kontrola logu?

[RudolfIV]

Prosím vás, zkontrolovali byste log z hijackthis, notebook acer extensa 5220, win vista někdy zamrzá a je dost líný, děkuju moc.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:51, on 31.1.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\ASUS\EZVCR\Agent.exe
C:\Program Files\ASUS\EZVCR\ASUS_IRAppl.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{C279F539-5BC6-4E7D-8C4E-33242D90BB3A}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: EZSERVICE - Unknown owner - C:\Program Files\ASUS\EZVCR\EZSERVICE.exe
O23 - Service: Služba Google Update (gupdate1c9fb1e98b15ff0) (gupdate1c9fb1e98b15ff0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

--
End of file - 11701 bytes

[Reklama]

[bledulka]

Ahoj,

Přes přidat odebrat programy odinstaluj toolbary, které nepoužíváš
Dealio Toolbar
IObitCom Toolbar
Google Toolbar
ICQToolBar
Toolbar: Grab Pro

*********************


Spustíš program HJT
-klikni na tlačítko Do a system scan and save a logfile
-Vyběhne tabulka, na začátku každého řádku je čtvereček.
-U řádku , který jsem označila, dáš do čtverečku
fajfku

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O13 - Gopher Prefix:



-nakonec zmáčkneš tlačítko Fix checked


Tyto IP adresy znáš,. máš ve smlouvě s providerem?
NameServer = 62.141.0.1 213.162.65.1


****************************

Stahni CCleaner http://www.filehippo.com/download_cclea ... cbae6b492/
-nainstaluj (neinstaluj Yahoo toolbar)

-zvol záložku Čistič
-nechej v levém sloupečku zatrhnuté vše jak je a zmáčkni tlačítko analyzovat
-pak potvrď tlačítko Spustit Ccleaner
-tím se vyčistí počítač od dočasných soubborů, doporučuji pravidelně používat.

-vyber záložku registry
-klikni na tlačítko hledej problémy
-pak klikni na opravit vybrané problémy, potvrď, že chceš udělat zálohu a nech všechno opravit

**********************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde


*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log

[RudolfIV]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarka at 2010-07-24 21:58:07
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 9 GB (26%) free of 33 GB
Total RAM: 1014 MB (9% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:24, on 24.7.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\Jarka\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jarka\Downloads\RSIT.exe
C:\Program Files\trend micro\Jarka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{979CA291-4B44-046F-FB23-D128858E99F5}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Služba Google Update (gupdate1c9fb1e98b15ff0) (gupdate1c9fb1e98b15ff0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

