VIRY.CZ

Ahoj vsichni, mam takovy drobny problem. Kamarad mi dneska rekl, ze mu ode me prisel mail s nakyma kravinama, ktere jsem urcite neposilal. Je mozne, ze je u me teda nekde vir a ackoliv by mi samovolne posilani mailu nevadilo, tak bych rad mel jistotu, ze nemam v PC zadnou havet. Avast mi nic nenasel, delal jsem kompletni scan. Log z R S I T tady:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Cvach at 2011-02-12 20:45:14
Microsoft Windows 7 Professional
System drive C: has 76 GB (59%) free of 130 GB
Total RAM: 4094 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:20, on 12.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Hry\Steam\Steam.exe
D:\Programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe
D:\Programy\ICQ 7\ICQ7.2\ICQ.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Programy\Alwil Software\Avast5\AvastUI.exe
C:\Windows\tsnpstd3.exe
D:\Programy\Hamachi\hamachi.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\rundll32.exe
D:\Hry\Grand Theft Auto San Andreas\GTA San Andreas\samp.exe
C:\Program Files\trend micro\Cvach.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "D:\Programy\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Driver Updater] "C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe" /minimized
O4 - HKCU\..\Run: [ICQ] "D:\Programy\ICQ 7\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: hamachi.lnk = D:\Programy\Hamachi\hamachi.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\ICQ 7\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\ICQ 7\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - D:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @D:\Programy\TumeUp Utilites\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programy\TumeUp Utilites\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programy\TumeUp Utilites\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13370 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
"D:\Programy\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"D:\Programy\TumeUp Utilites\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2356
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"D:\Programy\TumeUp Utilites\TuneUpUtilitiesApp64.exe" /TUStart /pid:2328
C:\Windows\Explorer.EXE
taskhost.exe USER
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\Programy\COMODO\COMODO Internet Security\cfp.exe" -h
"D:\Programy\TortoiseSVN\bin\TSVNCache.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Windows\vsnpstd3.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"D:\Hry\Steam\Steam.exe" -silent
"D:\Programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
"D:\Programy\ICQ 7\ICQ7.2\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"D:\Programy\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Windows\tsnpstd3.exe"
"D:\Programy\Hamachi\hamachi.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Xfire\Xfire.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6136.beab400.834309490 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 6136 plugin \\.\pipe\gecko-crash-server-pipe.6136
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\system32\rundll32.exe C:\Windows\system32\gameux.dll,GameUXShim {748eedd0-3996-4d53-bb39-b6c87bd25035};D:\Hry\Grand Theft Auto San Andreas\GTA San Andreas\gta_sa.exe;1344
"D:\Hry\Grand Theft Auto San Andreas\GTA San Andreas\samp.exe"
"taskhost.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"D:\Programy\RSIT\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-10-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-08 9642528]
"COMODO Internet Security"=D:\Programy\COMODO\COMODO Internet Security\cfp.exe [2010-09-10 8892360]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2008-04-04 120328]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-09-02 13351304]
"Steam"=D:\Hry\Steam\Steam.exe [2010-11-17 1242448]
"DAEMON Tools Lite"=D:\Programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Driver Updater"=C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe [2010-06-08 4973056]
"ICQ"=D:\Programy\ICQ 7\ICQ7.2\ICQ.exe [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=D:\Programy\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-06-15 368640]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\Cvach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
hamachi.lnk - D:\Programy\Hamachi\hamachi.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-12 20:45:14 ----D---- C:\rsit
2011-02-12 20:45:14 ----D---- C:\Program Files\trend micro
2011-02-10 15:49:49 ----A---- C:\Windows\system32\mshtml.dll
2011-02-10 15:49:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-02-10 15:49:46 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-02-10 15:49:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-02-10 15:49:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-02-10 15:49:46 ----A---- C:\Windows\system32\mstime.dll
2011-02-10 15:49:46 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-10 15:49:46 ----A---- C:\Windows\system32\iertutil.dll
2011-02-10 15:49:46 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-02-10 15:49:45 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-02-10 15:49:45 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-10 15:49:45 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-10 15:49:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-10 15:49:45 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-10 15:49:45 ----A---- C:\Windows\system32\iepeers.dll
2011-02-10 15:49:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-02-10 15:49:36 ----A---- C:\Windows\system32\kerberos.dll
2011-02-10 15:49:35 ----A---- C:\Windows\system32\win32k.sys
2011-02-10 15:49:33 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-02-10 15:49:33 ----A---- C:\Windows\system32\urlmon.dll
2011-02-10 15:49:33 ----A---- C:\Windows\system32\upnp.dll
2011-02-10 15:49:33 ----A---- C:\Windows\system32\msxml6.dll
2011-02-10 15:49:33 ----A---- C:\Windows\system32\msxml3.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-02-10 15:49:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-02-10 15:49:32 ----A---- C:\Windows\system32\wscapi.dll
2011-02-10 15:49:32 ----A---- C:\Windows\system32\wininet.dll
2011-02-10 15:49:32 ----A---- C:\Windows\system32\winhttp.dll
2011-02-10 15:49:32 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-10 15:49:32 ----A---- C:\Windows\system32\davclnt.dll
2011-02-10 15:49:31 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-02-10 15:49:31 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-02-10 15:49:31 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-02-10 15:49:31 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-02-10 15:49:31 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-10 15:49:31 ----A---- C:\Windows\system32\slwga.dll
2011-02-10 15:49:31 ----A---- C:\Windows\system32\ieframe.dll
2011-02-10 15:49:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-02-10 15:49:30 ----A---- C:\Windows\system32\vbscript.dll
2011-02-10 15:49:30 ----A---- C:\Windows\system32\jscript.dll
2011-02-10 15:49:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-02-10 15:49:28 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-10 15:49:28 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-10 15:49:28 ----A---- C:\Windows\system32\cdd.dll
2011-02-10 15:49:26 ----A---- C:\Windows\system32\winsrv.dll
2011-02-10 15:49:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-10 15:49:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-02-10 15:49:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-02-10 15:49:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-02-10 15:49:24 ----A---- C:\Windows\system32\ntdll.dll
2011-02-10 15:49:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-02-10 15:49:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-02-10 15:49:23 ----A---- C:\Windows\system32\atmlib.dll
2011-02-10 15:49:23 ----A---- C:\Windows\system32\atmfd.dll
2011-02-04 16:03:09 ----D---- C:\ProgramData\Test Drive Unlimited
2011-01-31 21:52:40 ----D---- C:\Users\Cvach\AppData\Roaming\0ad
2011-01-29 22:55:05 ----A---- C:\Windows\system32\drivers\hamachi.sys
2011-01-17 15:39:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-01-17 15:39:10 ----D---- C:\Windows\SYSWOW64\URTTEMP
2011-01-14 18:13:52 ----D---- C:\Users\Cvach\AppData\Roaming\Artisteer
2011-01-14 13:35:44 ----A---- C:\Windows\SYSWOW64\REX Shared Library.dll
2011-01-14 13:35:44 ----A---- C:\Windows\SYSWOW64\ReWire.dll
2011-01-14 13:33:50 ----D---- C:\Users\Cvach\AppData\Roaming\Propellerhead Software
2011-01-14 13:33:50 ----D---- C:\ProgramData\Propellerhead Software
2011-01-14 13:24:13 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 months======

