VIRY.CZ

Dobrý den, potřeboval bych poradit ohledně přehřívání počítače, občas samovolné restarty, vždy pomalý start počítače. Počítač mám asi 2 roky a posledních pár týdnů mám výše uvedené problémy. Prosím o radu. Přikládám log. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Denisa at 2012-03-10 13:39:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 6 GB (6%) free of 96 GB
Total RAM: 3066 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2009-09-06 70992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-09-06 446559]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-26 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-09-06 446559]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-13 6139904]
"FSCRecovery"=c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe [2008-05-08 268096]
"OSD"=C:\Program Files\OEM\OSD_1.16\osd.exe [2008-06-18 376832]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2009-09-06 24688]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-09-06 32838]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-09 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"PMBVolumeWatcher"=C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2010-03-24 599328]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"MacrokeyManager"=C:\Windows\system32\WTMKM.exe [2010-12-24 7134952]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-04-11 217088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-09-06 32838]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Google Update"=C:\Users\Denisa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-12 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

C:\Users\Denisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"

======List of files/folders created in the last 1 month======

2012-03-10 13:39:43 ----D---- C:\Program Files\trend micro
2012-03-10 13:39:42 ----D---- C:\rsit
2012-03-08 21:45:44 ----D---- C:\Program Files\Common Files\Corel
2012-03-08 21:45:21 ----D---- C:\Program Files\Corel
2012-03-08 21:42:52 ----SHD---- C:\Config.Msi
2012-03-01 12:19:09 ----D---- C:\Program Files\Sims2Pack Clean Installer
2012-02-26 21:30:22 ----D---- C:\Program Files\EA GAMES
2012-02-26 21:10:08 ----RA---- C:\Windows\system32\vp6vfw.dll
2012-02-26 21:03:14 ----D---- C:\Program Files\MagicDisc
2012-02-26 21:03:14 ----A---- C:\Windows\system32\drivers\mcdbus.sys
2012-02-17 08:57:34 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-17 08:57:34 ----A---- C:\Windows\system32\jscript.dll
2012-02-17 08:57:34 ----A---- C:\Windows\system32\iertutil.dll
2012-02-17 08:57:33 ----A---- C:\Windows\system32\wininet.dll
2012-02-17 08:57:33 ----A---- C:\Windows\system32\jscript9.dll
2012-02-17 08:57:32 ----A---- C:\Windows\system32\url.dll
2012-02-17 08:57:32 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-17 08:57:32 ----A---- C:\Windows\system32\ieui.dll
2012-02-17 08:57:31 ----A---- C:\Windows\system32\mshtml.dll
2012-02-17 08:57:30 ----A---- C:\Windows\system32\ieframe.dll
2012-02-17 08:57:29 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 15:37:42 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 15:37:41 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2012-03-10 13:39:44 ----D---- C:\Windows\Prefetch
2012-03-10 13:39:43 ----RD---- C:\Program Files
2012-03-10 13:39:43 ----D---- C:\Windows\Temp
2012-03-10 13:37:40 ----A---- C:\Windows\win.ini
2012-03-09 21:28:36 ----D---- C:\Users\Denisa\AppData\Roaming\vlc
2012-03-09 20:45:39 ----D---- C:\Users\Denisa\AppData\Roaming\dvdcss
2012-03-09 18:56:37 ----SHD---- C:\System Volume Information
2012-03-09 12:09:17 ----D---- C:\Windows\system32\drivers
2012-03-09 08:53:50 ----D---- C:\Windows\System32