--
End of file - 12795 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{D6669650-E840-44D1-A863-F23B508F4A8A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2010-01-07 240912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-05-07 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B2C7C9D-716D-4e9e-9358-B9C80A81B7ED}]
Adparatus - C:\Program Files\Adparatus\Adparatus.dll [2009-03-16 705232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-14 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
Reganam Toolbar - C:\Program Files\Reganam\tbReg0.dll [2008-04-03 1523736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\Dealio Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-01 1107608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2010-01-07 662720]
{db9d7a78-a76c-4bf2-97c6-258925ee1542} - Reganam Toolbar - C:\Program Files\Reganam\tbReg0.dll [2008-04-03 1523736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]
"Skytel"=C:\Windows\Skytel.exe [2007-05-29 1826816]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-05-07 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-02 39408]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-03-01 451224]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-10-10 203264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2007-04-05 154392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2007-04-05 138008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-15 850704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2007-04-05 133912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-05-29 4472832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Dealio Toolbar\SearchSettings.exe [2009-07-29 1024512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-05-29 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2006-10-23 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-01-19 711472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~1\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2008-01-28 258048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-03-30 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-24 21:58:07 ----D---- C:\rsit
2010-07-24 21:51:40 ----D---- C:\Program Files\CCleaner
2010-07-23 16:25:23 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2010-07-23 16:25:22 ----A---- C:\Windows\system32\WUDFSvc.dll
2010-07-23 16:25:22 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2010-07-23 16:25:22 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2010-07-23 16:25:21 ----A---- C:\Windows\system32\WUDFPlatform.dll
2010-07-23 16:25:21 ----A---- C:\Windows\system32\WUDFHost.exe
2010-07-23 16:25:20 ----A---- C:\Windows\system32\WUDFx.dll
2010-07-23 16:14:33 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2010-07-23 16:14:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2010-07-23 16:12:22 ----D---- C:\Users\Jarka\AppData\Roaming\PC Suite
2010-07-23 16:11:39 ----D---- C:\Users\Jarka\AppData\Roaming\Nokia
2010-07-23 16:11:35 ----D---- C:\ProgramData\PC Suite
2010-07-23 16:06:54 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-23 16:06:46 ----D---- C:\Program Files\Common Files\Nokia
2010-07-23 16:06:29 ----D---- C:\Program Files\DIFX
2010-07-23 16:06:29 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-23 16:06:16 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-23 16:06:00 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-23 16:05:25 ----D---- C:\Program Files\Nokia
2010-07-23 16:03:40 ----D---- C:\ProgramData\Installations
2010-07-22 18:49:38 ----D---- C:\Program Files\Rubber Ninjas
2010-07-07 20:29:49 ----D---- C:\ProgramData\WindowsSearch
2010-06-28 15:11:33 ----D---- C:\Program Files\MSXML 4.0
2010-06-26 10:25:34 ----D---- C:\Sounds
2010-06-26 10:07:59 ----A---- C:\Windows\system32\drivers\lgusbmodem.sys
2010-06-26 10:07:59 ----A---- C:\Windows\system32\drivers\lgusbdiag.sys
2010-06-26 10:07:59 ----A---- C:\Windows\system32\drivers\lgusbbus.sys
2010-06-26 10:07:58 ----D---- C:\Program Files\LG Electronics
2010-06-26 10:06:19 ----A---- C:\Windows\system32\NMSDVDXU.dll
2010-06-26 10:06:03 ----D---- C:\Users\Jarka\AppData\Roaming\LG Electronics
2010-06-26 10:06:02 ----D---- C:\Program Files\LG PC Suite II
2010-06-26 10:05:27 ----D---- C:\Users\Jarka\AppData\Roaming\InstallShield
2010-06-25 08:31:44 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-25 08:31:44 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-25 08:31:43 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-25 08:31:43 ----A---- C:\Windows\system32\mscoree.dll
2010-06-25 08:31:43 ----A---- C:\Windows\system32\dfshim.dll