2011-02-12 20:45:20 ----D---- C:\Windows\Temp
2011-02-12 20:45:14 ----RD---- C:\Program Files
2011-02-12 20:43:51 ----D---- C:\Users\Cvach\AppData\Roaming\Skype
2011-02-12 18:35:11 ----SHD---- C:\System Volume Information
2011-02-12 18:34:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-02-12 16:02:01 ----D---- C:\Users\Cvach\AppData\Roaming\skypePM
2011-02-12 11:54:17 ----D---- C:\Users\Cvach\AppData\Roaming\Hamachi
2011-02-12 10:56:17 ----D---- C:\Windows\System32
2011-02-12 10:56:17 ----D---- C:\Windows\inf
2011-02-12 10:56:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-12 10:16:46 ----D---- C:\Windows\system32\config
2011-02-12 09:37:03 ----HD---- C:\ProgramData
2011-02-12 09:32:12 ----D---- C:\Users\Cvach\AppData\Roaming\ICQ
2011-02-12 09:31:35 ----D---- C:\ProgramData\NVIDIA
2011-02-11 21:24:11 ----D---- C:\Users\Cvach\AppData\Roaming\Audacity
2011-02-11 19:10:18 ----D---- C:\Users\Cvach\AppData\Roaming\Xfire
2011-02-11 15:17:00 ----D---- C:\Windows\winsxs
2011-02-11 15:15:29 ----D---- C:\Windows\SysWOW64
2011-02-11 15:15:29 ----D---- C:\Program Files\Internet Explorer
2011-02-11 15:15:29 ----D---- C:\Program Files (x86)\Internet Explorer
2011-02-11 15:15:27 ----D---- C:\Windows\system32\drivers
2011-02-10 23:22:58 ----A---- C:\Windows\system32\MRT.exe
2011-02-10 23:22:14 ----SHD---- C:\Windows\Installer
2011-02-10 23:22:09 ----D---- C:\ProgramData\Microsoft Help
2011-02-10 15:49:16 ----D---- C:\Windows\system32\catroot
2011-02-10 15:49:15 ----D---- C:\Windows\system32\catroot2
2011-02-07 14:59:43 ----RSD---- C:\Windows\assembly
2011-01-29 18:05:49 ----D---- C:\Users\Cvach\AppData\Roaming\.minecraft
2011-01-28 20:41:26 ----D---- C:\Users\Cvach\AppData\Roaming\Adobe
2011-01-24 17:05:26 ----D---- C:\Windows
2011-01-17 16:55:41 ----D---- C:\Users\Cvach\AppData\Roaming\Mozilla
2011-01-17 15:40:20 ----D---- C:\Windows\Registration
2011-01-17 14:55:37 ----D---- C:\ProgramData\PMB Files
2011-01-14 18:13:51 ----D---- C:\Users\Cvach\AppData\Roaming\Apple Computer
2011-01-13 09:47:32 ----A---- C:\Windows\SYSWOW64\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 14192]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 106360]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-12 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 29264]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 273488]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 51792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-09-10 249496]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-09-10 33208]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-09-10 88304]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-12-31 360712]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 20560]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-11-14 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-11-14 43680]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-29 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-08 2223392]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programy\TumeUp Utilites\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 22024]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 57352]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 77688]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 22936]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-05-02 10503168]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 40448]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 32776]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2008-01-24 34312]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 15752]
S3 X6va003;X6va003; \??\C:\Users\Cvach\AppData\Local\Temp\00383B.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe [2010-09-10 2528856]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-08 990312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-11-23 75136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-08 369256]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programy\TumeUp Utilites\TuneUpUtilitiesService64.exe [2009-11-17 1353544]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-01-11 407336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-29 655624]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TuneUp.Defrag;@D:\Programy\TumeUp Utilites\TuneUpDefragService.exe,-1; D:\Programy\TumeUp Utilites\TuneUpDefragService.exe [2010-10-24 607048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-08 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Driver Updater] "C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe" /minimized
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

