CPU jede na 100%, a diky tomu nejde vetsina programu

Zpráva

750 · #1 Příspěvek od **750** » 10 led 2010 23:29

Procesor pracuje na 100%.ikdyz nebezi zadna aplikace a pokud si chci neco pustit,tak to bud nejde a nebo se to kouse

Log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pavel at 2010-01-10 23:12:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 30 GB (7%) free of 461 GB
Total RAM: 3001 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:13:18, on 10.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\Pavel\Desktop\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca4cd0f4896ce0) (gupdate1ca4cd0f4896ce0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 13175 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-10-08 395216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-14 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-28 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-28 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-10-08 395216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-11 249600]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-04-15 440864]
"EgisTecLiveUpdate"=C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [2008-10-27 199464]
"mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2008-10-27 346672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-18 1430824]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2009-02-12 862728]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-03-11 156968]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-03-11 202024]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-03-05 173288]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"bacstray"=C:\Program Files\Broadcom\BACS\BacsTray.exe [2006-03-06 118784]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-14 198160]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-22 13740576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-03-02 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-03-02 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-03-02 154136]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-09-22 1243088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-11-17 135168]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-02 68856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-12-23 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-10 23:12:43 ----D---- C:\rsit
2010-01-06 21:50:39 ----D---- C:\Users\Pavel\AppData\Roaming\vlc
2010-01-06 21:49:00 ----D---- C:\Program Files\VideoLAN
2010-01-03 21:32:48 ----D---- C:\FPC
2009-12-23 22:00:03 ----D---- C:\Windows\temp
2009-12-23 22:00:02 ----A---- C:\ComboFix.txt
2009-12-23 21:54:28 ----D---- C:\$RECYCLE.BIN
2009-12-22 12:32:32 ----D---- C:\Users\Pavel\AppData\Roaming\Vso
2009-12-22 12:32:21 ----A---- C:\Windows\system32\drv43260.dll
2009-12-22 12:32:21 ----A---- C:\Windows\system32\drv33260.dll
2009-12-22 12:32:21 ----A---- C:\Windows\system32\drv23260.dll
2009-12-22 12:32:21 ----A---- C:\Windows\system32\cook3260.dll
2009-12-22 12:32:20 ----A---- C:\Windows\system32\wvc1dmod.dll
2009-12-22 12:32:20 ----A---- C:\Windows\system32\vp7vfw.dll
2009-12-22 12:32:20 ----A---- C:\Windows\gdiplus.dll
2009-12-22 12:32:16 ----D---- C:\Program Files\VSO
2009-12-20 17:10:08 ----A---- C:\Windows\zip.exe
2009-12-20 17:10:08 ----A---- C:\Windows\SWXCACLS.exe
2009-12-20 17:10:08 ----A---- C:\Windows\SWSC.exe
2009-12-20 17:10:08 ----A---- C:\Windows\SWREG.exe
2009-12-20 17:10:08 ----A---- C:\Windows\sed.exe
2009-12-20 17:10:08 ----A---- C:\Windows\NIRCMD.exe
2009-12-20 17:10:08 ----A---- C:\Windows\grep.exe
2009-12-20 17:08:09 ----D---- C:\Qoobox
2009-12-18 16:43:43 ----D---- C:\Program Files\Windows Portable Devices
2009-12-18 15:41:19 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-18 15:41:18 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-18 15:41:17 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-18 15:40:38 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-18 15:40:36 ----A---- C:\Windows\system32\cdd.dll
2009-12-18 15:40:35 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-18 15:40:35 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-18 15:40:35 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-18 15:40:35 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-18 15:40:34 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-18 15:40:34 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-18 15:40:34 ----A---- C:\Windows\system32\d2d1.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\FntCache.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\dxgi.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\DWrite.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d11.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-18 15:40:33 ----A---- C:\Windows\system32\d3d10.dll
2009-12-18 15:39:54 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-18 15:39:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-18 15:39:54 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-18 15:39:50 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-18 15:39:46 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-18 15:39:46 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-18 15:39:45 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-18 15:38:10 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-18 15:38:09 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-18 15:38:09 ----A---- C:\Windows\system32\oleacc.dll
2009-12-16 17:40:02 ----D---- C:\Downloads
2009-12-16 17:37:31 ----D---- C:\Users\Pavel\AppData\Roaming\FlashGet
2009-12-16 17:36:34 ----D---- C:\Program Files\FlashGet
2009-12-16 11:11:20 ----D---- C:\Program Files\JDownloader
2009-12-16 11:10:53 ----A---- C:\Windows\system32\javaws.exe
2009-12-16 11:10:53 ----A---- C:\Windows\system32\javaw.exe
2009-12-16 11:10:53 ----A---- C:\Windows\system32\java.exe
2009-12-16 11:10:53 ----A---- C:\Windows\system32\deploytk.dll
2009-12-16 11:10:15 ----D---- C:\Program Files\Java
2009-12-15 13:23:31 ----D---- C:\Program Files\Call of Duty
2009-12-15 13:21:31 ----A---- C:\Windows\CoD.INI
2009-12-13 21:00:01 ----A---- C:\Windows\system32\jscript.dll
2009-12-11 22:24:59 ----D---- C:\Windows\system32\eu-ES
2009-12-11 22:24:59 ----D---- C:\Windows\system32\ca-ES
2009-12-11 22:24:58 ----D---- C:\Windows\system32\vi-VN
2009-12-11 18:54:07 ----D---- C:\Windows\system32\EventProviders
2009-12-11 18:40:33 ----A---- C:\Windows\system32\occache.dll
2009-12-11 18:40:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-11 18:40:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-11 18:40:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-11 18:40:32 ----A---- C:\Windows\system32\ieui.dll
2009-12-11 18:40:32 ----A---- C:\Windows\system32\iepeers.dll
2009-12-11 18:40:31 ----A---- C:\Windows\system32\wininet.dll
2009-12-11 18:40:31 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-11 18:40:31 ----A---- C:\Windows\system32\iesetup.dll
2009-12-11 18:40:31 ----A---- C:\Windows\system32\iernonce.dll
2009-12-11 18:40:31 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-11 18:40:30 ----A---- C:\Windows\system32\urlmon.dll
2009-12-11 18:40:30 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-11 18:40:30 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-11 18:40:30 ----A---- C:\Windows\system32\iertutil.dll
2009-12-11 18:40:30 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-11 18:40:28 ----A---- C:\Windows\system32\mshtml.dll
2009-12-11 18:40:28 ----A---- C:\Windows\system32\ieframe.dll
2009-12-11 18:38:38 ----A---- C:\Windows\system32\mshtmler.dll
2009-12-11 18:38:38 ----A---- C:\Windows\system32\mshtmled.dll
2009-12-11 18:38:38 ----A---- C:\Windows\system32\icardie.dll
2009-12-11 18:38:38 ----A---- C:\Windows\system32\admparse.dll
2009-12-11 18:38:37 ----A---- C:\Windows\system32\msls31.dll
2009-12-11 18:38:37 ----A---- C:\Windows\system32\corpol.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\licmgr10.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\inseng.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\imgutil.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\ieakeng.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\dxtrans.dll
2009-12-11 18:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2009-12-11 18:38:35 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-12-11 18:38:35 ----A---- C:\Windows\system32\wextract.exe
2009-12-11 18:38:35 ----A---- C:\Windows\system32\webcheck.dll
2009-12-11 18:38:35 ----A---- C:\Windows\system32\mstime.dll
2009-12-11 18:38:35 ----A---- C:\Windows\system32\msrating.dll
2009-12-11 18:38:35 ----A---- C:\Windows\system32\ieakui.dll
2009-12-11 18:38:35 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-11 18:38:34 ----A---- C:\Windows\system32\pngfilt.dll
2009-12-11 18:38:34 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-11 18:38:34 ----A---- C:\Windows\system32\advpack.dll
2009-12-11 18:38:33 ----A---- C:\Windows\system32\vbscript.dll
2009-12-11 18:38:33 ----A---- C:\Windows\system32\url.dll
2009-12-11 18:38:30 ----A---- C:\Windows\system32\SetDepNx.exe
2009-12-11 18:38:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-12-11 18:38:30 ----A---- C:\Windows\system32\mshta.exe
2009-12-11 18:38:30 ----A---- C:\Windows\system32\iexpress.exe
2009-12-11 18:38:29 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-12-11 18:38:29 ----A---- C:\Windows\system32\PDMSetup.exe
2009-12-11 18:16:36 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-11 18:16:32 ----A---- C:\Windows\system32\httpapi.dll

