VIRY.CZ

Zdravím mám taký problém že dneska ako som reštartoval notebook a znova sa spustil, po niekoľkých minútach začal vyhadzovať Avast blokovanie URL , a robí to v jednom kuse potreboval by som pomôcť čo stým je ... a + ešte v poslednom čase ide aj pomaly internet možno som niečo chytil ale nič som také ani nesťahoval netuším, čakám a ďakujem za pomoc vopred

Logfile of random's system information tool 1.08 (written by random/random)
Run by johny at 2011-05-25 18:00:16
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 78 GB (53%) free of 148 GB
Total RAM: 3066 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:31, on 25. 5. 2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\johny\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\TwinTouch LuxeMate\MouseElf.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\johny\Downloads\RSIT.exe
C:\Program Files\trend micro\johny.exe
C:\totalcmd\tcmadmin.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: 217.73.17.146 irc.westwood.com
O1 - Hosts: 217.73.17.146 gameres.westwood.com
O1 - Hosts: 217.73.17.146 servserv.westwood.com
O1 - Hosts: 217.73.17.146 apireg.westwood.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\TWINTO~1\MouseElf.EXE
O4 - HKLM\..\Run: [Startup Cleaner] C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Manager for Adobe Products (FLEXnet Licensing Manager) - - C:\Windows\system32\regw2.exe
O23 - Service: Game Jackal Server (GJService) - Unknown owner - C:\ProgramData\{AAD0A813-CC18-4D28-A1CC-4DC0DF41A592}\Server.exe
O23 - Service: Správca pre program Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 12390 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-08 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-03-17 2355224]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-17 30192]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2009-01-09 3607040]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-12 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-05-12 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]
"mouseElf"=C:\PROGRA~1\TWINTO~1\MouseElf.EXE [2004-08-26 192512]
"Startup Cleaner"=C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe [2006-07-14 118784]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-05-10 3459712]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-03-17 74752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-02-18 3318784]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2009-01-09 2972160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\johny\AppData\Local\Temp\0.47319059924956774.exe"="C:\Users\johny\AppData\Local\Temp\0.47319059924956774.exe:*:Enabled:ldrsoft"
"C:\Users\johny\AppData\Roaming\qanmbmim1eo2amtczyljflif2v2tyvu2\csrss.exe"="C:\Users\johny\AppData\Roaming\qanmbmim1eo2amtczyljflif2v2tyvu2\csrss.exe:*:Enabled:ldrsoft"
"C:\Users\johny\AppData\Roaming\xrgu222ajguulzlmomftkdihr13hunhx2\svcnost.exe"="C:\Users\johny\AppData\Roaming\xrgu222ajguulzlmomftkdihr13hunhx2\svcnost.exe:*:Enabled:ldrsoft"
"C:\Users\johny\AppData\Roaming\xkcganz3eng3w1xvcmdbhzrjfgvplpfq2\svcnost.exe"="C:\Users\johny\AppData\Roaming\xkcganz3eng3w1xvcmdbhzrjfgvplpfq2\svcnost.exe:*:Enabled:ldrsoft"
"D:\Hry\Combat Arms EU\CombatArms.exe"="D:\Hry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Hry\Combat Arms EU\Engine.exe"="D:\Hry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"D:\Hry\Combat Arms EU\CombatArms.exe"="D:\Hry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Hry\Combat Arms EU\Engine.exe"="D:\Hry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-05-25 18:00:16 ----D---- C:\rsit
2011-05-25 17:58:22 ----D---- C:\Program Files\Trend Micro
2011-05-24 20:19:37 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-24 19:41:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-05-24 19:41:24 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-05-23 21:21:33 ----D---- C:\Windows\system32\WindowsPowerShell
2011-05-23 20:28:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-23 20:21:50 ----D---- C:\Program Files\Common Files\Windows Live
2011-05-23 20:21:00 ----A---- C:\Windows\system32\webservices.dll
2011-05-23 20:09:53 ----A---- C:\Windows\system32\winrsmgr.dll
2011-05-23 20:09:25 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-05-23 20:09:25 ----A---- C:\Windows\system32\winrshost.exe
2011-05-23 20:09:25 ----A---- C:\Windows\system32\winrs.exe