HJT najdeš zde :

C:\Program Files\trend micro\Cvach.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

ICQ Service

Nero BackItUp Scheduler 4.0

McAfee Security Scan Component Host Service

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Log z MSBAM:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5752

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

13.2.2011 14:41:26
mbam-log-2011-02-13 (14-41-21).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 614886
Uplynulý čas: 1 hodin, 1 minut, 29 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 9

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files (x86)\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
d:\Hry\assassins creed 2\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
d:\Hry\assassins creed 2\?? ?????? ?????? ????.exe (Trojan.Bancos) -> No action taken.
d:\Hry\assassins creed 2\AC2\assassins_creed_2_crack\?? ?????? ?????? ????.exe (Trojan.Bancos) -> No action taken.
d:\Hry\assassins creed 2\SKIDROW\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
d:\Hry\call of duty 6 modern warfare 2\call of duty modern warfare 2\modern warfare 2\teknogods_mw2sp.exe (Backdoor.Agent.Gen) -> No action taken.
d:\Hry\world of warcraft 1\world of warcraft\wowemuhacker5.exe (Trojan.Agent) -> No action taken.
d:\Programy\adobe after effects\AAECS4\keygen+aktivace\keygen.exe (Trojan.Downloader) -> No action taken.
d:\Programy\BitLord\downloads\Crack\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.

Vše co Mbam našel nech smazat.