======List of files/folders modified in the last 1 months======

2010-01-10 23:13:18 ----D---- C:\Program Files\trend micro
2010-01-10 23:05:07 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2010-01-10 22:49:54 ----D---- C:\Program Files\Spyware Doctor
2010-01-10 22:34:28 ----AD---- C:\ProgramData\Temp
2010-01-10 22:19:15 ----D---- C:\Windows\Prefetch
2010-01-10 15:05:08 ----D---- C:\Windows\System32
2010-01-10 15:05:08 ----D---- C:\Windows\inf
2010-01-10 15:05:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-08 11:22:04 ----SHD---- C:\Windows\Installer
2010-01-08 11:19:22 ----D---- C:\Windows
2010-01-08 10:52:26 ----SHD---- C:\System Volume Information
2010-01-07 21:35:35 ----D---- C:\Users\Pavel\AppData\Roaming\BSplayer PRO
2010-01-07 00:14:46 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 21:49:00 ----RD---- C:\Program Files
2010-01-01 10:50:52 ----D---- C:\Windows\system32\WDI
2009-12-31 20:12:03 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-12-31 10:02:59 ----D---- C:\Windows\system32\catroot2
2009-12-25 13:16:30 ----D---- C:\Windows\Minidump
2009-12-25 12:41:52 ----D---- C:\Program Files\ICQ6Toolbar
2009-12-25 12:41:11 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-23 22:00:04 ----D---- C:\Windows\system32\drivers
2009-12-23 21:54:35 ----A---- C:\Windows\system.ini
2009-12-23 20:31:02 ----D---- C:\Windows\system32\config
2009-12-23 20:31:02 ----D---- C:\Boot
2009-12-23 20:30:37 ----D---- C:\Windows\ERDNT
2009-12-23 20:25:40 ----D---- C:\Windows\AppPatch
2009-12-23 20:25:38 ----D---- C:\Program Files\Common Files
2009-12-22 12:39:43 ----D---- C:\Windows\system32\catroot
2009-12-22 12:20:13 ----D---- C:\ProgramData\DVD Shrink
2009-12-20 17:00:35 ----D---- C:\Program Files\DAEMON Tools Lite
2009-12-18 19:33:54 ----D---- C:\Windows\rescache
2009-12-18 19:18:28 ----D---- C:\Windows\system32\Tasks
2009-12-18 16:43:44 ----D---- C:\Windows\system32\cs-CZ
2009-12-18 16:43:43 ----D---- C:\Windows\system32\wbem
2009-12-18 16:43:42 ----D---- C:\Windows\system32\zh-HK
2009-12-18 16:43:42 ----D---- C:\Windows\system32\uk-UA
2009-12-18 16:43:42 ----D---- C:\Windows\system32\sl-SI
2009-12-18 16:43:42 ----D---- C:\Windows\system32\pt-PT
2009-12-18 16:43:42 ----D---- C:\Windows\system32\pt-BR
2009-12-18 16:43:42 ----D---- C:\Windows\system32\pl-PL
2009-12-18 16:43:42 ----D---- C:\Windows\system32\ko-KR
2009-12-18 16:43:42 ----D---- C:\Windows\system32\it-IT
2009-12-18 16:43:42 ----D---- C:\Windows\system32\hu-HU
2009-12-18 16:43:42 ----D---- C:\Windows\system32\hr-HR
2009-12-18 16:43:42 ----D---- C:\Windows\system32\he-IL
2009-12-18 16:43:42 ----D---- C:\Windows\system32\el-GR
2009-12-18 16:43:42 ----D---- C:\Windows\system32\bg-BG
2009-12-18 16:43:41 ----D---- C:\Windows\system32\zh-TW
2009-12-18 16:43:41 ----D---- C:\Windows\system32\zh-CN
2009-12-18 16:43:41 ----D---- C:\Windows\system32\tr-TR
2009-12-18 16:43:41 ----D---- C:\Windows\system32\th-TH
2009-12-18 16:43:41 ----D---- C:\Windows\system32\sv-SE
2009-12-18 16:43:41 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-18 16:43:41 ----D---- C:\Windows\system32\sk-SK
2009-12-18 16:43:41 ----D---- C:\Windows\system32\ru-RU
2009-12-18 16:43:41 ----D---- C:\Windows\system32\ro-RO
2009-12-18 16:43:41 ----D---- C:\Windows\system32\nl-NL
2009-12-18 16:43:41 ----D---- C:\Windows\system32\nb-NO
2009-12-18 16:43:41 ----D---- C:\Windows\system32\lv-LV
2009-12-18 16:43:41 ----D---- C:\Windows\system32\lt-LT
2009-12-18 16:43:41 ----D---- C:\Windows\system32\ja-JP
2009-12-18 16:43:41 ----D---- C:\Windows\system32\fr-FR
2009-12-18 16:43:41 ----D---- C:\Windows\system32\fi-FI
2009-12-18 16:43:41 ----D---- C:\Windows\system32\et-EE
2009-12-18 16:43:41 ----D---- C:\Windows\system32\es-ES
2009-12-18 16:43:41 ----D---- C:\Windows\system32\en-US
2009-12-18 16:43:41 ----D---- C:\Windows\system32\de-DE
2009-12-18 16:43:41 ----D---- C:\Windows\system32\da-DK
2009-12-18 16:43:41 ----D---- C:\Windows\system32\ar-SA
2009-12-18 15:54:18 ----D---- C:\Windows\Microsoft.NET
2009-12-18 15:53:50 ----RSD---- C:\Windows\assembly
2009-12-18 15:41:40 ----D---- C:\Windows\winsxs
2009-12-18 15:36:30 ----D---- C:\Config.Msi
2009-12-16 17:45:13 ----D---- C:\ProgramData
2009-12-16 17:09:52 ----D---- C:\Program Files\Acer GameZone
2009-12-16 16:53:55 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-16 16:42:39 ----D---- C:\Program Files\Ubisoft
2009-12-14 20:39:39 ----D---- C:\ProgramData\NVIDIA
2009-12-14 20:14:18 ----SD---- C:\ProgramData\Microsoft
2009-12-11 22:27:53 ----D---- C:\Program Files\Windows Mail
2009-12-11 22:27:53 ----D---- C:\Program Files\Windows Calendar
2009-12-11 22:27:53 ----D---- C:\Program Files\Movie Maker
2009-12-11 22:27:51 ----D---- C:\Program Files\Windows Sidebar
2009-12-11 22:27:51 ----D---- C:\Program Files\Internet Explorer
2009-12-11 22:27:50 ----D---- C:\Program Files\Windows Media Player
2009-12-11 22:27:50 ----D---- C:\Program Files\Windows Collaboration
2009-12-11 22:27:49 ----D---- C:\Program Files\Windows Journal
2009-12-11 22:27:46 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-11 22:27:46 ----D---- C:\Program Files\Common Files\System
2009-12-11 22:27:44 ----D---- C:\Program Files\Windows Defender
2009-12-11 22:27:43 ----D---- C:\Windows\servicing
2009-12-11 22:27:43 ----D---- C:\Windows\ehome
2009-12-11 22:27:22 ----D---- C:\Windows\system32\XPSViewer
2009-12-11 22:27:22 ----D---- C:\Windows\IME
2009-12-11 22:27:18 ----D---- C:\Windows\system32\oobe
2009-12-11 22:27:18 ----D---- C:\Windows\system32\migration
2009-12-11 22:27:11 ----D---- C:\Windows\system32\setup
2009-12-11 22:27:11 ----D---- C:\Windows\system32\cs
2009-12-11 22:27:11 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-11 22:27:02 ----D---- C:\Windows\system32\SLUI
2009-12-11 22:26:58 ----D---- C:\Windows\system32\manifeststore
2009-12-11 22:26:44 ----D---- C:\Windows\system32\migwiz
2009-12-11 22:25:19 ----RSD---- C:\Windows\Fonts
2009-12-11 22:24:58 ----D---- C:\Windows\system32\Boot
2009-12-11 22:20:25 ----D---- C:\Windows\system32\RTCOM
2009-12-11 18:43:15 ----D---- C:\Windows\PolicyDefinitions
2009-12-11 18:24:50 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R2 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-10-09 19504]
R2 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-10-09 16432]
R2 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-10-09 59952]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-11-03 223232]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2005-12-18 57856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-10 2358112]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-30 3715072]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-22 9510848]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-12-22 47360]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2005-12-18 205232]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-04-10 84256]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-03-24 106784]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-03-24 17056]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-02-25 112992]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2008-01-30 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2005-12-26 153952]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-20 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2009-10-08 112592]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-04-13 578848]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-03-06 75048]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-04-15 703008]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2008-10-27 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-11 61184]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-22 211488]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-10-28 66872]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-09-23 358600]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-09-23 1141200]
S2 gupdate1ca4cd0f4896ce0;Služba Google Update (gupdate1ca4cd0f4896ce0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-11-27 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-29 651720]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]

-----------------EOF-----------------

Unlimited_Killer

Mohu vidět log z ComboFixu?