2012-03-09 08:53:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-09 08:53:49 ----D---- C:\Windows\inf
2012-03-09 02:08:06 ----D---- C:\Windows\Minidump
2012-03-09 02:07:49 ----D---- C:\Windows
2012-03-08 21:56:27 ----SHD---- C:\Windows\Installer
2012-03-08 21:54:16 ----D---- C:\Windows\system32\catroot2
2012-03-08 21:47:27 ----D---- C:\Windows\winsxs
2012-03-08 21:45:47 ----RSD---- C:\Windows\Fonts
2012-03-08 21:45:44 ----D---- C:\Program Files\Common Files
2012-03-08 21:45:42 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-08 21:45:42 ----D---- C:\Program Files\Common Files\DESIGNER
2012-03-08 19:48:08 ----D---- C:\Windows\Microsoft.NET
2012-03-08 19:48:07 ----RSD---- C:\Windows\assembly
2012-03-06 08:58:02 ----D---- C:\Users\Denisa\AppData\Roaming\DAEMON Tools Lite
2012-03-05 15:18:19 ----D---- C:\Windows\system32\catroot
2012-03-01 12:36:13 ----D---- C:\Windows\system32\Tasks
2012-03-01 12:27:36 ----SD---- C:\Users\Denisa\AppData\Roaming\Microsoft
2012-03-01 10:14:57 ----D---- C:\ProgramData\Microsoft Help
2012-02-27 12:00:09 ----D---- C:\Program Files\Zrychleni Pocitace
2012-02-27 11:52:23 ----D---- C:\Program Files\Microsoft Games
2012-02-27 11:43:13 ----D---- C:\bordel
2012-02-26 23:46:36 ----D---- C:\Program Files\Webteh
2012-02-26 23:43:31 ----D---- C:\ProgramData\Ulead Systems
2012-02-26 23:43:12 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-26 23:36:43 ----D---- C:\ProgramData\Norton
2012-02-26 23:36:38 ----D---- C:\Windows\Tasks
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-17 11:32:30 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-17 10:26:33 ----D---- C:\Windows\system32\migration
2012-02-17 10:26:33 ----D---- C:\Program Files\Internet Explorer
2012-02-17 08:58:28 ----A---- C:\Windows\system32\mrt.exe
2012-02-17 08:56:24 ----D---- C:\Program Files\Windows Mail
2012-02-14 21:56:00 ----D---- C:\Windows\system32\config
2012-02-14 21:55:53 ----D---- C:\Windows\system32\spool
2012-02-14 21:55:53 ----D---- C:\Windows\system32\Msdtc
2012-02-14 21:55:52 ----D---- C:\ProgramData\Tablet
2012-02-14 21:55:51 ----D---- C:\Windows\system32\wbem
2012-02-14 21:55:51 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 GpdDevDPort;GpdDevDPort; \??\C:\Windows\system32\directport.sys [2008-06-17 7168]
R3 GpdKbFilter;GpdKbFilter; \??\C:\Windows\system32\kbfiltr.sys [2008-03-31 8192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-14 2136920]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 moufiltr;Tablet Mouse Filter Driver; C:\Windows\system32\DRIVERS\moufiltr.sys [2009-03-08 6144]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-01 3660800]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 7522624]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-12-28 104448]
R3 vhidmini;Generic Virtual HID Driver; C:\Windows\system32\DRIVERS\walvhid.sys [2009-08-20 6144]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-09-29 308248]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2008-04-03 76688]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2009-09-06 28762]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-04-29 877864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 196608]
R2 OsdService;OSD Service; C:\Program Files\OEM\OSD_1.16\OsdService.exe [2008-02-22 94208]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-04-25 303104]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 WTService;WTService; C:\Windows\system32\atwtusb.exe [2011-01-26 870120]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-07 1045256]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-05-20 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravím!
Poprosím o log ComboFix

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

přidávám log z combofix.