Nyní použijeme větší kalibr tak že pozorně čti, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Log:

ComboFix 11-02-12.02 - Cvach 13.02.2011 18:27:23.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4094.2667 [GMT 1:00]
Spuštěný z: d:\programy\ComboFix\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: COMODO Firewall *Disabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\PCGWIN32.LI5
c:\windows\system32\twunk_32.exe
c:\windows\SysWow64\twunk_32.exe
D:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-13 do 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-13 17:31 . 2011-02-13 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-13 12:37 . 2011-02-13 12:37 -------- d-----w- c:\users\Cvach\AppData\Roaming\Malwarebytes
2011-02-13 12:37 . 2011-02-13 12:37 -------- d-----w- c:\programdata\Malwarebytes
2011-02-13 12:37 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-13 12:37 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-12 19:45 . 2011-02-13 12:33 -------- d-----w- c:\program files\trend micro
2011-02-12 19:45 . 2011-02-12 19:45 -------- d-----w- C:\rsit
2011-02-12 17:34 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-02-12 17:34 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-02-12 17:34 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-02-12 17:34 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-02-12 17:34 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-02-12 17:34 . 2011-02-12 17:34 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-02-12 17:34 . 2011-02-12 17:34 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-02-12 15:57 . 2011-02-12 15:57 -------- d-----w- c:\users\Cvach\AppData\Local\RapidSharing.eu
2011-02-11 14:21 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4696838-12D0-42FB-9857-680038D72A69}\mpengine.dll
2011-02-04 15:03 . 2011-02-09 14:57 -------- d-----w- c:\programdata\Test Drive Unlimited
2011-01-31 20:52 . 2011-01-31 20:52 -------- d-----w- c:\users\Cvach\AppData\Roaming\0ad
2011-01-29 21:55 . 2011-01-29 21:55 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-01-24 16:05 . 2005-06-09 16:43 221184 ----a-w- c:\windows\SysWow64\Toolbar2.ocx
2011-01-24 16:05 . 2000-05-22 04:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX
2011-01-24 16:05 . 2004-03-09 00:00 1081616 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2011-01-17 14:47 . 2011-01-17 14:47 -------- d-----w- c:\users\Cvach\AppData\Local\Turbine
2011-01-17 14:40 . 2011-02-11 21:36 -------- d-----w- c:\users\Cvach\AppData\Local\ApplicationHistory
2011-01-17 14:39 . 2011-01-17 14:39 -------- d-----w- c:\windows\SysWow64\URTTEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-30 12:28 . 2010-10-24 18:12 1682 --sha-w- c:\programdata\KGyGaAvL.sys
2011-01-14 12:35 . 2011-01-14 12:35 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2011-01-14 12:35 . 2011-01-14 12:35 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2011-01-13 08:47 . 2010-10-10 18:17 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-10-10 18:17 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-01-13 08:47 . 2011-01-14 12:24 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-10-10 18:18 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-10-10 18:18 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-10-10 18:18 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-10-10 18:18 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-10-10 18:18 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-10 19:09 . 2010-12-10 19:09 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-10 19:09 . 2010-12-10 19:09 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-10 19:09 . 2010-12-10 19:09 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-10 19:09 . 2010-12-10 19:09 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-09 12:50 . 2010-11-18 18:51 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-12-09 12:50 . 2010-11-18 16:48 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-12-09 12:49 . 2010-11-18 16:48 234392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-11-23 19:01 . 2010-11-18 16:48 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-21 18:39 . 2010-10-29 20:46 2829 ----a-w- c:\windows\War3Unin.pif
2010-11-21 18:39 . 2010-10-29 20:46 139264 ----a-w- c:\windows\War3Unin.exe
2010-11-18 16:48 . 2010-11-18 16:48 835440 ----a-w- c:\windows\SysWow64\pbsvc.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Steam"="d:\hry\Steam\Steam.exe" [2010-11-17 1242448]
"DAEMON Tools Lite"="d:\programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="d:\programy\ICQ 7\ICQ7.2\ICQ.exe" [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-06-15 368640]
"Malwarebytes' Anti-Malware (reboot)"="d:\programy\MBAM\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