======List of files/folders modified in the last 1 months======

2010-07-24 21:58:24 ----D---- C:\Program Files\Trend Micro
2010-07-24 21:58:12 ----D---- C:\Windows\Temp
2010-07-24 21:53:28 ----D---- C:\Windows\Debug
2010-07-24 21:53:28 ----D---- C:\Windows
2010-07-24 21:51:40 ----RD---- C:\Program Files
2010-07-24 21:45:28 ----AD---- C:\Windows\System32
2010-07-24 21:45:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-24 21:45:27 ----D---- C:\Windows\inf
2010-07-24 21:40:06 ----D---- C:\Windows\tracing
2010-07-24 15:08:45 ----D---- C:\Program Files\RelevantKnowledge
2010-07-24 08:01:34 ----D---- C:\Windows\rescache
2010-07-24 07:45:08 ----AD---- C:\Windows\system32\drivers
2010-07-23 19:01:11 ----D---- C:\Windows\system32\cs-CZ
2010-07-23 16:26:25 ----D---- C:\Windows\winsxs
2010-07-23 16:26:08 ----D---- C:\Windows\system32\catroot
2010-07-23 16:24:40 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-23 16:18:46 ----D---- C:\Windows\system32\wbem
2010-07-23 16:18:46 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-07-23 16:13:30 ----D---- C:\Windows\SoftwareDistribution
2010-07-23 16:11:35 ----HD---- C:\ProgramData
2010-07-23 16:07:21 ----SHD---- C:\Windows\Installer
2010-07-23 16:06:54 ----D---- C:\Program Files\Common Files
2010-07-23 16:06:28 ----D---- C:\Windows\system32\catroot2
2010-07-23 08:22:27 ----D---- C:\Windows\Prefetch
2010-07-22 18:49:22 ----D---- C:\Windows\system32\Tasks
2010-07-19 17:29:45 ----D---- C:\Program Files\ICQ7.0
2010-07-19 17:29:15 ----D---- C:\Users\Jarka\AppData\Roaming\ICQ
2010-07-15 10:16:15 ----D---- C:\Program Files\Windows Mail
2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe
2010-06-26 10:21:26 ----D---- C:\Program Files\Google
2010-06-26 10:07:58 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-25 08:52:41 ----D---- C:\Windows\Microsoft.NET
2010-06-25 08:52:13 ----RSD---- C:\Windows\assembly
2010-06-25 08:47:39 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-03-21 304920]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 Ethpdrv;Ethernet Packet Driver; C:\Windows\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-03-02 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-06-15 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-30 1671680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-31 1780576]
R3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-25 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-25 290304]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-09 179712]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-09 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-01-09 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-09 16560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 PAC207;Eye 110; C:\Windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 uxkx1;ASUS My Cinema U3100 Mini DVBT; C:\Windows\system32\DRIVERS\uxkx1.sys [2008-02-15 459264]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-09-28 109056]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-01-19 441136]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-14 24576]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-02-13 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-05-10 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe [2010-04-15 49792]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-04-03 272024]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-05-16 163840]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
R2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2009-12-08 55016]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 gupdate1c9fb1e98b15ff0;Služba Google Update (gupdate1c9fb1e98b15ff0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 190448]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

-----------------EOF-----------------

[RudolfIV]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4345

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

24.7.2010 23:04:48
mbam-log-2010-07-24 (23-04-48).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 243512
Uplynulý čas: 1 hodina(y), 1 minuta(y), 32 sekunda(y)

Infikované procesy v paměti: 2
Infikované moduly v paměti: 3
Infikované klíče registru: 16
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 9
Infikované soubory: 32

Infikované procesy v paměti:
C:\Program Files\RelevantKnowledge\rlservice.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> No action taken.

Infikované moduly v paměti:
C:\Program Files\RelevantKnowledge\rlls.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\msvcp71.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\msvcr71.dll (Spyware.MarketScore) -> No action taken.

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{d0b60438-57e7-44de-8f8e-6c3bf305d430} (Adware.Adparatus) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{a4bca928-b566-49c6-aef1-50bf8673f5cf} (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adparatus (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\Software\AppDataLow\Software\MarketPrecision (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\Software\MarketPrecision\Adparatus (Adware.Adparatus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MarketPrecision\Adparatus (Adware.Adparatus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files\Adparatus (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557 (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557\components (Adware.Adparatus) -> No action taken.
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\components (Spyware.MarketScore) -> No action taken.
C:\Users\Jarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adparatus (Adware.Adparatus) -> No action taken.
C:\Users\Jarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adparatus\Adparatus (Adware.Adparatus) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> No action taken.

Infikované soubory:
C:\Program Files\RelevantKnowledge\rlls.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlservice.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\Adparatus\Adparatus.dll (Adware.Adparatus) -> No action taken.
C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Adware.WidgiToolbar) -> No action taken.
C:\Program Files\Dealio Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls64.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlph.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\rlxf.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\RelevantKnowledge\components\rlxg.dll (Adware.RelevantKnowledge) -> No action taken.
C:\Program Files\Rubber Ninjas\Uninstall.exe (Malware.Packer.Krunchy) -> No action taken.
C:\Program Files\SeekappSrch\seekappsrch.exe (Adware.Ziniky) -> No action taken.
C:\Program Files\Adparatus\Adparatus.exe (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\Adparatus.ico (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\Support.url (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\Uninstall.exe (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557\chrome.manifest (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557\install.rdf (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557\components\Adparatus2557.dll (Adware.Adparatus) -> No action taken.
C:\Program Files\Adparatus\FF\2557\components\MSWBCtl2557.dll (Adware.Adparatus) -> No action taken.
C:\Program Files\RelevantKnowledge\install.rdf (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\msvcp71.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\msvcr71.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
C:\Users\Jarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adparatus\Adparatus\About Adparatus.lnk (Adware.Adparatus) -> No action taken.
C:\Users\Jarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adparatus\Adparatus\Adparatus Support.lnk (Adware.Adparatus) -> No action taken.
C:\Users\Jarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adparatus\Adparatus\Uninstall Adparatus.lnk (Adware.Adparatus) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.