2011-05-23 20:09:22 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-05-23 20:09:22 ----A---- C:\Windows\system32\winrssrv.dll
2011-05-23 20:09:20 ----A---- C:\Windows\system32\wevtfwd.dll
2011-05-23 20:09:20 ----A---- C:\Windows\system32\wecutil.exe
2011-05-23 20:09:20 ----A---- C:\Windows\system32\wecsvc.dll
2011-05-23 20:09:20 ----A---- C:\Windows\system32\wecapi.dll
2011-05-23 20:09:19 ----A---- C:\Windows\system32\WsmRes.dll
2011-05-23 20:09:18 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-05-23 20:09:07 ----A---- C:\Windows\system32\winrm.vbs
2011-05-23 20:09:05 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-05-23 20:09:05 ----A---- C:\Windows\system32\WsmAuto.dll
2011-05-23 20:09:05 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-05-23 20:09:05 ----A---- C:\Windows\system32\winrscmd.dll
2011-05-23 20:09:04 ----A---- C:\Windows\system32\WsmSvc.dll
2011-05-23 20:09:04 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-05-23 18:03:45 ----A---- C:\Windows\system32\gameux.dll
2011-05-23 18:03:22 ----A---- C:\Windows\system32\unregmp2.exe
2011-05-23 18:02:39 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-23 18:02:39 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-23 18:02:39 ----A---- C:\Windows\system32\d3d10.dll
2011-05-23 18:02:39 ----A---- C:\Windows\system32\d2d1.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\xpsservices.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\FntCache.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\DWrite.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\d3d10level9.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\d3d10core.dll
2011-05-23 18:02:38 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-23 18:02:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-23 18:02:37 ----A---- C:\Windows\system32\OpcServices.dll
2011-05-23 18:02:21 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-23 18:02:21 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-05-23 18:02:20 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-05-23 18:02:19 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-23 18:02:19 ----A---- C:\Windows\system32\mfmp4src.dll
2011-05-23 18:02:19 ----A---- C:\Windows\system32\dxgi.dll
2011-05-23 18:02:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-23 18:02:18 ----A---- C:\Windows\system32\mf.dll
2011-05-23 18:02:15 ----A---- C:\Windows\system32\shdocvw.dll
2011-05-23 18:02:15 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-05-23 18:02:14 ----A---- C:\Windows\system32\stobject.dll
2011-05-23 18:02:14 ----A---- C:\Windows\system32\mfplat.dll
2011-05-23 18:02:11 ----A---- C:\Windows\system32\mfps.dll
2011-05-23 18:02:11 ----A---- C:\Windows\system32\cdd.dll
2011-05-23 18:02:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-05-23 18:01:30 ----A---- C:\Windows\system32\secproc_isv.dll
2011-05-23 18:01:27 ----A---- C:\Windows\system32\secproc.dll
2011-05-23 18:01:20 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-05-23 18:01:16 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-05-23 18:01:16 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-05-23 18:01:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-05-23 18:01:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-05-23 18:01:16 ----A---- C:\Windows\system32\RMActivate.exe
2011-05-23 18:01:16 ----A---- C:\Windows\system32\msdrm.dll
2011-05-23 14:47:54 ----D---- C:\Users\johny\AppData\Roaming\XRay Engine
2011-05-17 20:38:37 ----D---- C:\Users\johny\AppData\Roaming\Winamp
2011-05-06 13:48:19 ----A---- C:\Windows\system32\setup.bat
2011-04-30 17:35:14 ----D---- C:\Program Files\EDIROL
2011-04-29 23:03:08 ----D---- C:\Users\johny\AppData\Roaming\SynthMaker
2011-04-29 20:41:18 ----D---- C:\Program Files\Common Files\Digidesign
2011-04-29 20:41:17 ----A---- C:\Windows\system32\SYNSOEMU.DLL
2011-04-29 15:54:53 ----D---- C:\Program Files\ConduitEngine
2011-04-29 15:53:48 ----D---- C:\Users\johny\AppData\Roaming\uTorrent
2011-04-29 14:52:18 ----D---- C:\Users\johny\AppData\Roaming\NexusIT
2011-04-29 14:52:09 ----A---- C:\Windows\uni_nmt.exe
2011-04-29 14:03:57 ----A---- C:\Windows\system32\msvcrt3.dll
2011-04-28 21:30:50 ----D---- C:\Users\johny\AppData\Roaming\Hardcore
2011-04-28 21:30:30 ----D---- C:\Users\johny\AppData\Roaming\Sawer
2011-04-28 16:51:43 ----A---- C:\Windows\system32\regw2.exe

======List of files/folders modified in the last 1 months======

2011-05-25 18:01:30 ----D---- C:\Windows\temp
2011-05-25 17:58:31 ----SHD---- C:\Windows\Installer