ComboFix 12-03-10.02 - Denisa 11.03.2012 14:50:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3066.2023 [GMT 1:00]
Spuštěný z: c:\users\Denisa\Downloads\Desktop\Desktop\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTactl.dll
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTml.dll
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1-3.inf
c:\windows\Fonts\amazb___.ttf
c:\windows\Fonts\amazi___.ttf
c:\windows\Fonts\amazr___.ttf
c:\windows\Fonts\bangb___.ttf
c:\windows\Fonts\bangi___.ttf
c:\windows\Fonts\bangn___.ttf
c:\windows\Fonts\bartb___.ttf
c:\windows\Fonts\barti___.ttf
c:\windows\Fonts\bartn___.ttf
c:\windows\Fonts\biminb__.ttf
c:\windows\Fonts\bimini__.ttf
c:\windows\Fonts\biminr__.ttf
c:\windows\Fonts\dolphb__.ttf
c:\windows\Fonts\dolphi__.ttf
c:\windows\Fonts\dolphr__.ttf
c:\windows\Fonts\eurab___.ttf
c:\windows\Fonts\eurai___.ttf
c:\windows\Fonts\euran___.ttf
c:\windows\Fonts\flatbb__.ttf
c:\windows\Fonts\flatbi__.ttf
c:\windows\Fonts\flatbn__.ttf
c:\windows\Fonts\galab___.ttf
c:\windows\Fonts\galai___.ttf
c:\windows\Fonts\galan___.ttf
c:\windows\Fonts\gazeb___.ttf
c:\windows\Fonts\gazei___.ttf
c:\windows\Fonts\gazen___.ttf
c:\windows\Fonts\chasb___.ttf
c:\windows\Fonts\chasi___.ttf
c:\windows\Fonts\chasn___.ttf
c:\windows\Fonts\keltb___.ttf
c:\windows\Fonts\kelti___.ttf
c:\windows\Fonts\keltn___.ttf
c:\windows\Fonts\libeb___.ttf
c:\windows\Fonts\liben___.ttf
c:\windows\Fonts\lyndcb__.ttf
c:\windows\Fonts\lyndcn__.ttf
c:\windows\Fonts\mirrb___.ttf
c:\windows\Fonts\mirri___.ttf
c:\windows\Fonts\mirrn___.ttf
c:\windows\Fonts\notesr__.ttf
c:\windows\Fonts\parisb__.ttf
c:\windows\Fonts\parisi__.ttf
c:\windows\Fonts\parisr__.ttf
c:\windows\Fonts\shorhb__.ttf
c:\windows\Fonts\shorhi__.ttf
c:\windows\Fonts\shorhn__.ttf
c:\windows\Fonts\signsr__.ttf
c:\windows\Fonts\simpb___.ttf
c:\windows\Fonts\simpi___.ttf
c:\windows\Fonts\simpn___.ttf
c:\windows\Fonts\surfb___.ttf
c:\windows\Fonts\surfi___.ttf
c:\windows\Fonts\surfn___.ttf
c:\windows\IsUn0405.exe
c:\windows\system32\f3PSSavr.scr
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_MyWebSearchService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-11 do 2012-03-11 )))))))))))))))))))))))))))))))
.
.
2012-03-11 13:59 . 2012-03-11 14:02 -------- d-----w- c:\users\Denisa\AppData\Local\temp
2012-03-11 13:59 . 2012-03-11 13:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-10 12:39 . 2012-03-10 12:39 -------- d-----w- c:\program files\trend micro
2012-03-10 12:39 . 2012-03-10 12:39 -------- d-----w- C:\rsit
2012-03-09 17:57 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C5E30772-0D3D-4597-867D-38942D1114EA}\mpengine.dll
2012-03-08 20:45 . 2012-03-08 20:45 -------- d-----w- c:\program files\Common Files\Corel
2012-03-08 20:45 . 2012-03-08 20:45 -------- d-----w- c:\program files\Corel
2012-03-01 11:19 . 2012-03-01 11:22 -------- d-----w- c:\program files\Sims2Pack Clean Installer
2012-02-26 20:30 . 2012-02-26 22:27 -------- d-----w- c:\program files\EA GAMES
2012-02-26 20:10 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2012-02-26 20:03 . 2012-02-26 20:04 -------- d-----w- c:\program files\MagicDisc