[bledulka]

Co našel mbam, smaž


Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano

- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna

- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.

[RudolfIV]

ComboFix 10-07-24.01 - Jarka 25.07.2010 8:51.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1014.281 [GMT 2:00]
Spuštěný z: c:\users\Jarka\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\config.ini
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\separator.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\SearchSettings.dll
c:\program files\Dealio Toolbar\SearchSettings.exe
c:\program files\Dealio Toolbar\SearchSettingsRes409.dll
c:\program files\Dealio Toolbar\sscfg.ini
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\install.rdf
c:\program files\RelevantKnowledge\msvcp71.dll
c:\program files\RelevantKnowledge\msvcr71.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\SeekappSrch
c:\program files\SeekappSrch\uninstall.exe
c:\programdata\SeekappSrch

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_RelevantKnowledge


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-25 do 2010-07-25 )))))))))))))))))))))))))))))))
.

2010-07-25 07:03 . 2010-07-25 07:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-24 19:59 . 2010-07-24 19:59 -------- d-----w- c:\users\Jarka\AppData\Roaming\Malwarebytes
2010-07-24 19:58 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- c:\programdata\Malwarebytes
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-24 19:58 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- C:\rsit
2010-07-24 19:51 . 2010-07-24 19:51 -------- d-----w- c:\program files\CCleaner
2010-07-23 14:25 . 2009-07-14 17:45 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2010-07-23 14:25 . 2009-07-14 17:48 64512 ----a-w- c:\windows\system32\WUDFSvc.dll
2010-07-23 14:25 . 2009-07-14 17:48 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2010-07-23 14:25 . 2009-07-14 17:45 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2010-07-23 14:25 . 2009-07-14 17:48 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll
2010-07-23 14:25 . 2009-07-14 17:45 195584 ----a-w- c:\windows\system32\WUDFHost.exe
2010-07-23 14:25 . 2009-07-14 17:48 567808 ----a-w- c:\windows\system32\WUDFx.dll
2010-07-23 14:14 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-07-23 14:14 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-07-23 14:12 . 2010-07-23 14:24 -------- d-----w- c:\users\Jarka\AppData\Roaming\PC Suite
2010-07-23 14:11 . 2010-07-23 14:25 -------- d-----w- c:\users\Jarka\AppData\Roaming\Nokia
2010-07-23 14:11 . 2010-07-23 14:24 -------- d-----w- c:\programdata\PC Suite
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-23 14:06 . 2010-07-23 14:07 -------- d-----w- c:\program files\DIFX
2010-07-23 14:06 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-23 14:06 . 2010-07-23 14:06 -------- dc----w- c:\windows\system32\DRVSTORE
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-23 14:05 . 2010-07-23 14:06 -------- d-----w- c:\program files\Nokia
2010-07-23 14:03 . 2010-07-23 14:03 -------- d-----w- c:\programdata\Installations
2010-07-22 16:49 . 2010-07-25 06:31 -------- d-----w- c:\program files\Rubber Ninjas
2010-07-07 18:29 . 2010-07-07 18:29 -------- d-----w- c:\programdata\WindowsSearch
2010-06-28 13:11 . 2010-06-28 13:11 -------- d-----w- c:\program files\MSXML 4.0
2010-06-26 08:25 . 2010-06-26 08:25 -------- d-----w- C:\Sounds
2010-06-26 08:07 . 2008-11-11 11:42 24832 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2010-06-26 08:07 . 2008-11-11 11:41 19968 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
2010-06-26 08:07 . 2008-11-11 11:41 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2010-06-26 08:07 . 2010-06-26 08:07 -------- d-----w- c:\program files\LG Electronics
2010-06-26 08:06 . 2007-11-08 14:26 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-06-26 08:06 . 2010-06-26 08:06 -------- d-----w- c:\users\Jarka\AppData\Roaming\LG Electronics