2011-05-25 17:58:25 ----D---- C:\Config.Msi
2011-05-25 17:58:22 ----RD---- C:\Program Files
2011-05-25 17:57:43 ----SHD---- C:\System Volume Information
2011-05-25 17:44:45 ----D---- C:\Windows
2011-05-25 17:42:57 ----D---- C:\Windows\System32
2011-05-25 17:42:57 ----D---- C:\Windows\inf
2011-05-25 17:42:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-25 17:39:30 ----D---- C:\ProgramData\Spyware Terminator
2011-05-25 17:36:32 ----D---- C:\Logs
2011-05-25 17:36:02 ----D---- C:\Program Files\Common Files\Akamai
2011-05-25 14:24:35 ----D---- C:\Windows\system32\drivers
2011-05-25 07:23:34 ----D---- C:\Windows\AppPatch
2011-05-25 07:19:25 ----D---- C:\Windows\winsxs
2011-05-25 07:18:17 ----D---- C:\Program Files\Windows Live
2011-05-24 20:18:22 ----D---- C:\Windows\Minidump
2011-05-24 20:18:22 ----D---- C:\Windows\Debug
2011-05-24 20:04:41 ----D---- C:\Windows\system32\catroot
2011-05-24 19:46:49 ----D---- C:\Windows\rescache
2011-05-24 19:35:40 ----D---- C:\Windows\system32\catroot2
2011-05-23 21:28:03 ----D---- C:\Windows\Microsoft.NET
2011-05-23 21:27:55 ----RSD---- C:\Windows\assembly
2011-05-23 21:21:44 ----D---- C:\Windows\system32\sk-SK
2011-05-23 21:21:43 ----D---- C:\Windows\ehome
2011-05-23 21:21:43 ----D---- C:\Program Files\Windows Mail
2011-05-23 21:21:42 ----RSD---- C:\Windows\Fonts
2011-05-23 21:21:34 ----D---- C:\Windows\system32\en-US
2011-05-23 21:21:34 ----D---- C:\Windows\PolicyDefinitions
2011-05-23 21:21:33 ----D---- C:\Program Files\Windows Media Player
2011-05-23 20:30:44 ----SD---- C:\ProgramData\Microsoft
2011-05-23 20:30:05 ----D---- C:\Program Files\Common Files\microsoft shared
2011-05-23 20:21:50 ----D---- C:\Program Files\Common Files
2011-05-18 22:06:05 ----D---- C:\Users\johny\AppData\Roaming\Skype
2011-05-18 20:06:39 ----D---- C:\Users\johny\AppData\Roaming\skypePM
2011-05-17 20:39:38 ----D---- C:\Program Files\Winamp
2011-05-17 20:38:42 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-05-15 18:18:39 ----AD---- C:\ProgramData\TEMP
2011-05-15 18:15:33 ----D---- C:\Windows\system32\Tasks
2011-05-13 13:33:10 ----A---- C:\Windows\system32\mrt.exe
2011-05-10 14:10:55 ----A---- C:\Windows\system32\aswBoot.exe
2011-05-07 10:02:40 ----D---- C:\Windows\Prefetch
2011-05-03 14:49:26 ----D---- C:\Program Files\Mozilla Firefox
2011-04-30 20:25:06 ----D---- C:\Program Files\megui
2011-04-30 17:35:18 ----D---- C:\Program Files\Vstplugins
2011-04-30 10:45:34 ----D---- C:\ProgramData
2011-04-29 15:14:00 ----D---- C:\Windows\Tasks
2011-04-28 16:57:05 ----D---- C:\Program Files\Image-Line

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2009-01-09 43184]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-04 691696]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 ISODrive;ISO CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2007-01-24 67584]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-02-18 142592]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-02-01 279712]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-02-01 25888]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-04-25 146688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\Windows\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-11-12 122984]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2011-01-08 10467656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S1 prodrv03;Star Force copy protection driver v3; C:\Windows\System32\drivers\prodrv03.sys [2009-01-13 115968]
S3 acbazjcl;acbazjcl; C:\Windows\system32\drivers\acbazjcl.sys []
S3 ai2md7fx;ai2md7fx; C:\Windows\system32\drivers\ai2md7fx.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 cimo;cimo; \??\C:\Windows\system32\cimo.sys [2009-08-05 51200]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\johny\AppData\Local\Temp\DRYD6E2.tmp []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-30 15600]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 Maplom;Maplom; C:\Windows\system32\drivers\Maplom.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 31616]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 31816]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-05-10 42184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 GJService;Game Jackal Server; C:\ProgramData\{AAD0A813-CC18-4D28-A1CC-4DC0DF41A592}\Server.exe [2010-04-16 2031040]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2009-01-09 3471360]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 608872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-02-18 496128]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 FLEXnet Licensing Manager;FLEXnet Licensing Manager for Adobe Products; C:\Windows\system32\regw2.exe [2011-04-28 823696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