Kód: Vybrat vše

C:\ComboFix.txt

Prozatím můžete vykonávat pokyny v Nouzovém režimu.

750 · #3 Příspěvek od **750** » 11 led 2010 16:19

tady je,akorat je skoro mesic starej:

ComboFix 09-12-19.03 - Pavel 23.12.2009 20:19:09.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3001.1948 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Pavel\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ICQ Service
-------\Service_NOD32FiXTemDono

((((((((((((((((((((((((( Soubory vytvořené od 2009-11-23 do 2009-12-23 )))))))))))))))))))))))))))))))
.

2009-12-23 19:30 . 2009-12-23 19:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-23 19:30 . 2009-12-23 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-22 11:32 . 2009-12-22 11:42 -------- d-----w- c:\users\Pavel\AppData\Roaming\Vso
2009-12-22 11:32 . 2007-03-18 20:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-12-22 11:32 . 2006-09-29 12:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-12-22 11:32 . 2006-09-29 12:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-12-22 11:32 . 2006-09-29 12:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-12-22 11:32 . 2006-05-20 16:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-12-22 11:32 . 2006-05-11 19:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-12-22 11:32 . 2004-05-04 11:53 1645320 ----a-w- c:\windows\gdiplus.dll
2009-12-22 11:32 . 2009-12-22 11:32 -------- d-----w- c:\program files\VSO
2009-12-20 16:28 . 2009-12-23 20:54 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2009-12-18 15:43 . 2009-12-18 15:43 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-18 14:41 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-18 14:41 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-18 14:41 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-18 14:39 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-12-18 14:39 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-12-18 14:39 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-12-18 14:39 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-12-18 14:39 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-12-18 14:39 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-12-18 14:39 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-18 14:39 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-12-18 14:39 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-12-18 14:39 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-18 14:38 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-18 14:38 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-18 14:38 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-16 16:40 . 2009-12-16 16:40 -------- d-----w- C:\Downloads
2009-12-16 16:37 . 2009-12-16 16:37 -------- d-----w- c:\users\Pavel\AppData\Roaming\FlashGet
2009-12-16 16:36 . 2009-12-16 16:40 -------- d-----w- c:\program files\FlashGet
2009-12-16 10:11 . 2009-12-17 14:27 -------- d-----w- c:\program files\JDownloader
2009-12-16 10:10 . 2009-12-16 10:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 10:10 . 2009-12-16 10:10 -------- d-----w- c:\program files\Java
2009-12-15 12:23 . 2009-12-15 12:27 -------- d-----w- c:\program files\Call of Duty
2009-12-11 21:24 . 2009-12-11 21:27 -------- d-----w- c:\windows\system32\ca-ES
2009-12-11 21:24 . 2009-12-11 21:27 -------- d-----w- c:\windows\system32\eu-ES
2009-12-11 21:24 . 2009-12-11 21:26 -------- d-----w- c:\windows\system32\vi-VN
2009-12-11 17:54 . 2009-12-11 17:54 -------- d-----w- c:\windows\system32\EventProviders
2009-12-11 17:53 . 2009-12-11 17:54 -------- d-----w- C:\93693720901ab99cc04c5cf6
2009-12-11 17:38 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-12-11 17:16 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-11 17:16 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-11 17:16 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 21:54 . 2009-12-20 11:14 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-12-09 17:39 . 2009-12-09 17:39 -------- d-----w- c:\program files\Image Grabber II
2009-12-09 08:03 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-08 21:38 . 2009-12-08 21:38 -------- d--h--r- c:\programdata\SecuROM
2009-12-08 21:38 . 2009-12-08 21:38 221184 ----a-w- c:\windows\system32\UAService7.exe
2009-12-08 21:31 . 2009-12-08 21:31 -------- d-----w- c:\program files\Atari
2009-12-06 20:10 . 2009-12-06 20:12 -------- d-----w- C:\ToolBar SD
2009-12-04 14:58 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
2009-12-04 14:58 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
2009-12-04 14:58 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
2009-12-04 14:58 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
2009-12-04 14:58 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
2009-12-04 14:58 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
2009-12-04 14:58 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
2009-12-04 14:58 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-12-04 14:58 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
2009-12-04 14:58 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll
2009-12-04 14:58 . 2009-12-04 14:58 -------- d-----w- c:\program files\BRS
2009-12-04 02:09 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-04 02:08 . 2009-12-04 02:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-12-03 21:54 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-02 18:29 . 2009-12-02 18:30 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-12-02 18:09 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-12-02 18:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-12-02 18:08 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-29 00:07 . 2009-11-29 00:07 -------- d-----w- c:\users\Pavel\AppData\Local\ESET
2009-11-28 19:39 . 2009-11-28 19:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\Acer
2009-11-28 11:41 . 2009-11-28 11:41 -------- d-----w- c:\program files\trend micro
2009-11-28 09:15 . 2009-11-28 09:15 -------- d-----w- c:\windows\SXS
2009-11-28 09:05 . 2002-12-17 15:23 33340 ------w- c:\windows\system32\dbmsqlgc.dll
2009-11-28 09:05 . 2002-10-20 13:05 24576 ------w- c:\windows\system32\dbmsgnet.dll
2009-11-28 09:03 . 2009-11-28 09:03 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-28 08:52 . 2009-11-28 08:52 93 ----a-w- c:\users\Pavel\AppData\Local\fusioncache.dat
2009-11-28 08:52 . 2009-11-28 12:42 -------- d-----w- c:\users\Pavel\AppData\Local\ApplicationHistory
2009-11-27 15:26 . 2009-11-27 15:26 -------- d-----w- c:\users\Pavel\AppData\Roaming\Ansys
2009-11-27 15:22 . 2009-11-27 15:22 -------- d-----w- c:\users\Pavel\AppData\Local\Threat Expert
2009-11-27 14:38 . 2009-11-27 14:38 -------- d-----w- c:\program files\Common Files\Autodesk
2009-11-27 14:15 . 2009-11-27 14:16 -------- d-----w- c:\program files\AOEMView 2008
2009-11-27 14:14 . 2009-11-28 08:52 -------- d-----w- c:\program files\Microsoft WSE
2009-11-27 14:13 . 2009-11-28 09:14 -------- d-----w- c:\program files\Autodesk