2012-02-26 20:03 . 2009-02-24 17:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2012-02-16 14:37 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 14:37 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 14:37 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-07-03 08:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-29 14:20 . 2011-12-29 14:20 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-29 14:20 . 2011-12-29 14:20 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-29 14:20 . 2011-12-29 14:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-29 14:20 . 2011-12-29 14:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-29 14:20 . 2011-12-29 14:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-29 14:20 . 2011-12-29 14:20 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-29 14:20 . 2011-12-29 14:20 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-29 14:20 . 2011-12-29 14:20 367104 ----a-w- c:\windows\system32\html.iec
2011-12-29 14:20 . 2011-12-29 14:20 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-29 14:20 . 2011-12-29 14:20 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-29 14:20 . 2011-12-29 14:20 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-29 14:20 . 2011-12-29 14:20 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-29 14:20 . 2011-12-29 14:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-29 14:20 . 2011-12-29 14:20 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-29 14:20 . 2011-12-29 14:20 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-29 14:20 . 2011-12-29 14:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-29 14:20 . 2011-12-29 14:20 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-20 09:10 . 2012-01-17 19:54 17704 ----a-w- c:\windows\system32\nitrolocalui2.dll
2011-12-20 09:10 . 2012-01-17 19:54 26408 ----a-w- c:\windows\system32\nitrolocalmon2.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-13 6139904]
"FSCRecovery"="c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe" [2008-05-08 268096]
"OSD"="c:\program files\OEM\OSD_1.16\osd.exe" [2008-06-18 376832]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 92704]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"MacrokeyManager"="WTMKM.exe" [2010-12-24 7134952]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"fsc-reg"="c:\programdata\fsc-reg\fscreg.exe" [2008-05-29 381200]
.
c:\users\Denisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2012-2-26 576000]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [N/A]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000Core.job
- c:\users\Denisa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-12 15:24]
.
2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000UA.job
- c:\users\Denisa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-12 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14672
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 188.75.128.188 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
AddRemove-EADM - c:\program files\Electronic Arts\EADM\EADMUI\EADMUninstall.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\rundll32.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\System32\lpksetup.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\OEM\OSD_1.16\OsdService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe
c:\program files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\atwtusb.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-03-11 15:07:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-11 14:07
.
Před spuštěním: 8 940 449 792
Po spuštění: Volných bajtů: 11 617 431 552
.
- - End Of File - - B7E5485C36FD983C22FAF38FD342066B