S2 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 GoogleDesktopManager-051210-111108;Správca pre program Google Desktop 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-17 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-05-24.06 - johny . 05. 2011 20:01:23.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3066.1508 [GMT 2:00]
Running from: c:\users\johny\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\WinRAR\rarlng.dll
c:\windows\system32\regw2.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_FLEXnet Licensing Manager
.
.
((((((((((((((((((((((((( Files Created from 2011-04-25 to 2011-05-25 )))))))))))))))))))))))))))))))
.
.
2011-05-25 17:54 . 2011-05-25 17:58 -------- d-----w- C:\32788R22FWJFW
2011-05-25 16:00 . 2011-05-25 16:01 -------- d-----w- C:\rsit
2011-05-25 15:58 . 2011-05-25 15:58 388096 ----a-r- c:\users\johny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-25 15:58 . 2011-05-25 16:01 -------- d-----w- c:\program files\Trend Micro
2011-05-24 18:19 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-24 17:41 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-24 17:41 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-24 17:38 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A9819C2-4E93-4F76-9CDA-E9598C978D82}\mpengine.dll
2011-05-24 05:15 . 2011-05-24 05:15 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-23 18:28 . 2011-05-25 11:11 -------- d-----w- c:\program files\Microsoft Silverlight
2011-05-23 18:21 . 2011-05-23 18:21 -------- d-----w- c:\users\johny\AppData\Local\Windows Live
2011-05-23 18:21 . 2011-05-23 18:21 -------- d-----w- c:\program files\Common Files\Windows Live
2011-05-23 18:21 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-05-23 16:03 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2011-05-23 16:03 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2011-05-23 16:03 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-05-23 16:01 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2011-05-23 16:01 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2011-05-23 16:01 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-05-23 16:01 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-05-23 16:01 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-05-23 16:01 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2011-05-23 16:01 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-05-23 16:01 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2011-05-23 16:01 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-05-23 16:00 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-23 15:59 . 2009-10-23 17:10 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-05-23 12:47 . 2011-05-23 12:47 -------- d-----w- c:\users\johny\AppData\Roaming\XRay Engine
2011-05-17 18:38 . 2011-05-25 15:44 -------- d-----w- c:\users\johny\AppData\Roaming\Winamp
2011-05-06 11:48 . 2011-05-25 05:33 20 ----a-w- c:\windows\system32\setup.bat
2011-05-06 11:48 . 2011-05-25 05:33 1652 ----a-w- c:\windows\system32\setup.reg
2011-04-30 15:35 . 2011-04-30 15:35 -------- d-----w- c:\program files\EDIROL
2011-04-29 21:03 . 2011-04-29 21:03 -------- d-----w- c:\users\johny\AppData\Roaming\SynthMaker
2011-04-29 18:41 . 2011-04-29 18:41 -------- d-----w- c:\program files\Common Files\Digidesign
2011-04-29 18:41 . 2009-10-24 19:15 1332224 ----a-w- c:\windows\system32\SYNSOEMU.DLL
2011-04-29 13:54 . 2011-04-29 13:54 -------- d-----w- c:\program files\ConduitEngine
2011-04-29 13:53 . 2011-04-29 20:39 -------- d-----w- c:\users\johny\AppData\Roaming\uTorrent
2011-04-29 13:08 . 2011-04-29 13:08 -------- d-----w- c:\users\johny\AppData\Local\PackageAware
2011-04-29 12:52 . 2011-04-29 12:52 -------- d-----w- c:\users\johny\AppData\Roaming\NexusIT
2011-04-29 12:52 . 2011-04-29 12:52 32768 ----a-w- c:\windows\uni_nmt.exe
2011-04-29 12:03 . 2011-05-25 15:37 346178 ----a-w- c:\windows\system32\msvcrt3.dll
2011-04-28 19:30 . 2011-04-28 19:30 -------- d-----w- c:\users\johny\AppData\Roaming\Hardcore