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 19:31 . 2009-09-02 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-23 19:16 . 2009-09-02 16:48 47151 ----a-w- c:\programdata\nvModes.dat
2009-12-23 19:12 . 2009-10-30 08:11 -------- d-----w- c:\program files\Spyware Doctor
2009-12-23 19:08 . 2008-01-21 06:46 654120 ----a-w- c:\windows\system32\perfh005.dat
2009-12-23 19:08 . 2008-01-21 06:46 142832 ----a-w- c:\windows\system32\perfc005.dat
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\users\Pavel\AppData\Roaming\pcouffin.sys
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\users\Pavel\AppData\Roaming\pcouffin.sys
2009-12-22 11:20 . 2009-11-15 13:16 -------- d-----w- c:\programdata\DVD Shrink
2009-12-20 16:00 . 2009-09-03 16:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-20 15:44 . 2009-09-02 15:59 151376 ----a-w- c:\users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-20 11:12 . 2009-09-03 16:44 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-19 22:21 . 2009-09-19 15:32 -------- d-----w- c:\users\Pavel\AppData\Roaming\uTorrent
2009-12-18 15:43 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-18 15:42 . 2009-12-18 15:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-16 16:09 . 2009-03-26 14:20 -------- d-----w- c:\program files\Acer GameZone
2009-12-16 15:53 . 2009-03-26 14:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-16 15:42 . 2009-09-19 15:37 -------- d-----w- c:\program files\Ubisoft
2009-12-16 15:38 . 2009-11-19 15:56 -------- d-----w- c:\program files\Ask.com
2009-12-15 11:16 . 2009-09-20 20:56 -------- d-----w- c:\users\Pavel\AppData\Roaming\BSplayer PRO
2009-12-14 19:39 . 2009-09-06 19:32 -------- d-----w- c:\programdata\NVIDIA
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-11 21:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-12-11 17:24 . 2009-03-26 14:13 -------- d-----w- c:\programdata\Microsoft Help
2009-12-08 18:03 . 2009-09-03 17:50 -------- d-----w- c:\program files\Electronic Arts
2009-12-04 15:22 . 2009-10-04 21:08 -------- d-----w- c:\programdata\Codemasters
2009-12-04 14:57 . 2009-10-04 20:34 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 14:57 . 2009-10-04 20:34 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 14:57 . 2009-10-04 20:34 -------- d-----w- c:\program files\OpenAL
2009-12-04 14:09 . 2009-10-04 19:56 -------- d-----w- c:\program files\Codemasters
2009-12-04 02:13 . 2009-03-26 14:14 -------- d-----w- c:\program files\Microsoft Works
2009-12-03 22:18 . 2009-09-03 16:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-30 23:09 . 2009-11-08 21:02 -------- d-----w- c:\programdata\Ubisoft
2009-11-30 23:06 . 2009-11-30 23:06 10134 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0009\tmpD78D.tmp
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0005\tmpD78D.tmp
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0000\tmpD78D.tmp
2009-11-28 09:27 . 2009-10-29 08:16 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-11-28 09:14 . 2009-10-29 08:16 -------- d-----w- c:\programdata\Autodesk
2009-11-27 15:27 . 2009-10-29 08:16 -------- d-----w- c:\users\Pavel\AppData\Roaming\Autodesk
2009-11-27 14:14 . 2009-11-27 14:14 10134 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-11-25 03:23 . 2009-09-02 15:56 1356 ----a-w- c:\users\Pavel\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-11 17:40 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-11 17:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-11 17:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-11 17:40 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 17:02 . 2009-11-19 17:02 -------- d-----w- c:\program files\Opera
2009-11-19 15:56 . 2009-11-19 15:56 -------- d-----w- c:\program files\uTorrent
2009-11-19 11:40 . 2009-11-19 11:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\.ABC
2009-11-19 11:39 . 2009-11-19 11:38 -------- d-----w- c:\program files\ABC
2009-11-17 09:26 . 2009-11-17 09:26 -------- d-----w- c:\program files\Empire Interactive
2009-11-15 13:16 . 2009-11-15 13:16 -------- d-----w- c:\program files\DVD Shrink
2009-11-11 11:57 . 2009-09-18 17:14 -------- d-----w- c:\program files\Activision
2009-11-08 14:56 . 2009-09-03 16:57 -------- d-----w- c:\program files\Disney Interactive Studios
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-07 15:44 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-01 21:28 . 2009-09-20 20:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-01 20:56 . 2009-11-01 20:56 -------- d-----w- c:\program files\Eidos
2009-10-31 22:44 . 2009-10-31 22:44 -------- d-----w- c:\program files\Common Files\PC Tools
2009-10-31 22:44 . 2009-10-31 22:44 -------- d-----w- c:\users\Pavel\AppData\Roaming\PC Tools
2009-10-31 22:44 . 2009-10-31 22:44 -------- d-----w- c:\programdata\PC Tools
2009-10-30 23:20 . 2009-09-03 17:54 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-30 23:20 . 2009-09-03 17:54 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-29 08:30 . 2009-10-29 08:30 36864 ----a-w- c:\users\Pavel\AppData\Roaming\Autodesk\AutoCAD 2010\R18.0\csy\ContextualTabSelectorRules.dll
2009-10-29 08:29 . 2009-10-29 08:29 -------- d-----w- c:\programdata\FLEXnet
2009-10-29 08:24 . 2009-10-29 08:16 -------- d-----w- c:\program files\AutoCAD 2010
2009-10-29 08:20 . 2009-10-29 08:20 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-28 13:32 . 2009-09-19 15:41 22328 ----a-w- c:\users\Pavel\AppData\Roaming\PnkBstrK.sys
2009-10-28 13:32 . 2009-09-19 15:41 22328 ----a-w- c:\users\Pavel\AppData\Roaming\PnkBstrK.sys
2009-10-28 13:29 . 2009-09-03 17:54 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-28 13:29 . 2009-09-19 15:40 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-26 15:43 . 2009-10-26 15:43 -------- d-----w- c:\program files\Vivendi Universal Games
2009-10-15 11:44 . 2009-12-04 14:57 809560 ----a-r- c:\windows\system32\tmp4F2D.tmp
2009-10-15 11:44 . 2009-12-04 14:51 809560 ----a-r- c:\windows\system32\tmp4A2C.tmp
2009-10-08 10:31 . 2009-10-31 22:44 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-10-08 10:31 . 2009-10-31 22:44 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-10-08 10:31 . 2009-10-31 22:44 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-10-08 10:31 . 2009-10-31 22:44 767952 ----a-w- c:\windows\BDTSupport.dll
2009-10-06 15:31 . 2009-10-31 22:44 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-10-05 15:32 . 2009-10-05 15:32 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 13:19 . 2009-10-31 22:44 1152470 ----a-w- c:\windows\UDB.zip
2009-09-25 02:10 . 2009-12-18 14:40 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-12-18 14:40 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-12-18 14:40 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-12-18 14:40 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-12-18 14:40 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-12-18 14:40 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-12-18 14:40 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-12-18 14:40 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-12-18 14:40 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-12-18 14:40 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-12-18 14:40 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-12-18 14:40 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-12-18 14:40 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-12-18 14:40 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-11-29 19:47 . 2009-11-29 19:47 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 11:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-02 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-29 30192]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-11 249600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-04-15 440864]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-18 1430824]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2009-02-12 862728]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-03-11 156968]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-11 202024]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-03-05 173288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"bacstray"="c:\program files\Broadcom\BACS\BacsTray.exe" [2006-03-06 118784]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-14 198160]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-22 13740576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-02 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-02 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-02 154136]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-26 565248]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):3e,e6,1a,e3,a9,7a,ca,01

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [31.10.2009 23:44 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [31.10.2009 23:44 112592]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2.9.2009 17:39 75048]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [26.3.2009 15:28 703008]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
R2 mwlPSDFilter;mwlPSDFilter;c:\windows\System32\drivers\mwlPSDFilter.sys [9.10.2008 16:47 19504]
R2 mwlPSDNServ;mwlPSDNServ;c:\windows\System32\drivers\mwlPSDNserv.sys [9.10.2008 16:47 16432]
R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\System32\drivers\mwlPSDVDisk.sys [9.10.2008 16:47 59952]
R2 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\MWLService.exe [27.10.2008 12:05 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [11.4.2009 18:32 61184]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 14:11 144632]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [26.3.2009 15:58 237568]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [3.11.2008 12:51 223232]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [26.3.2009 22:04 57856]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [26.3.2009 22:04 112992]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [26.3.2009 22:04 3715072]
S2 gupdate1ca4cd0f4896ce0;Služba Google Update (gupdate1ca4cd0f4896ce0);c:\program files\Google\Update\GoogleUpdate.exe [14.10.2009 14:19 133104]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2.9.2009 17:17 29472]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26.3.2009 15:20 30192]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18.6.2009 18:48 42480]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 14:11 50424]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [31.10.2009 23:44 358600]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\m72cwa59.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-23 21:54
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys acpi.sys hal.dll >>UNKNOWN [0x860BB1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8b3aad24
\Driver\ACPI -> acpi.sys @ 0x8ac10d68
\Driver\atapi -> 0x860bb1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2669217469-1573396513-1753924385-1000_Classes\VirtualStore\MACHINE\SOFTWARE\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:84,0e,f8,b4,8f,bf,e8,b2,17,9e,b4,fb,1b,90,5e,51,db,ae,e9,94,34,de,e7,
a7,73,61,5d,5d,c3,ca,de,fb,b9,2c,67,9d,f2,84,10,66,60,75,ec,33,59,60,5c,c9,\
"??"=hex:1b,be,6d,88,f0,ff,a9,17,ba,7c,e7,81,4f,7d,dc,f7
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3588)
c:\windows\system32\NVSVC.DLL
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlUI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\GDIExtendCtrl.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlOP.dll
c:\program files\EgisTec\MyWinLocker 3\x86\CryptoAPI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\ShowErrMsg.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2009-12-23 22:00:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-23 20:59
ComboFix2.txt 2009-12-20 16:28

Před spuštěním: Volných bajtů: 71 435 214 848
Po spuštění: Volných bajtů: 65 786 671 104

- - End Of File - - 284799D4DE9AAFA39ED00645A7C99A2F

Unlimited_Killer

V tom případě stáhněte a spusťte nový.