2010-06-26 08:06 . 2010-07-19 16:15 -------- d-----w- c:\program files\LG PC Suite II
2010-06-26 08:05 . 2010-06-26 08:05 -------- d-----w- c:\users\Jarka\AppData\Roaming\InstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-25 07:04 . 2007-10-03 09:03 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-25 06:54 . 2007-07-25 19:22 648800 ----a-w- c:\windows\system32\perfh005.dat
2010-07-25 06:54 . 2007-07-25 19:22 133726 ----a-w- c:\windows\system32\perfc005.dat
2010-07-25 06:31 . 2009-07-30 20:31 -------- d-----w- c:\program files\Adparatus
2010-07-24 21:15 . 2010-05-11 16:32 680 ----a-w- c:\users\Jarka\AppData\Local\d3d9caps.dat
2010-07-24 19:58 . 2010-01-31 13:23 -------- d-----w- c:\program files\Trend Micro
2010-07-24 05:45 . 2010-07-24 05:45 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-07-23 14:16 . 2010-07-23 14:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-23 14:16 . 2010-07-23 14:16 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-23 14:03 . 2010-07-23 14:03 95232 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-07-23 14:03 . 2010-07-23 14:03 8192 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-07-23 14:03 . 2010-07-23 14:03 61440 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-07-23 14:03 . 2010-07-23 14:03 10240 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-07-23 14:02 . 2010-07-23 14:04 36684048 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
2010-07-19 15:29 . 2010-01-19 19:56 -------- d-----w- c:\program files\ICQ7.0
2010-07-19 15:29 . 2010-01-19 19:57 -------- d-----w- c:\users\Jarka\AppData\Roaming\ICQ
2010-07-19 07:28 . 2009-10-13 16:06 1 ----a-w- c:\users\Jarka\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-07-15 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-26 08:21 . 2009-07-02 14:01 -------- d-----w- c:\program files\Google
2010-06-26 08:20 . 2010-06-26 08:20 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1E4C.tmp.exe
2010-06-26 08:07 . 2007-07-25 09:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-20 12:48 . 2010-06-20 12:48 -------- d-----w- c:\programdata\Gemfor
2010-06-20 08:03 . 2010-06-20 07:44 -------- d-----w- c:\program files\OpenVPN
2010-06-14 13:33 . 2007-07-25 10:23 -------- d-----w- c:\programdata\Microsoft Help
2010-05-26 17:06 . 2010-06-13 09:09 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-13 09:09 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 08:15 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-07 20:54 . 2010-05-07 20:54 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-07 20:54 . 2010-05-07 20:54 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-07 20:54 . 2010-05-07 20:54 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-07 20:54 . 2010-05-07 20:54 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-07 20:54 . 2010-05-07 20:54 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-04 05:59 . 2010-06-13 09:09 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-13 09:09 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-13 09:09 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-13 09:09 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-13 09:09 2037248 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{db9d7a78-a76c-4bf2-97c6-258925ee1542}"= "c:\program files\Reganam\tbReg0.dll" [2008-04-03 1523736]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2009-10-01 16:29 2166296 ----a-w- c:\program files\IObitCom\tbIObi.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
2008-04-03 09:40 1523736 ----a-w- c:\program files\Reganam\tbReg0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{db9d7a78-a76c-4bf2-97c6-258925ee1542}"= "c:\program files\Reganam\tbReg0.dll" [2008-04-03 1523736]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= "c:\program files\Reganam\tbReg0.dll" [2008-04-03 1523736]