2011-04-28 19:30 . 2011-04-28 19:30 -------- d-----w- c:\users\johny\AppData\Roaming\Sawer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-23 18:30 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 12:10 . 2011-02-16 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-02-16 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-02-26 11:52 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-02-16 11:43 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-02-16 11:43 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-02-16 11:43 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-02-16 11:43 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-02-16 11:43 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-13 17:51 . 2010-01-06 14:02 267 ----a-w- c:\windows\wininit.tmp
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-03-10 17:03 . 2011-04-14 12:53 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-14 12:53 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-04 19:44 . 2009-01-09 19:54 133616 ------w- c:\windows\system32\pxafs.dll
2011-03-03 15:42 . 2011-04-14 12:53 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-05-24 17:41 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-24 17:41 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-24 17:41 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-24 17:41 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:25 . 2011-04-14 12:53 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 15:44 . 2011-04-14 12:53 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-17 15:22 . 2010-02-16 18:01 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-03-17 13:45 2355224 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-02-18 3318784]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-17 30192]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-01-09 3607040]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"mouseElf"="c:\progra~1\TWINTO~1\MouseElf.EXE" [2004-08-26 192512]
"Startup Cleaner"="c:\program files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe" [2006-07-14 118784]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-17 74752]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-01-09 18:04 2972160 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 prodrv03;Star Force copy protection driver v3;c:\windows\System32\drivers\prodrv03.sys [2009-01-13 115968]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
R3 cimo;cimo;c:\windows\system32\cimo.sys [2009-08-05 51200]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GarenaPEngine;GarenaPEngine;c:\users\johny\AppData\Local\Temp\DRYD6E2.tmp [x]
R3 GoogleDesktopManager-051210-111108;Správca pre program Google Desktop 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-17 30192]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2009-01-09 43184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-04 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-02-18 142592]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 GJService;Game Jackal Server;c:\programdata\{AAD0A813-CC18-4D28-A1CC-4DC0DF41A592}\Server.exe [2010-04-16 2031040]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2009-01-09 3471360]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 13:47]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 13:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &U????????? - c:\program files\NamiRobot\Data\du.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\uumgwdji.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://cs.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:cs:official
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-25 20:22
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\johny\AppData\Local\Temp\DRYD6E2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3966806968-2824471673-2848729136-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b4,88,b4,46,81,ab,ce,b6,b5,90,48,10,2e,cf,22,1f,69,7e,7b,5a,13,ef,8d,
4a,aa,1d,ee,a2,97,e3,19,fd,9b,3e,bf,7d,9e,58,55,59,0f,fe,eb,99,12,18,89,4a,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-3966806968-2824471673-2848729136-1000\Software\SecuROM\License information*]
"datasecu"=hex:fd,cf,74,42,12,1c,47,9b,13,87,7d,cb,95,c6,0a,4c,82,94,23,78,da,
b9,03,53,c3,40,45,2a,aa,4f,98,87,36,1a,8e,30,5d,42,b3,ac,31,9d,a6,3d,22,27,\
"rkeysecu"=hex:01,e4,58,16,39,a8,01,79,3c,5e,e3,08,30,e3,75,2e
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3632)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-05-25 20:29:19 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-25 18:29
.