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.

750 · #5 Příspěvek od **750** » 12 led 2010 09:28

Tak zde je log,akorat sken trval neskutecne dlouho. Skoro 6 hodin.

ComboFix 10-01-04.01 - Pavel 11.01.2010 18:33:54.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3001.1371 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

----- BITS: Možné infikované stránky -----

hxxp://au.download.windowsupdate.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-12 do 2010-01-12 )))))))))))))))))))))))))))))))
.

2010-01-12 02:25 . 2010-01-12 02:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-12 02:25 . 2010-01-12 02:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-10 22:12 . 2010-01-10 22:13 -------- d-----w- C:\rsit
2010-01-06 20:50 . 2010-01-11 18:26 -------- d-----w- c:\users\Pavel\AppData\Roaming\vlc
2010-01-06 20:49 . 2010-01-06 20:49 -------- d-----w- c:\program files\VideoLAN
2010-01-03 20:32 . 2010-01-03 20:32 -------- d-----w- C:\FPC
2009-12-23 21:00 . 2010-01-12 05:45 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-22 11:32 . 2009-12-28 13:02 -------- d-----w- c:\users\Pavel\AppData\Roaming\Vso
2009-12-22 11:32 . 2007-03-18 20:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-12-22 11:32 . 2006-09-29 12:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-12-22 11:32 . 2006-09-29 12:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-12-22 11:32 . 2006-09-29 12:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-12-22 11:32 . 2006-05-20 16:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-12-22 11:32 . 2006-05-11 19:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-12-22 11:32 . 2004-05-04 11:53 1645320 ----a-w- c:\windows\gdiplus.dll
2009-12-22 11:32 . 2009-12-22 11:32 -------- d-----w- c:\program files\VSO
2009-12-18 15:43 . 2009-12-18 15:43 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-18 14:41 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-18 14:41 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-18 14:41 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-18 14:39 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-12-18 14:39 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-12-18 14:39 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-12-18 14:39 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-12-18 14:39 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-12-18 14:39 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-12-18 14:39 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-18 14:39 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-12-18 14:39 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-12-18 14:39 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-18 14:38 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-18 14:38 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-18 14:38 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-16 16:40 . 2009-12-16 16:40 -------- d-----w- C:\Downloads
2009-12-16 16:37 . 2009-12-16 16:37 -------- d-----w- c:\users\Pavel\AppData\Roaming\FlashGet
2009-12-16 16:36 . 2009-12-16 16:40 -------- d-----w- c:\program files\FlashGet
2009-12-16 10:11 . 2009-12-17 14:27 -------- d-----w- c:\program files\JDownloader
2009-12-16 10:10 . 2009-12-16 10:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 10:10 . 2009-12-16 10:10 -------- d-----w- c:\program files\Java
2009-12-15 12:23 . 2009-12-15 12:27 -------- d-----w- c:\program files\Call of Duty

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-11 16:57 . 2009-09-19 15:32 -------- d-----w- c:\users\Pavel\AppData\Roaming\uTorrent
2010-01-11 15:14 . 2009-10-30 08:11 -------- d-----w- c:\program files\Spyware Doctor
2010-01-10 22:13 . 2009-11-28 11:41 -------- d-----w- c:\program files\trend micro
2010-01-10 21:07 . 2009-09-02 16:48 47151 ----a-w- c:\programdata\nvModes.dat
2010-01-10 15:52 . 2009-09-02 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-10 14:05 . 2008-01-21 06:46 654120 ----a-w- c:\windows\system32\perfh005.dat
2010-01-10 14:05 . 2008-01-21 06:46 142832 ----a-w- c:\windows\system32\perfc005.dat
2010-01-07 20:35 . 2009-09-20 20:56 -------- d-----w- c:\users\Pavel\AppData\Roaming\BSplayer PRO
2009-12-31 19:12 . 2009-09-03 17:54 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-31 19:12 . 2009-09-03 17:54 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-25 11:41 . 2009-10-13 10:44 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-25 11:41 . 2009-12-10 21:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\users\Pavel\AppData\Roaming\pcouffin.sys
2009-12-22 11:20 . 2009-11-15 13:16 -------- d-----w- c:\programdata\DVD Shrink
2009-12-20 16:00 . 2009-09-03 16:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-20 15:44 . 2009-09-02 15:59 151376 ----a-w- c:\users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-20 11:12 . 2009-09-03 16:44 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-18 15:42 . 2009-12-18 15:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-16 16:09 . 2009-03-26 14:20 -------- d-----w- c:\program files\Acer GameZone
2009-12-16 15:53 . 2009-03-26 14:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-16 15:42 . 2009-09-19 15:37 -------- d-----w- c:\program files\Ubisoft
2009-12-14 19:39 . 2009-09-06 19:32 -------- d-----w- c:\programdata\NVIDIA
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-11 21:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-12-11 17:24 . 2009-03-26 14:13 -------- d-----w- c:\programdata\Microsoft Help
2009-12-09 17:39 . 2009-12-09 17:39 -------- d-----w- c:\program files\Image Grabber II
2009-12-08 21:38 . 2009-12-08 21:38 -------- d--h--r- c:\programdata\SecuROM
2009-12-08 21:38 . 2009-12-08 21:38 221184 ----a-w- c:\windows\system32\UAService7.exe
2009-12-08 21:31 . 2009-12-08 21:31 -------- d-----w- c:\program files\Atari
2009-12-08 18:03 . 2009-09-03 17:50 -------- d-----w- c:\program files\Electronic Arts
2009-12-04 15:22 . 2009-10-04 21:08 -------- d-----w- c:\programdata\Codemasters
2009-12-04 14:58 . 2009-12-04 14:58 -------- d-----w- c:\program files\BRS
2009-12-04 14:57 . 2009-10-04 20:34 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 14:57 . 2009-10-04 20:34 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 14:57 . 2009-10-04 20:34 -------- d-----w- c:\program files\OpenAL
2009-12-04 14:09 . 2009-10-04 19:56 -------- d-----w- c:\program files\Codemasters
2009-12-04 02:13 . 2009-03-26 14:14 -------- d-----w- c:\program files\Microsoft Works
2009-12-03 22:18 . 2009-09-03 16:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-12-02 18:30 . 2009-12-02 18:29 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-11-30 23:09 . 2009-11-08 21:02 -------- d-----w- c:\programdata\Ubisoft
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-28 19:39 . 2009-11-28 19:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\Acer
2009-11-28 09:27 . 2009-10-29 08:16 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-11-28 09:14 . 2009-11-27 14:13 -------- d-----w- c:\program files\Autodesk
2009-11-28 09:14 . 2009-10-29 08:16 -------- d-----w- c:\programdata\Autodesk
2009-11-28 09:03 . 2009-11-28 09:03 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-28 08:52 . 2009-11-28 08:52 93 ----a-w- c:\users\Pavel\AppData\Local\fusioncache.dat
2009-11-28 08:52 . 2009-11-27 14:14 -------- d-----w- c:\program files\Microsoft WSE
2009-11-27 15:27 . 2009-10-29 08:16 -------- d-----w- c:\users\Pavel\AppData\Roaming\Autodesk
2009-11-27 15:26 . 2009-11-27 15:26 -------- d-----w- c:\users\Pavel\AppData\Roaming\Ansys
2009-11-27 14:38 . 2009-11-27 14:38 -------- d-----w- c:\program files\Common Files\Autodesk
2009-11-27 14:16 . 2009-11-27 14:15 -------- d-----w- c:\program files\AOEMView 2008
2009-11-25 03:23 . 2009-09-02 15:56 1356 ----a-w- c:\users\Pavel\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-11 17:40 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-11 17:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-11 17:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-11 17:40 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 17:02 . 2009-11-19 17:02 -------- d-----w- c:\program files\Opera
2009-11-19 15:56 . 2009-11-19 15:56 -------- d-----w- c:\program files\uTorrent
2009-11-19 11:40 . 2009-11-19 11:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\.ABC
2009-11-19 11:39 . 2009-11-19 11:38 -------- d-----w- c:\program files\ABC
2009-11-17 09:26 . 2009-11-17 09:26 -------- d-----w- c:\program files\Empire Interactive
2009-11-15 13:16 . 2009-11-15 13:16 -------- d-----w- c:\program files\DVD Shrink
2009-11-09 12:31 . 2009-12-11 17:16 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-11 17:16 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-11 17:16 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-07 15:44 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-12-04 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-28 13:32 . 2009-09-19 15:41 22328 ----a-w- c:\users\Pavel\AppData\Roaming\PnkBstrK.sys
2009-10-28 13:29 . 2009-09-03 17:54 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-28 13:29 . 2009-09-19 15:40 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-16 10:19 . 2009-12-04 14:58 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-11-29 19:47 . 2009-11-29 19:47 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 11:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-02 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-29 30192]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-11 249600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-04-15 440864]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-18 1430824]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2009-02-12 862728]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-03-11 156968]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-11 202024]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-03-05 173288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"bacstray"="c:\program files\Broadcom\BACS\BacsTray.exe" [2006-03-06 118784]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-14 198160]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-22 13740576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-02 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-02 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-02 154136]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-26 565248]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):3e,e6,1a,e3,a9,7a,ca,01