Ještě dočistíme. Otevřte poznámový blok a zkopírujte do něj:

Collect::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000UA.job

Folder::
c:\users\Denisa\AppData\Local\Google\Update

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

tak sem to udělal podle návodu, ale nebyl sem na místě s připojením na internet. a ten program po mě chtěl připojení. je to vážná chyba nebo to nevadí? mám to udělat znova? přikládám ještě ten log.


ComboFix 12-03-10.02 - Denisa 11.03.2012 20:06:48.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3066.2044 [GMT 1:00]
Spuštěný z: c:\users\Denisa\Downloads\Desktop\Desktop\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Denisa\Downloads\Desktop\Desktop\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
file zipped: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000Core.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Denisa\AppData\Local\Google\Update
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleUpdate.exe
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateBroker.exe
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateHelper.msi
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateOnDemand.exe
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdate.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_am.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ar.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_bg.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_bn.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ca.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_cs.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_da.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_de.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_el.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_en-GB.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_en.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_es-419.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_es.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_et.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_fa.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_fi.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_fil.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_fr.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_gu.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_hi.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_hr.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_hu.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_id.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_is.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_it.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_iw.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ja.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_kn.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ko.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_lt.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_lv.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ml.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_mr.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ms.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_nl.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_no.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_pl.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-BR.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-PT.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ro.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ru.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_sk.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_sl.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_sr.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_sv.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_sw.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ta.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_te.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_th.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_tr.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_uk.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_ur.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_vi.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-CN.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-TW.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\psmachine.dll
c:\users\Denisa\AppData\Local\Google\Update\1.3.21.99\psuser.dll
c:\users\Denisa\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.99\GoogleUpdateSetup.exe
c:\users\Denisa\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\17.0.963.78\chrome_updater.exe
c:\users\Denisa\AppData\Local\Google\Update\Download\{70AAB8F7-90A0-403B-A6B0-BE77AC343F9E}\GoogleUpdateSetup.exe
c:\users\Denisa\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2365081554-409708468-4250257755-1000UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-11 do 2012-03-11 )))))))))))))))))))))))))))))))
.
.
2012-03-11 19:14 . 2012-03-11 19:16 -------- d-----w- c:\users\Denisa\AppData\Local\temp
2012-03-11 19:14 . 2012-03-11 19:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-10 12:39 . 2012-03-10 12:39 -------- d-----w- c:\program files\trend micro
2012-03-10 12:39 . 2012-03-10 12:39 -------- d-----w- C:\rsit
2012-03-09 17:57 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C5E30772-0D3D-4597-867D-38942D1114EA}\mpengine.dll
2012-03-08 20:45 . 2012-03-08 20:45 -------- d-----w- c:\program files\Common Files\Corel
2012-03-08 20:45 . 2012-03-08 20:45 -------- d-----w- c:\program files\Corel
2012-03-01 11:19 . 2012-03-01 11:22 -------- d-----w- c:\program files\Sims2Pack Clean Installer
2012-02-26 20:30 . 2012-02-26 22:27 -------- d-----w- c:\program files\EA GAMES
2012-02-26 20:10 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2012-02-26 20:03 . 2012-02-26 20:04 -------- d-----w- c:\program files\MagicDisc
2012-02-26 20:03 . 2009-02-24 17:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2012-02-16 14:37 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 14:37 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 14:37 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-07-03 08:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-29 14:20 . 2011-12-29 14:20 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-29 14:20 . 2011-12-29 14:20 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-29 14:20 . 2011-12-29 14:20 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-29 14:20 . 2011-12-29 14:20 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-29 14:20 . 2011-12-29 14:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-29 14:20 . 2011-12-29 14:20 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-29 14:20 . 2011-12-29 14:20 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-29 14:20 . 2011-12-29 14:20 367104 ----a-w- c:\windows\system32\html.iec
2011-12-29 14:20 . 2011-12-29 14:20 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-29 14:20 . 2011-12-29 14:20 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-29 14:20 . 2011-12-29 14:20 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-29 14:20 . 2011-12-29 14:20 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-29 14:20 . 2011-12-29 14:20 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-29 14:20 . 2011-12-29 14:20 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-29 14:20 . 2011-12-29 14:20 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-29 14:20 . 2011-12-29 14:20 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-29 14:20 . 2011-12-29 14:20 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-20 09:10 . 2012-01-17 19:54 17704 ----a-w- c:\windows\system32\nitrolocalui2.dll
2011-12-20 09:10 . 2012-01-17 19:54 26408 ----a-w- c:\windows\system32\nitrolocalmon2.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-13 6139904]
"FSCRecovery"="c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe" [2008-05-08 268096]
"OSD"="c:\program files\OEM\OSD_1.16\osd.exe" [2008-06-18 376832]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 92704]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"MacrokeyManager"="WTMKM.exe" [2010-12-24 7134952]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"fsc-reg"="c:\programdata\fsc-reg\fscreg.exe" [2008-05-29 381200]
.
c:\users\Denisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2012-2-26 576000]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [N/A]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14672
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 188.75.128.188 192.168.0.1
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\rundll32.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\System32\lpksetup.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\OEM\OSD_1.16\OsdService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe
c:\program files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\atwtusb.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-03-11 20:21:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-11 19:21
.
Před spuštěním: Volných bajtů: 11 112 972 288
Po spuštění: Volných bajtů: 10 953 121 792
.
- - End Of File - - E500CDF6A6C1B33AF8DB6265AA59D52F

Myslíte GoogleUpdate? No, on to není virus, jen zbytečnost, která brzdí systém. Zkuste Start>spustit>(napsat) msconfig>OK. Projděte záložky a službu zakažte. Pokud byste ji tam nenašel, pak podle návodu: http://forum.viry.cz/viewtopic.php?f=11&t=2791 odmažte z registry.