Pre-Run: 81 896 865 792 bytes free
Post-Run: 82 083 635 200 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 5825DEDE3092B1830B1911BB886C62AE

Otevřte poznámkový blok a zkopírujte do něj:

Driver::
Akamai

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 11-05-24.06 - johny . 05. 2011 20:48:00.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3066.1997 [GMT 2:00]
Running from: c:\users\johny\Desktop\ComboFix.exe
Command switches used :: c:\users\johny\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Akamai
.
.
((((((((((((((((((((((((( Files Created from 2011-04-25 to 2011-05-25 )))))))))))))))))))))))))))))))
.
.
2011-05-25 16:00 . 2011-05-25 16:01 -------- d-----w- C:\rsit
2011-05-25 15:58 . 2011-05-25 15:58 388096 ----a-r- c:\users\johny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-25 15:58 . 2011-05-25 16:01 -------- d-----w- c:\program files\Trend Micro
2011-05-24 18:19 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-24 17:41 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-24 17:41 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-24 17:38 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A9819C2-4E93-4F76-9CDA-E9598C978D82}\mpengine.dll
2011-05-24 05:15 . 2011-05-24 05:15 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-23 18:28 . 2011-05-25 11:11 -------- d-----w- c:\program files\Microsoft Silverlight
2011-05-23 18:21 . 2011-05-23 18:21 -------- d-----w- c:\users\johny\AppData\Local\Windows Live
2011-05-23 18:21 . 2011-05-23 18:21 -------- d-----w- c:\program files\Common Files\Windows Live
2011-05-23 18:21 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2011-05-23 16:03 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2011-05-23 16:03 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2011-05-23 16:03 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-05-23 16:01 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2011-05-23 16:01 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2011-05-23 16:01 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-05-23 16:01 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-05-23 16:01 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-05-23 16:01 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2011-05-23 16:01 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-05-23 16:01 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2011-05-23 16:01 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-05-23 16:00 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-23 15:59 . 2009-10-23 17:10 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-05-23 12:47 . 2011-05-23 12:47 -------- d-----w- c:\users\johny\AppData\Roaming\XRay Engine
2011-05-17 18:38 . 2011-05-25 18:29 -------- d-----w- c:\users\johny\AppData\Roaming\Winamp
2011-05-06 11:48 . 2011-05-25 05:33 20 ----a-w- c:\windows\system32\setup.bat
2011-05-06 11:48 . 2011-05-25 05:33 1652 ----a-w- c:\windows\system32\setup.reg
2011-04-30 15:35 . 2011-04-30 15:35 -------- d-----w- c:\program files\EDIROL
2011-04-29 21:03 . 2011-04-29 21:03 -------- d-----w- c:\users\johny\AppData\Roaming\SynthMaker
2011-04-29 18:41 . 2011-04-29 18:41 -------- d-----w- c:\program files\Common Files\Digidesign
2011-04-29 18:41 . 2009-10-24 19:15 1332224 ----a-w- c:\windows\system32\SYNSOEMU.DLL
2011-04-29 13:54 . 2011-04-29 13:54 -------- d-----w- c:\program files\ConduitEngine
2011-04-29 13:53 . 2011-04-29 20:39 -------- d-----w- c:\users\johny\AppData\Roaming\uTorrent
2011-04-29 13:08 . 2011-04-29 13:08 -------- d-----w- c:\users\johny\AppData\Local\PackageAware
2011-04-29 12:52 . 2011-04-29 12:52 -------- d-----w- c:\users\johny\AppData\Roaming\NexusIT
2011-04-29 12:52 . 2011-04-29 12:52 32768 ----a-w- c:\windows\uni_nmt.exe
2011-04-29 12:03 . 2011-05-25 15:37 346178 ----a-w- c:\windows\system32\msvcrt3.dll
2011-04-28 19:30 . 2011-04-28 19:30 -------- d-----w- c:\users\johny\AppData\Roaming\Hardcore
2011-04-28 19:30 . 2011-04-28 19:30 -------- d-----w- c:\users\johny\AppData\Roaming\Sawer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-23 18:30 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 12:10 . 2011-02-16 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-02-16 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-02-26 11:52 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-02-16 11:43 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-02-16 11:43 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-02-16 11:43 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-02-16 11:43 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-02-16 11:43 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-13 17:51 . 2010-01-06 14:02 267 ----a-w- c:\windows\wininit.tmp