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [3.11.2008 12:51 223232]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [26.3.2009 22:04 57856]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18.6.2009 18:48 42480]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2.9.2009 17:17 29472]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [26.3.2009 22:04 112992]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - PCTSDInjDriver32

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-14 13:19]

2010-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-14 13:19]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\m72cwa59.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-12 06:45
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2669217469-1573396513-1753924385-1000_Classes\VirtualStore\MACHINE\SOFTWARE\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:84,0e,f8,b4,8f,bf,e8,b2,17,9e,b4,fb,1b,90,5e,51,db,ae,e9,94,34,de,e7,
a7,73,61,5d,5d,c3,ca,de,fb,b9,2c,67,9d,f2,84,10,66,60,75,ec,33,59,60,5c,c9,\
"??"=hex:1b,be,6d,88,f0,ff,a9,17,ba,7c,e7,81,4f,7d,dc,f7
.
Celkový čas: 2010-01-12 07:29:35
ComboFix-quarantined-files.txt 2010-01-12 06:20
ComboFix2.txt 2009-12-23 21:00
ComboFix3.txt 2009-12-20 16:28

Před spuštěním: Volných bajtů: 27 143 553 024
Po spuštění: Volných bajtů: 27 168 935 936

- - End Of File - - 3E591FB1EEF2A454A828A142002D546D

Unlimited_Killer

Jdeme na to. Ale že to trvalo tak dlouho, to je mi divné...

~~~

Otevřete si Poznámkový blok a zkopírujte do něj

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\ICQ6Toolbar
C:\Program Files\DAEMON Tools Toolbar

File::
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"=-
"swg"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"TkBellExe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

Extra::
FireFox::
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\m72cwa59.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search

uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (!musí být na Ploše!) a pusťte.

Obrázek

ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem dejte log, který na Vás po dočistění vybafne.

~~~

Stáhněte MBAM a postupujte podle popisu. Zatím nic nemažte, MBAM má občas falešné detekce.
Potom mi sem vložte log.

750 · #7 Příspěvek od **750** » 13 led 2010 00:47

ComboFix

ComboFix 10-01-04.01 - Pavel 13.01.2010 0:16.2.2 - x86
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -

FILE ::
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\ICQ6Toolbar
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-12 do 2010-01-12 )))))))))))))))))))))))))))))))
.

2010-01-12 23:18 . 2010-01-12 23:23 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2010-01-12 23:18 . 2010-01-12 23:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-12 23:18 . 2010-01-12 23:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-10 22:12 . 2010-01-10 22:13 -------- d-----w- C:\rsit
2010-01-06 20:50 . 2010-01-11 18:26 -------- d-----w- c:\users\Pavel\AppData\Roaming\vlc
2010-01-06 20:49 . 2010-01-06 20:49 -------- d-----w- c:\program files\VideoLAN
2010-01-03 20:32 . 2010-01-03 20:32 -------- d-----w- C:\FPC
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-22 11:32 . 2009-12-28 13:02 -------- d-----w- c:\users\Pavel\AppData\Roaming\Vso
2009-12-22 11:32 . 2007-03-18 20:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-12-22 11:32 . 2006-09-29 12:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-12-22 11:32 . 2006-09-29 12:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-12-22 11:32 . 2006-09-29 12:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-12-22 11:32 . 2006-05-20 16:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-12-22 11:32 . 2006-05-11 19:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-12-22 11:32 . 2004-05-04 11:53 1645320 ----a-w- c:\windows\gdiplus.dll
2009-12-22 11:32 . 2009-12-22 11:32 -------- d-----w- c:\program files\VSO
2009-12-18 15:43 . 2009-12-18 15:43 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-18 14:41 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-18 14:41 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-18 14:41 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-18 14:39 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-12-18 14:39 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-12-18 14:39 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-12-18 14:39 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-12-18 14:39 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-12-18 14:39 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-12-18 14:39 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-12-18 14:39 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-12-18 14:39 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-12-18 14:39 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-12-18 14:39 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-12-18 14:38 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-18 14:38 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-18 14:38 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-16 16:40 . 2009-12-16 16:40 -------- d-----w- C:\Downloads
2009-12-16 16:37 . 2009-12-16 16:37 -------- d-----w- c:\users\Pavel\AppData\Roaming\FlashGet
2009-12-16 16:36 . 2009-12-16 16:40 -------- d-----w- c:\program files\FlashGet
2009-12-16 10:11 . 2009-12-17 14:27 -------- d-----w- c:\program files\JDownloader
2009-12-16 10:10 . 2009-12-16 10:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 10:10 . 2009-12-16 10:10 -------- d-----w- c:\program files\Java
2009-12-15 12:23 . 2009-12-15 12:27 -------- d-----w- c:\program files\Call of Duty