c:\users\Cvach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-11-7 0]
hamachi.lnk - d:\programy\Hamachi\hamachi.exe [2011-1-29 625952]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2010-7-9 3493776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-08 1255736]
R3 X6va003;X6va003;c:\users\Cvach\AppData\Local\Temp\00383B.tmp [x]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-12 834544]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-09-10 249496]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-09-10 33208]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-07 369256]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\programy\TumeUp Utilites\TuneUpUtilitiesService64.exe [2009-11-17 1353544]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\programy\TumeUp Utilites\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-08 9642528]
"COMODO Internet Security"="d:\programy\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 8892360]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 120328]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Cvach\AppData\Roaming\Mozilla\Firefox\Profiles\6hsfd79m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Charles Autoconfiguration: {3e9a3920-1b27-11da-8cd6-0800200c9a66} - %profile%\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}
FF - Ext: Auto Hide IP: support@auto-hide-ip.com - %profile%\extensions\support@auto-hide-ip.com
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Cvach\AppData\Local\Temp\00383B.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-4198012068-3784662148-1576838182-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-4198012068-3784662148-1576838182-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programy\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Skype\Plugin Manager\skypePM.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Celkový čas: 2011-02-13 18:37:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-13 17:37

Před spuštěním: Volných bajtů: 79 161 434 112
Po spuštění: Volných bajtů: 80 757 334 016

- - End Of File - - AA0C475388146C67396EA2DDCF3FF390

Tak že, pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\users\Cvach\AppData\Local\Temp\00383B.tmp

Driver::
X6va003

Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

FireFox::
FF - ProfilePath - c:\users\Cvach\AppData\Roaming\Mozilla\Firefox\Profiles\6hsfd79m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2269050&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

S timhle mam ted trochu problem, pojmenoval jsem to, ulozil a pretahl, zeptalo se to, jestli chci povolit, tak jsem to povolil, neco to delalo, pak se restartoval PC a nenabehl, tak sem dal tu posledni znamou funkcni konfiguraci, takze to jde, jenze se mi nikde nedari najit ten log, zadnej nevyskocil tak jsem hledal na tom C, ale tam to taky neni a kdyz jsem vlez do slozky ComboFix tak me to hodilo zpatky do Tento Počítač, je mozny, ze se to ve W7 uklada nekam jinam

EDIT:

Zrejme jsem to nasel, tohle by tomu odpovidalo podle casu vytvoreni souboru:

Kód: Vybrat vše

File:: 
c:\users\Cvach\AppData\Local\Temp\00383B.tmp

Driver::
X6va003

Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

FireFox::
FF - ProfilePath - c:\users\Cvach\AppData\Roaming\Mozilla\Firefox\Profiles\6hsfd79m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2269050&q=

Aha, a nebude to tím že nečteš návod ?

Stáhni a ulož na plochu, tím je myšlen systémový disk C:\ a ne :

d:\programy\ComboFix\ComboFix.exe

Tak že buď zmíněnou složku prohledej zda tam log není nebo ComboFix přesuň tam kam má být a zkus to znovu.

A to cos mi sem vložil je ten můj skript.

to jsem mel predtim... ale kvuli tomu pretazeni toho scriptu na to jsem ho uz dal na plochu.

Roli píše:Tak že, pokud jsi tak ještě neučinil, přesuň Combofix na plochu

Po tomhle jsem ho presunul, ale ten log nemuzu najit, naky tam sou, ale zadnej neodpovida casove.

No tak úplně jinak.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files
c:\users\Cvach\AppData\Local\Temp\00383B.tmp

:services
X6va003

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"=-

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\users\Cvach\AppData\Local\Temp\00383B.tmp not found.
========== SERVICES/DRIVERS ==========
Service X6va003 stopped successfully!
Service X6va003 deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003\\ImagePath not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cvach
->Temp folder emptied: 2375601 bytes
->Temporary Internet Files folder emptied: 118126772 bytes
->Java cache emptied: 6897319 bytes
->FireFox cache emptied: 119446900 bytes
->Opera cache emptied: 5385988 bytes
->Flash cache emptied: 85293 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 512000 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 241,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 02142011_222430

Files moved on Reboot...
C:\Users\Cvach\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

A pak že to nepůjde

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.

Pak dej vědět jaký je stav PC.

Tak hotovo, PC funguje normálně, řekl bych, že nabýhá o něco rychlejc, díky moc a omlouvám se, že se mnou bylo trochu víc starostí.

V pohodě všichni jsme nějak začínali.

Jinak nemáš zač.

VIRY.CZ

Prosií o kontrolu logu - Podezření na vir

Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir

Re: Prosií o kontrolu logu - Podezření na vir