:51:40 81000]
"BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [2007-09-10 10:08:46 258134]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-23 01:41:49 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-23 01:41:49 8466432]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-23 01:41:49 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 15:10:28 35696]
"P8000RCApp"="C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe" [2008-02-05 02:49:10 676352]
"ChangeFilterMerit"="C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 14:27:28 51280]
"Presto! PVR Monitor"="C:\Program Files\NewSoft\Presto! PVR\Monitor.exe" [2008-08-08 06:25:28 153424]
"B2C_AGENT"="C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2010-09-27 04:05:50 391096]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Gainward"=C:\Windows\TBPanel.exe /A
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"OpwareSE4"="E:\instalované programy\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-03-25 18:06:30 99728]
R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys [2009-04-07 19:25:38 31952]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2008-01-20 21:36:39 715248]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 23:50:00 20560]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 23:49:48 53328]
S3 3xHybrid;Philips SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-23 11:18:58 879104]

.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - E:\INSTAL~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
FF - ProfilePath - C:\Users\stanik\AppData\Roaming\Mozilla\Firefox\Profiles\d014lmiv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-UnderCoverXP_is1 - L:\UnderCoverXP\unins000.exe

Log není celý

, můžete prosím combofix spustit znovu?

ještě stále tam mám okno, že už je téměř hotov- už hodinu. Celé to běží cca 2 hodiny. Ještě tedy počkám.

no tak dnes už končím a jdu spát. Zítra to spustím znovu. Dobrou noc

Ahoj, jak to dopadlo?

Ahoj,
tak teď to zvládl za cca 15 minut. Posílám log.

ComboFix 11-01-25.05 - stanik 27.01.2011 16:38:52.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1168 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\users\doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\SLOVA.WAV
c:\users\stanik\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-27 do 2011-01-27 )))))))))))))))))))))))))))))))
.

2011-01-27 15:43 . 2011-01-27 15:44 -------- d-----w- c:\users\stanik\AppData\Local\temp
2011-01-27 15:43 . 2011-01-27 15:43 -------- d-----w- c:\users\doma\AppData\Local\temp
2011-01-27 15:43 . 2011-01-27 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 21:36 . 2011-01-25 21:36 -------- d-----w- C:\rsit
2011-01-25 21:03 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10EEBF73-B99C-4B12-A66C-26C602594D23}\mpengine.dll
2011-01-12 20:26 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 20:26 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 20:26 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 20:26 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 20:26 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 20:26 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 20:25 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-06 14:52 . 2011-01-06 14:52 -------- d-----w- c:\users\doma\AppData\Local\BMExplorer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-04 18:56 . 2010-12-15 11:15 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-15 11:15 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-15 11:15 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-15 11:15 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-15 11:15 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-15 11:15 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-15 11:15 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-15 11:15 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-15 11:15 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-15 11:15 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-15 11:15 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-15 11:15 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-15 11:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DAEMON Tools Lite"="e:\instalované programy\DAEMON Tools Lite\daemon.exe" [2007-12-29 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-23 4435968]
"DiscWizardMonitor.exe"="c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2007-09-10 1188152]
"AcronisTimounterMonitor"="c:\program files\Seagate\DiscWizard\TimounterMonitor.exe" [2007-09-10 1962216]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2007-09-04 148760]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2007-09-10 258134]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-23 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-23 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-23 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"P8000RCApp"="c:\program files\GIGABYTE\P8000RCService\P8000RCApp.exe" [2008-02-05 676352]
"ChangeFilterMerit"="c:\program files\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\program files\NewSoft\Presto! PVR\Monitor.exe" [2008-08-08 153424]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2010-09-27 391096]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Gainward"=c:\windows\TBPanel.exe /A
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"OpwareSE4"="e:\instalované programy\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-03-25 99728]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2009-04-07 31952]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-01-20 715248]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2008-01-23 879104]

.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - e:\instal~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - e:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - e:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - e:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - e:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
FF - ProfilePath - c:\users\stanik\AppData\Roaming\Mozilla\Firefox\Profiles\d014lmiv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-27 16:44
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3524)
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
Celkový čas: 2011-01-27 16:46:20
ComboFix-quarantined-files.txt 2011-01-27 15:46

Před spuštěním: Volných bajtů: 15 338 725 376
Po spuštění: Volných bajtů: 15 083 900 928

- - End Of File - - F61E64966AE68EA0061499C221AB3D54

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Ahoj,
zatím se chová spořádaně. Myslím, že je to lepší. Ještě uvidím, budu sledovat.

Tady je log.