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-12 23:18 . 2009-09-02 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-12 17:30 . 2008-01-21 06:46 654120 ----a-w- c:\windows\system32\perfh005.dat
2010-01-12 17:30 . 2008-01-21 06:46 142832 ----a-w- c:\windows\system32\perfc005.dat
2010-01-11 16:57 . 2009-09-19 15:32 -------- d-----w- c:\users\Pavel\AppData\Roaming\uTorrent
2010-01-11 15:14 . 2009-10-30 08:11 -------- d-----w- c:\program files\Spyware Doctor
2010-01-10 22:13 . 2009-11-28 11:41 -------- d-----w- c:\program files\trend micro
2010-01-10 21:07 . 2009-09-02 16:48 47151 ----a-w- c:\programdata\nvModes.dat
2010-01-07 20:35 . 2009-09-20 20:56 -------- d-----w- c:\users\Pavel\AppData\Roaming\BSplayer PRO
2009-12-31 19:12 . 2009-09-03 17:54 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-31 19:12 . 2009-09-03 17:54 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\users\Pavel\AppData\Roaming\pcouffin.sys
2009-12-22 11:32 . 2009-12-22 11:32 47360 ----a-w- c:\users\Pavel\AppData\Roaming\pcouffin.sys
2009-12-22 11:20 . 2009-11-15 13:16 -------- d-----w- c:\programdata\DVD Shrink
2009-12-20 16:00 . 2009-09-03 16:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-20 15:44 . 2009-09-02 15:59 151376 ----a-w- c:\users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-20 11:12 . 2009-09-03 16:44 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-18 15:43 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-18 15:42 . 2009-12-18 15:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-16 16:09 . 2009-03-26 14:20 -------- d-----w- c:\program files\Acer GameZone
2009-12-16 15:53 . 2009-03-26 14:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-16 15:42 . 2009-09-19 15:37 -------- d-----w- c:\program files\Ubisoft
2009-12-14 19:39 . 2009-09-06 19:32 -------- d-----w- c:\programdata\NVIDIA
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-11 21:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-11 21:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-12-11 17:24 . 2009-03-26 14:13 -------- d-----w- c:\programdata\Microsoft Help
2009-12-09 17:39 . 2009-12-09 17:39 -------- d-----w- c:\program files\Image Grabber II
2009-12-08 21:38 . 2009-12-08 21:38 -------- d--h--r- c:\programdata\SecuROM
2009-12-08 21:38 . 2009-12-08 21:38 221184 ----a-w- c:\windows\system32\UAService7.exe
2009-12-08 21:31 . 2009-12-08 21:31 -------- d-----w- c:\program files\Atari
2009-12-08 18:03 . 2009-09-03 17:50 -------- d-----w- c:\program files\Electronic Arts
2009-12-04 15:22 . 2009-10-04 21:08 -------- d-----w- c:\programdata\Codemasters
2009-12-04 14:58 . 2009-12-04 14:58 -------- d-----w- c:\program files\BRS
2009-12-04 14:57 . 2009-10-04 20:34 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 14:57 . 2009-10-04 20:34 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 14:57 . 2009-10-04 20:34 -------- d-----w- c:\program files\OpenAL
2009-12-04 14:09 . 2009-10-04 19:56 -------- d-----w- c:\program files\Codemasters
2009-12-04 02:13 . 2009-03-26 14:14 -------- d-----w- c:\program files\Microsoft Works
2009-12-03 22:18 . 2009-09-03 16:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-12-02 18:30 . 2009-12-02 18:29 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-11-30 23:09 . 2009-11-08 21:02 -------- d-----w- c:\programdata\Ubisoft
2009-11-30 23:06 . 2009-11-30 23:06 10134 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-28 19:39 . 2009-11-28 19:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\Acer
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0009\tmpD78D.tmp
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0005\tmpD78D.tmp
2009-11-28 10:02 . 2009-11-28 10:02 3860 ----a-w- c:\windows\inf\Autodesk PLM Performance\0000\tmpD78D.tmp
2009-11-28 09:27 . 2009-10-29 08:16 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-11-28 09:14 . 2009-11-27 14:13 -------- d-----w- c:\program files\Autodesk
2009-11-28 09:14 . 2009-10-29 08:16 -------- d-----w- c:\programdata\Autodesk
2009-11-28 09:03 . 2009-11-28 09:03 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-28 08:52 . 2009-11-28 08:52 93 ----a-w- c:\users\Pavel\AppData\Local\fusioncache.dat
2009-11-28 08:52 . 2009-11-27 14:14 -------- d-----w- c:\program files\Microsoft WSE
2009-11-27 15:27 . 2009-10-29 08:16 -------- d-----w- c:\users\Pavel\AppData\Roaming\Autodesk
2009-11-27 15:26 . 2009-11-27 15:26 -------- d-----w- c:\users\Pavel\AppData\Roaming\Ansys
2009-11-27 14:38 . 2009-11-27 14:38 -------- d-----w- c:\program files\Common Files\Autodesk
2009-11-27 14:16 . 2009-11-27 14:15 -------- d-----w- c:\program files\AOEMView 2008
2009-11-27 14:14 . 2009-11-27 14:14 10134 ----a-r- c:\users\Pavel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-11-25 03:23 . 2009-09-02 15:56 1356 ----a-w- c:\users\Pavel\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-11 17:40 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-11 17:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-11 17:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-11 17:40 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 17:02 . 2009-11-19 17:02 -------- d-----w- c:\program files\Opera
2009-11-19 15:56 . 2009-11-19 15:56 -------- d-----w- c:\program files\uTorrent
2009-11-19 11:40 . 2009-11-19 11:39 -------- d-----w- c:\users\Pavel\AppData\Roaming\.ABC
2009-11-19 11:39 . 2009-11-19 11:38 -------- d-----w- c:\program files\ABC
2009-11-17 09:26 . 2009-11-17 09:26 -------- d-----w- c:\program files\Empire Interactive
2009-11-15 13:16 . 2009-11-15 13:16 -------- d-----w- c:\program files\DVD Shrink
2009-11-09 12:31 . 2009-12-11 17:16 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-11 17:16 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-11 17:16 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-07 15:44 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-12-04 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-29 08:30 . 2009-10-29 08:30 36864 ----a-w- c:\users\Pavel\AppData\Roaming\Autodesk\AutoCAD 2010\R18.0\csy\ContextualTabSelectorRules.dll
2009-10-28 13:32 . 2009-09-19 15:41 22328 ----a-w- c:\users\Pavel\AppData\Roaming\PnkBstrK.sys
2009-10-28 13:32 . 2009-09-19 15:41 22328 ----a-w- c:\users\Pavel\AppData\Roaming\PnkBstrK.sys
2009-10-28 13:29 . 2009-09-03 17:54 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-28 13:29 . 2009-09-19 15:40 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-16 10:19 . 2009-12-04 14:58 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-11-29 19:47 . 2009-11-29 19:47 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 11:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-29 30192]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-11 249600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-04-15 440864]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-18 1430824]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2009-02-12 862728]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-03-11 156968]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-11 202024]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-03-05 173288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"bacstray"="c:\program files\Broadcom\BACS\BacsTray.exe" [2006-03-06 118784]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-22 13740576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-02 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-02 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-02 154136]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-26 565248]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):3e,e6,1a,e3,a9,7a,ca,01

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [31.10.2009 23:44 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [31.10.2009 23:44 112592]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2.9.2009 17:39 75048]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [26.3.2009 15:28 703008]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
R2 mwlPSDFilter;mwlPSDFilter;c:\windows\System32\drivers\mwlPSDFilter.sys [9.10.2008 16:47 19504]
R2 mwlPSDNServ;mwlPSDNServ;c:\windows\System32\drivers\mwlPSDNserv.sys [9.10.2008 16:47 16432]
R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\System32\drivers\mwlPSDVDisk.sys [9.10.2008 16:47 59952]
R2 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\MWLService.exe [27.10.2008 12:05 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [11.4.2009 18:32 61184]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 14:11 144632]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [26.3.2009 15:58 237568]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [3.11.2008 12:51 223232]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [26.3.2009 22:04 57856]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [26.3.2009 22:04 112992]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18.6.2009 18:48 42480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [26.3.2009 22:04 3715072]
S2 gupdate1ca4cd0f4896ce0;Služba Google Update (gupdate1ca4cd0f4896ce0);c:\program files\Google\Update\GoogleUpdate.exe [14.10.2009 14:19 133104]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2.9.2009 17:17 29472]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26.3.2009 15:20 30192]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 14:11 50424]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [31.10.2009 23:44 358600]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3.9.2009 17:44 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\m72cwa59.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-13 00:20
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2669217469-1573396513-1753924385-1000_Classes\VirtualStore\MACHINE\SOFTWARE\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:84,0e,f8,b4,8f,bf,e8,b2,17,9e,b4,fb,1b,90,5e,51,db,ae,e9,94,34,de,e7,
a7,73,61,5d,5d,c3,ca,de,fb,b9,2c,67,9d,f2,84,10,66,60,75,ec,33,59,60,5c,c9,\
"??"=hex:1b,be,6d,88,f0,ff,a9,17,ba,7c,e7,81,4f,7d,dc,f7
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4316)
c:\windows\system32\NVSVC.DLL
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlUI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\GDIExtendCtrl.dll
c:\program files\EgisTec\MyWinLocker 3\x86\mwlOP.dll
c:\program files\EgisTec\MyWinLocker 3\x86\CryptoAPI.dll
c:\program files\EgisTec\MyWinLocker 3\x86\ShowErrMsg.dll
c:\program files\Acer\Acer PowerSmart Manager\SysHook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\conime.exe
c:\program files\Acer\Acer PowerSmart Manager\ePowerTray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2010-01-13 00:31:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-12 23:31
ComboFix2.txt 2010-01-12 06:29
ComboFix3.txt 2009-12-23 21:00
ComboFix4.txt 2009-12-20 16:28

Před spuštěním: Volných bajtů: 27 706 007 552
Po spuštění: Volných bajtů: 27 667 746 816

- - End Of File - - 2972F6041E2401C9C64714157E6EDA91

MBAM
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3551
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

13.1.2010 0:46:30
mbam-log-2010-01-13 (00-46-30).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 112208
Uplynulý čas: 7 minute(s), 26 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Unlimited_Killer

Jak se chová PC?