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-03-10 17:03 . 2011-04-14 12:53 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-14 12:53 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-04 19:44 . 2009-01-09 19:54 133616 ------w- c:\windows\system32\pxafs.dll
2011-03-03 15:42 . 2011-04-14 12:53 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-05-24 17:41 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-24 17:41 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-24 17:41 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-24 17:41 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:25 . 2011-04-14 12:53 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 15:44 . 2011-04-14 12:53 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-17 15:22 . 2010-02-16 18:01 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-03-17 13:45 2355224 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-02-18 3318784]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-17 30192]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-01-09 3607040]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"mouseElf"="c:\progra~1\TWINTO~1\MouseElf.EXE" [2004-08-26 192512]
"Startup Cleaner"="c:\program files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe" [2006-07-14 118784]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-17 74752]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-01-09 18:04 2972160 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 prodrv03;Star Force copy protection driver v3;c:\windows\System32\drivers\prodrv03.sys [2009-01-13 115968]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
R3 cimo;cimo;c:\windows\system32\cimo.sys [2009-08-05 51200]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GarenaPEngine;GarenaPEngine;c:\users\johny\AppData\Local\Temp\DRYD6E2.tmp [x]
R3 GoogleDesktopManager-051210-111108;Správca pre program Google Desktop 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-17 30192]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2009-01-09 43184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-04 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-02-18 142592]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 GJService;Game Jackal Server;c:\programdata\{AAD0A813-CC18-4D28-A1CC-4DC0DF41A592}\Server.exe [2010-04-16 2031040]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2009-01-09 3471360]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 13:47]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-16 13:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60347
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &U????????? - c:\program files\NamiRobot\Data\du.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\users\johny\AppData\Roaming\Mozilla\Firefox\Profiles\uumgwdji.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://cs.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:cs:official
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-25 20:58
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\johny\AppData\Local\Temp\DRYD6E2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3966806968-2824471673-2848729136-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b4,88,b4,46,81,ab,ce,b6,b5,90,48,10,2e,cf,22,1f,69,7e,7b,5a,13,ef,8d,
4a,aa,1d,ee,a2,97,e3,19,fd,9b,3e,bf,7d,9e,58,55,59,0f,fe,eb,99,12,18,89,4a,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-3966806968-2824471673-2848729136-1000\Software\SecuROM\License information*]
"datasecu"=hex:fd,cf,74,42,12,1c,47,9b,13,87,7d,cb,95,c6,0a,4c,82,94,23,78,da,
b9,03,53,c3,40,45,2a,aa,4f,98,87,36,1a,8e,30,5d,42,b3,ac,31,9d,a6,3d,22,27,\
"rkeysecu"=hex:01,e4,58,16,39,a8,01,79,3c,5e,e3,08,30,e3,75,2e
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3596)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-05-25 21:04:31 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-25 19:04
ComboFix2.txt 2011-05-25 18:29
.
Pre-Run: 82 080 673 792 bytes free
Post-Run: 81 819 836 416 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 339642B30CBBD80038A9A0EEE4C52432

Log již vypadá čistý. Nastala nějaká změna?

áno nastala ide rýchlejšie notebook,aj internet ide lepšie, ďakujem veľmi pekne za poomoc

Nemáte zač!