[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-02 39408]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2010-03-02 1347496]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-07 202256]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
backup=c:\windows\pss\TMMonitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2009-10-10 12:32 203264 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-04-25 14:33 457216 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-04-04 23:26 154392 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-04-04 23:26 138008 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-02-07 14:21 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-06-15 05:45 850704 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-04-04 23:26 133912 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 19:01 71216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-05-29 00:29 4472832 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-05-29 04:39 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-10-23 19:00 815104 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f9,64,d6,f9,bd,a2,ca,01

R2 gupdate1c9fb1e98b15ff0;Služba Google Update (gupdate1c9fb1e98b15ff0);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
R3 PAC207;Eye 110;c:\windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
R3 uxkx1;ASUS My Cinema U3100 Mini DVBT;c:\windows\system32\DRIVERS\uxkx1.sys [2008-02-15 459264]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
S2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\DRIVERS\ethpdrv.sys [2005-09-07 9728]
S2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [2009-12-08 55016]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 14:08]

2010-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 14:08]

2010-07-25 c:\windows\Tasks\User_Feed_Synchronization-{D6669650-E840-44D1-A863-F23B508F4A8A}.job
- c:\windows\system32\msfeedssync.exe [2010-06-13 04:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://google.com
mStart Page = hxxp://cs.intl.acer.yahoo.com
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {979CA291-4B44-046F-FB23-D128858E99F5} = 62.141.0.1 213.162.65.1
FF - ProfilePath - c:\users\Jarka\AppData\Roaming\Mozilla\Firefox\Profiles\vx4eqvie.default\
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe
AddRemove-SeekappSrch - c:\program files\SeekappSrch\uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\users\Jarka\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclIrSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2010-07-25 09:12:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-25 07:12

Před spuštěním: 9 064 185 856
Po spuštění: 8 825 212 928

- - End Of File - - EF5A4E4387AE225B879C4E6B11426279

[bledulka]

Otestuj na http://www.virustotal.com


c:\program files\Xobni\XobniService.exe
c:\windows\system32\DRIVERS\uxkx1.sys


-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.


Tento program používáš?
c:\program files\Adparatus

[RudolfIV]

http://www.virustotal.com/cs/analisis/9 ... 1280057893
http://www.virustotal.com/cs/analisis/5 ... 1280058082

Ten Adparatus nevím, není to můj notebook, ale ti, kterým patří, ho určitě nepoužívají, děcka nebo součást nějakých oprav, ale dám ho pryč, jak?

[bledulka]

Combofix přesuň na plochu
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{db9d7a78-a76c-4bf2-97c6-258925ee1542}"= "c:\program files\Reganam\tbReg0.dll" [2008-04-03 1523736]
[-HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"=-
[-HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[-HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"=-
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"=-
[-HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[-HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

Folder::
c:\program files\Adparatus

 


-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš

-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[RudolfIV]

ComboFix 10-07-24.03 - Jarka 25.07.2010 17:45:37.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1014.322 [GMT 2:00]
Spuštěný z: c:\users\Jarka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarka\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-25 do 2010-07-25 )))))))))))))))))))))))))))))))
.