750 · #9 Příspěvek od **750** » 13 led 2010 09:55

PC je evidentne rychlejsi,jde na nem uz skoro vsechno,ale obcas sem tam nejaky program neodpovida

Unlimited_Killer

Až budu doma, ještě Vám dopíšu dočistění.

Unlimited_Killer

Dokončíme.

~~~

Odinstalujte ComboFix
Start >> Spustit >> vkopírujte do okénka:

Kód: Vybrat vše

ComboFix /Uninstall

>> stiskněte Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.

~~~

Spusťte opět OTM, ale tentokrát klikněte na 'CleanUp!' [vizte obrázek].

~~~

Zkuste pročistit PC CCleanerem.
Nainstalujte, jen dávejte pozor a při instalaci odfajfkujte položku Instalovat Yahoo! Toolbar.
Spusťte.

Záložka Čistič -> nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.

Záložka Registry > klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.

CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

~~~

Po těchto mým 'zákrocích' Vám nebudou fungovat automatické aktualizace například Javy (spouštěly se zbytečně hned po startu systému a zatěžovaly RAM).
Proto doporučuji stáhnout si prográmek jménem FileHippo Update Checker, který stačit jednou týdně spustit a přehledně Vám zobrazí, který software je neaktuální.

~~~

Zkuste defragmentovat disk. Buď pomocí integrovaného Windowsáckého nástroje (není moc dobrý), nebo například přes Defraggler. Dobré zkušenosti mám taky s jednoduchým JKDefrag, který se nemusí instalovat.

~~~

Po tom, co vše uděláte, můžete přihodit závěrečný RSIT log.

750 · #12 Příspěvek od **750** » 22 led 2010 11:17

Logfile of random's system information tool 1.06 (written by random/random)
Run by Pavel at 2010-01-22 11:07:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 27 GB (6%) free of 461 GB
Total RAM: 3001 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:37, on 22.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pavel\Desktop\Pocitac\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca4cd0f4896ce0) (gupdate1ca4cd0f4896ce0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 10269 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-10-08 395216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-14 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-28 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-28 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2009-10-08 395216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-11 249600]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-04-15 440864]
"EgisTecLiveUpdate"=C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [2008-10-27 199464]
"mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2008-10-27 346672]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-18 1430824]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2009-02-12 862728]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-03-11 156968]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-03-11 202024]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-03-05 173288]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"bacstray"=C:\Program Files\Broadcom\BACS\BacsTray.exe [2006-03-06 118784]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-22 13740576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-03-02 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-03-02 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-03-02 154136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-11-02 155648]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-02 68856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-12-23 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-22 11:07:28 ----D---- C:\rsit
2010-01-19 21:16:05 ----D---- C:\Users\Pavel\AppData\Roaming\dvdcss
2010-01-19 10:18:39 ----D---- C:\Program Files\Sierra
2010-01-17 14:36:48 ----D---- C:\ProgramData\AirportMania
2010-01-17 11:18:22 ----D---- C:\Program Files\Techland
2010-01-15 22:24:50 ----D---- C:\Program Files\Defraggler
2010-01-14 10:21:29 ----D---- C:\Program Files\FileHippo.com
2010-01-14 10:15:25 ----D---- C:\Program Files\CCleaner
2010-01-13 00:38:19 ----D---- C:\Users\Pavel\AppData\Roaming\Malwarebytes
2010-01-13 00:38:12 ----D---- C:\ProgramData\Malwarebytes
2010-01-13 00:38:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-13 00:36:21 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 00:36:20 ----A---- C:\Windows\system32\fontsub.dll
2010-01-13 00:31:15 ----D---- C:\Windows\temp
2010-01-13 00:30:27 ----SHD---- C:\$RECYCLE.BIN
2010-01-06 21:50:39 ----D---- C:\Users\Pavel\AppData\Roaming\vlc
2010-01-06 21:49:00 ----D---- C:\Program Files\VideoLAN
2010-01-03 21:32:48 ----D---- C:\FPC

======List of files/folders modified in the last 1 months======

2010-01-22 11:07:37 ----D---- C:\Windows\Prefetch
2010-01-22 11:07:30 ----D---- C:\Program Files\trend micro
2010-01-22 10:39:00 ----AD---- C:\ProgramData\Temp
2010-01-22 08:02:55 ----D---- C:\Windows\System32
2010-01-22 08:02:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-22 08:02:54 ----D---- C:\Windows\inf
2010-01-22 07:09:59 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2010-01-21 19:40:06 ----D---- C:\Windows\system32\catroot
2010-01-21 19:39:59 ----D---- C:\Windows\winsxs
2010-01-21 18:53:56 ----SHD---- C:\System Volume Information
2010-01-21 08:27:44 ----D---- C:\Windows\system32\catroot2
2010-01-19 20:12:00 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-01-19 10:31:11 ----RSD---- C:\Windows\assembly
2010-01-19 10:19:11 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-19 10:18:39 ----RD---- C:\Program Files
2010-01-19 09:02:21 ----D---- C:\Windows
2010-01-17 14:36:48 ----D---- C:\ProgramData
2010-01-17 14:15:09 ----D---- C:\ProgramData\TrackMania
2010-01-17 11:24:45 ----SHD---- C:\Windows\Installer
2010-01-17 11:24:43 ----D---- C:\Config.Msi
2010-01-17 11:11:24 ----D---- C:\Windows\system32\drivers
2010-01-15 18:19:34 ----D---- C:\ProgramData\Microsoft Help
2010-01-15 18:18:22 ----D---- C:\Program Files\Windows Mail
2010-01-15 18:14:47 ----D---- C:\Windows\Debug
2010-01-14 15:44:34 ----D---- C:\Program Files\JDownloader
2010-01-14 11:15:18 ----D---- C:\Program Files\Mozilla Firefox
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-14 10:16:14 ----D---- C:\Windows\Minidump
2010-01-14 10:07:00 ----D---- C:\Windows\ERDNT
2010-01-13 00:21:11 ----A---- C:\Windows\system.ini
2010-01-13 00:17:27 ----D---- C:\Windows\Tasks
2010-01-12 01:12:11 ----D---- C:\Windows\AppPatch
2010-01-12 01:12:01 ----D---- C:\Program Files\Common Files
2010-01-11 16:14:45 ----D---- C:\Program Files\Spyware Doctor
2010-01-07 21:35:35 ----D---- C:\Users\Pavel\AppData\Roaming\BSplayer PRO
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2010-01-01 10:50:52 ----D---- C:\Windows\system32\WDI
2009-12-28 14:02:14 ----D---- C:\Users\Pavel\AppData\Roaming\Vso
2009-12-23 20:31:02 ----D---- C:\Windows\system32\config
2009-12-23 20:31:02 ----D---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R2 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-10-09 19504]
R2 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-10-09 16432]
R2 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-10-09 59952]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-11-03 223232]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2005-12-18 57856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-10 2358112]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-02-25 112992]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-30 3715072]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-22 9510848]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-12-22 47360]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2005-12-18 205232]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-04-10 84256]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-03-24 106784]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-03-24 17056]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2008-01-30 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2005-12-26 153952]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-20 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2009-10-08 112592]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-04-13 578848]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-03-06 75048]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-04-15 703008]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2008-10-27 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-11 61184]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-22 211488]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-10-28 66872]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
S2 gupdate1ca4cd0f4896ce0;Služba Google Update (gupdate1ca4cd0f4896ce0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-11-27 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-29 651720]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-09-23 358600]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-09-23 1141200]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]

-----------------EOF-----------------

Unlimited_Killer

Už tam nic nevidím. Jen Vám vypnu onen Update Checker po startu - stačí ho spustit +- jednou týdně.

~~~

Spusťte Poznámkový blok [Start > Spustit > notepad > Enter].
Do něho vkopírujte následující text:

Kód: Vybrat vše

Windows Registry Editor Version 5.00 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"=-
"swg"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

Uložte například na Plochu jako oprava.reg [viz obrázek] a dvojklikem spusťte.

Poté restartujte PC.

~~~

Spusťte přejmenované HiJackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_usera.exe
Klikněte na 'Do a system scan only'.
U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)

Pokud by tam nějaká položka nebyla, vynechte ji.

~~~

Nakonec ještě připojte subjektivní popis toho, jak se chová PC + nový RSIT log.

VIRY.CZ

CPU jede na 100%, a diky tomu nejde vetsina programu

CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu

Re: CPU jede na 100%, a diky tomu nejde vetsina programu