Logfile of random's system information tool 1.08 (written by random/random)
Run by stanik at 2011-01-28 16:05:29
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (30%) free of 50 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:05:40, on 28.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
E:\instalované programy\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\SearchFilterHost.exe
D:\Dokumenty\software\léčení vírů -logy\RSIT.exe
C:\Program Files\trend micro\stanik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - (no file)
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [P8000RCApp] C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\instalované programy\DAEMON Tools Lite\daemon.exe"
O4 - HKUS\S-1-5-21-3510436479-1932850952-368464568-1001\..\Run: [DAEMON Tools Lite] "E:\instalované programy\DAEMON Tools Lite\daemon.exe" (User 'doma')
O4 - HKUS\S-1-5-21-3510436479-1932850952-368464568-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'doma')
O4 - HKUS\S-1-5-21-3510436479-1932850952-368464568-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'doma')
O4 - HKUS\S-1-5-21-3510436479-1932850952-368464568-1001\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Users\doma\AppData\Local\Temp\E_S9D1C.tmp" /EF "HKCU" (User 'doma')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\INSTAL~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://E:\instalované programy\canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\INSTAL~1\MICROS~1\Office12\REFIEBAR.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

--
End of file - 6368 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\JM\JMInsIDE.exe [2006-10-30 36864]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-23 4435968]
"DiscWizardMonitor.exe"=C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [2007-09-10 1188152]
"AcronisTimounterMonitor"=C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [2007-09-10 1962216]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [2007-09-04 148760]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2007-09-10 258134]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-07-23 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-07-23 8466432]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-07-23 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"P8000RCApp"=C:\Program Files\GIGABYTE\P8000RCService\P8000RCApp.exe [2008-02-05 676352]
"ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
"Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2008-08-08 153424]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-09-27 391096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"DAEMON Tools Lite"=E:\instalované programy\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-28 16:05:29 ----D---- C:\rsit
2011-01-27 16:52:25 ----D---- C:\Windows\temp
2011-01-27 16:45:10 ----SHD---- C:\$RECYCLE.BIN
2011-01-26 20:36:15 ----D---- C:\Windows\ERDNT
2011-01-12 21:26:07 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 21:25:55 ----A---- C:\Windows\system32\sdclt.exe

======List of files/folders modified in the last 1 months======

2011-01-28 16:05:30 ----D---- C:\Program Files\Trend Micro
2011-01-28 16:02:57 ----A---- C:\Windows\system32\bscs.ini
2011-01-28 15:57:49 ----D---- C:\Windows\Debug
2011-01-28 15:57:49 ----D---- C:\Windows
2011-01-28 15:56:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-28 15:49:51 ----D---- C:\Windows\Prefetch
2011-01-28 15:49:50 ----D---- C:\Windows\system32\drivers
2011-01-27 22:04:09 ----D---- C:\Windows\System32
2011-01-27 22:04:09 ----D---- C:\Windows\inf
2011-01-27 22:04:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-27 16:44:04 ----A---- C:\Windows\system.ini
2011-01-27 16:42:15 ----D---- C:\Windows\AppPatch
2011-01-27 16:42:14 ----D---- C:\Program Files\Common Files
2011-01-27 10:18:22 ----SHD---- C:\System Volume Information
2011-01-27 08:28:00 ----D---- C:\Windows\system32\catroot2
2011-01-26 20:43:56 ----D---- C:\Windows\system32\drivers\etc
2011-01-26 20:41:35 ----D---- C:\Windows\system32\config
2011-01-25 21:57:10 ----D---- C:\Windows\system32\Msdtc
2011-01-25 21:57:09 ----D---- C:\Windows\system32\wbem
2011-01-25 21:56:04 ----D---- C:\Windows\Tasks
2011-01-25 21:56:04 ----D---- C:\Windows\system32\spool
2011-01-25 21:56:03 ----D---- C:\Windows\registration
2011-01-13 20:00:59 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 20:00:55 ----D---- C:\Windows\winsxs
2011-01-12 21:25:49 ----D---- C:\Windows\system32\catroot
2011-01-06 18:06:42 ----D---- C:\Program Files\Common Files\ArcSoft
2011-01-06 18:06:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-06 17:53:06 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2011-01-06 17:52:35 ----A---- C:\Windows\system32\REMOTEDEVICE.INI
2011-01-06 17:50:08 ----A---- C:\Windows\system32\SHORTCUT.INI
2011-01-06 17:48:40 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2011-01-06 17:39:10 ----SHD---- C:\Windows\Installer
2011-01-06 17:39:10 ----RD---- C:\Program Files
2011-01-06 17:39:10 ----D---- C:\Windows\system32\CodeIntegrity
2011-01-06 17:39:10 ----D---- C:\Program Files\IVT Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-02-16 44928]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2008-01-20 120992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-01-20 715248]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2008-01-20 400864]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-01-20 32768]
R3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-23 879104]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-23 1769952]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-23 7568832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ajwbjofl;ajwbjofl; C:\Windows\system32\drivers\ajwbjofl.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 38920]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-22 22416]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-01-21 15600]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-03-01 47360]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-03-25 99728]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2009-04-07 31952]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2007-09-04 410904]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-14 1155180]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.

PC pozorujte a dejte vědět, jak to vypadá

Ahojky,
tak jsem provedl požadované. Zatím se nic neděje. Nevím, co mám čekat, ale je všude klid.

Co MS word a vytížení toho procesoru?

VIRY.CZ

prevence-prosím zkontrolovat log.

prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.

Re: prevence-prosím zkontrolovat log.