2010-07-25 15:57 . 2010-07-25 15:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-25 15:57 . 2010-07-25 15:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-25 13:51 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-25 13:51 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-25 13:51 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-25 13:51 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-25 13:51 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-07-25 13:51 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-25 13:51 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-25 13:51 . 2010-07-25 13:51 -------- d-----w- c:\programdata\Alwil Software
2010-07-24 19:59 . 2010-07-24 19:59 -------- d-----w- c:\users\Jarka\AppData\Roaming\Malwarebytes
2010-07-24 19:58 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- c:\programdata\Malwarebytes
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-24 19:58 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-24 19:58 . 2010-07-24 19:58 -------- d-----w- C:\rsit
2010-07-24 19:51 . 2010-07-24 19:51 -------- d-----w- c:\program files\CCleaner
2010-07-23 14:25 . 2009-07-14 17:45 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2010-07-23 14:25 . 2009-07-14 17:48 64512 ----a-w- c:\windows\system32\WUDFSvc.dll
2010-07-23 14:25 . 2009-07-14 17:48 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2010-07-23 14:25 . 2009-07-14 17:45 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2010-07-23 14:25 . 2009-07-14 17:48 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll
2010-07-23 14:25 . 2009-07-14 17:45 195584 ----a-w- c:\windows\system32\WUDFHost.exe
2010-07-23 14:25 . 2009-07-14 17:48 567808 ----a-w- c:\windows\system32\WUDFx.dll
2010-07-23 14:14 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-07-23 14:14 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-07-23 14:12 . 2010-07-23 14:24 -------- d-----w- c:\users\Jarka\AppData\Roaming\PC Suite
2010-07-23 14:11 . 2010-07-23 14:25 -------- d-----w- c:\users\Jarka\AppData\Roaming\Nokia
2010-07-23 14:11 . 2010-07-23 14:24 -------- d-----w- c:\programdata\PC Suite
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-23 14:06 . 2010-07-23 14:07 -------- d-----w- c:\program files\DIFX
2010-07-23 14:06 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-23 14:06 . 2010-07-23 14:06 -------- dc----w- c:\windows\system32\DRVSTORE
2010-07-23 14:06 . 2010-07-23 14:06 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-23 14:05 . 2010-07-23 14:06 -------- d-----w- c:\program files\Nokia
2010-07-23 14:04 . 2010-07-23 14:02 36684048 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
2010-07-23 14:03 . 2010-07-23 14:03 95232 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-07-23 14:03 . 2010-07-23 14:03 8192 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-07-23 14:03 . 2010-07-23 14:03 61440 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-07-23 14:03 . 2010-07-23 14:03 10240 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-07-23 14:03 . 2010-07-23 14:03 -------- d-----w- c:\programdata\Installations
2010-07-22 16:49 . 2010-07-25 06:31 -------- d-----w- c:\program files\Rubber Ninjas
2010-07-07 18:29 . 2010-07-07 18:29 -------- d-----w- c:\programdata\WindowsSearch
2010-06-28 13:11 . 2010-06-28 13:11 -------- d-----w- c:\program files\MSXML 4.0
2010-06-26 08:25 . 2010-06-26 08:25 -------- d-----w- C:\Sounds
2010-06-26 08:20 . 2010-06-26 08:20 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1E4C.tmp.exe
2010-06-26 08:07 . 2008-11-11 11:42 24832 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2010-06-26 08:07 . 2008-11-11 11:41 19968 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
2010-06-26 08:07 . 2008-11-11 11:41 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2010-06-26 08:07 . 2010-06-26 08:07 -------- d-----w- c:\program files\LG Electronics
2010-06-26 08:06 . 2007-11-08 14:26 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2010-06-26 08:06 . 2010-06-26 08:06 -------- d-----w- c:\users\Jarka\AppData\Roaming\LG Electronics
2010-06-26 08:06 . 2010-07-19 16:15 -------- d-----w- c:\program files\LG PC Suite II
2010-06-26 08:05 . 2010-06-26 08:05 -------- d-----w- c:\users\Jarka\AppData\Roaming\InstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-25 14:15 . 2007-10-03 09:03 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-25 14:15 . 2009-07-02 14:05 -------- d-----w- c:\users\Jarka\AppData\Roaming\Skype
2010-07-25 14:01 . 2010-01-22 13:41 -------- d-----w- c:\users\Jarka\AppData\Roaming\skypePM
2010-07-25 13:51 . 2007-10-03 14:16 -------- d-----w- c:\program files\Alwil Software
2010-07-25 13:38 . 2007-07-25 09:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-25 07:12 . 2007-07-25 19:22 648800 ----a-w- c:\windows\system32\perfh005.dat
2010-07-25 07:12 . 2007-07-25 19:22 133726 ----a-w- c:\windows\system32\perfc005.dat
2010-07-24 21:15 . 2010-05-11 16:32 680 ----a-w- c:\users\Jarka\AppData\Local\d3d9caps.dat
2010-07-24 19:58 . 2010-01-31 13:23 -------- d-----w- c:\program files\Trend Micro
2010-07-24 05:45 . 2010-07-24 05:45 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-07-23 14:16 . 2010-07-23 14:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-23 14:16 . 2010-07-23 14:16 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-19 15:29 . 2010-01-19 19:56 -------- d-----w- c:\program files\ICQ7.0
2010-07-19 15:29 . 2010-01-19 19:57 -------- d-----w- c:\users\Jarka\AppData\Roaming\ICQ
2010-07-19 07:28 . 2009-10-13 16:06 1 ----a-w- c:\users\Jarka\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-07-15 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-26 08:21 . 2009-07-02 14:01 -------- d-----w- c:\program files\Google
2010-06-20 12:48 . 2010-06-20 12:48 -------- d-----w- c:\programdata\Gemfor
2010-06-20 08:03 . 2010-06-20 07:44 -------- d-----w- c:\program files\OpenVPN
2010-06-14 13:33 . 2007-07-25 10:23 -------- d-----w- c:\programdata\Microsoft Help
2010-05-26 17:06 . 2010-06-13 09:09 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-13 09:09 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 08:15 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-07 20:54 . 2010-05-07 20:54 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-07 20:54 . 2010-05-07 20:54 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-07 20:54 . 2010-05-07 20:54 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-07 20:54 . 2010-05-07 20:54 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-07 20:54 . 2010-05-07 20:54 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-07 20:54 . 2010-05-07 20:54 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-04 05:59 . 2010-06-13 09:09 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-13 09:09 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-13 09:09 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-13 09:09 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-13 09:09 2037248 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-02 39408]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2010-03-02 1347496]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 4472832]
"Skytel"="Skytel.exe" [2007-05-29 1826816]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-07 202256]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
backup=c:\windows\pss\TMMonitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2009-10-10 12:32 203264 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-04-25 14:33 457216 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-04-04 23:26 154392 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-04-04 23:26 138008 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-02-07 14:21 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-06-15 05:45 850704 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-04-04 23:26 133912 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 19:01 71216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-05-29 00:29 4472832 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-05-29 04:39 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-10-23 19:00 815104 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f9,64,d6,f9,bd,a2,ca,01

R2 gupdate1c9fb1e98b15ff0;Služba Google Update (gupdate1c9fb1e98b15ff0);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
R3 PAC207;Eye 110;c:\windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
R3 uxkx1;ASUS My Cinema U3100 Mini DVBT;c:\windows\system32\DRIVERS\uxkx1.sys [2008-02-15 459264]
S1 aswSP;aswSP; [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\DRIVERS\ethpdrv.sys [2005-09-07 9728]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 14:08]

2010-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 14:08]

2010-07-25 c:\windows\Tasks\User_Feed_Synchronization-{D6669650-E840-44D1-A863-F23B508F4A8A}.job
- c:\windows\system32\msfeedssync.exe [2010-06-13 04:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://google.com
mStart Page = hxxp://cs.intl.acer.yahoo.com
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {979CA291-4B44-046F-FB23-D128858E99F5} = 62.141.0.1 213.162.65.1
FF - ProfilePath - c:\users\Jarka\AppData\Roaming\Mozilla\Firefox\Profiles\vx4eqvie.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-25 17:57
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-07-25 18:02:26
ComboFix-quarantined-files.txt 2010-07-25 16:02

Před spuštěním: 9 091 268 608
Po spuštění: 9 089 540 096

- - End Of File - - E0F5EB026E8068312C6F18E12D235E05

[bledulka]

Jak to teď vypadá?

[RudolfIV]

Myslím, že líp, nezamrzá a je svižný. Moc, moc děkuji. Už se byli ptát v T-mobilu, jestli by se jim na něj podívali a oni řekli, že by to museli platit a bylo by to drahý, i když je notebook v záruce. A tak jsem si vzpomněl na pc-help, vždycky jste mi pomohli a to důkladně, nashledanou, děkujeme.