CPU 100% - svchost.exe

[Hanysky]

Log z RSIT:



Logfile of random's system information tool 1.08 (written by random/random)
Run by Honza at 2011-07-13 18:31:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 287 GB (61%) free of 467 GB
Total RAM: 3071 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:31:51, on 13.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\windows\autoclk.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folding@home-CPU-[1] - Unknown owner - C:\Folding@HomeCPU\1\Fah.exe
O23 - Service: Folding@home-CPU-[2] - Unknown owner - C:\Folding@HomeCPU\2\Fah.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--
End of file - 9751 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-27 13789728]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]
"autoclk"=C:\Windows\autoclk.exe [2003-01-30 143360]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-07-13 18:26:57 ----D---- C:\rsit
2011-07-13 18:03:00 ----D---- C:\Windows\system32\SPReview
2011-07-13 18:02:21 ----D---- C:\Windows\system32\EventProviders
2011-07-13 17:41:50 ----D---- C:\Windows\cs
2011-07-13 17:41:38 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-07-13 17:41:04 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-07-13 17:39:28 ----D---- C:\Program Files\MSN Toolbar
2011-07-13 17:39:11 ----D---- C:\Program Files\Bing Bar Installer
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 09:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 09:57:17 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 09:57:13 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 09:57:13 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 09:57:13 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 09:57:10 ----A---- C:\Windows\system32\win32k.sys
2011-07-12 12:39:12 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-07-12 12:39:10 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-07-12 12:39:07 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-07-12 12:39:06 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-07-12 12:39:04 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-12 12:39:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-07-12 12:38:39 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-04 09:56:56 ----A---- C:\ComboFix.txt
2011-07-04 09:55:57 ----SHD---- C:\$RECYCLE.BIN
2011-07-04 09:48:25 ----D---- C:\Windows\temp
2011-07-03 21:54:11 ----A---- C:\Windows\ntbtlog.txt
2011-07-03 14:46:07 ----D---- C:\Program Files\trend micro
2011-07-01 18:14:45 ----D---- C:\ProgramData\IObit
2011-07-01 18:14:45 ----D---- C:\Program Files\IObit
2011-07-01 09:37:36 ----D---- C:\ProgramData\AVAST Software
2011-07-01 09:37:36 ----D---- C:\Program Files\AVAST Software
2011-07-01 08:57:31 ----D---- C:\Program Files\Zrychleni Pocitace
2011-07-01 08:50:18 ----D---- C:\Windows\pss
2011-07-01 08:40:24 ----D---- C:\Program Files\SpeedFan
2011-07-01 08:35:21 ----HD---- C:\ProgramData\Common Files
2011-07-01 08:35:12 ----D---- C:\ProgramData\AVG Security Toolbar
2011-07-01 08:34:19 ----D---- C:\ProgramData\AVG10
2011-07-01 08:33:38 ----D---- C:\Program Files\AVG
2011-06-30 19:05:02 ----A---- C:\Windows\zip.exe
2011-06-30 19:05:02 ----A---- C:\Windows\SWSC.exe
2011-06-30 19:05:02 ----A---- C:\Windows\SWREG.exe
2011-06-30 19:05:02 ----A---- C:\Windows\sed.exe
2011-06-30 19:05:02 ----A---- C:\Windows\PEV.exe
2011-06-30 19:05:02 ----A---- C:\Windows\NIRCMD.exe
2011-06-30 19:05:02 ----A---- C:\Windows\MBR.exe
2011-06-30 19:05:02 ----A---- C:\Windows\grep.exe
2011-06-30 19:04:34 ----D---- C:\Windows\ERDNT
2011-06-30 19:04:10 ----D---- C:\Qoobox
2011-06-29 08:43:18 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 08:43:18 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-06-29 08:43:15 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 08:43:15 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 08:43:15 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 08:43:15 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 08:43:15 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 08:43:15 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 08:43:15 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 08:43:15 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 08:43:14 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-16 16:36:14 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 16:36:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 16:36:14 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 16:36:13 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 16:36:12 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 16:36:12 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-06-16 16:36:12 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 16:36:10 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 16:36:09 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-06-16 16:36:09 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-16 16:36:04 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 16:36:03 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 16:36:03 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 16:36:02 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 16:36:02 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 16:36:02 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 16:36:01 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 16:36:01 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 16:35:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 16:35:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 16:35:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

======List of files/folders modified in the last 1 months======

2011-07-13 18:25:30 ----RSD---- C:\Windows\assembly
2011-07-13 18:25:30 ----D---- C:\Windows\Microsoft.NET
2011-07-13 18:23:55 ----D---- C:\Windows\system32\catroot
2011-07-13 18:23:54 ----D---- C:\Windows\system32\catroot2
2011-07-13 18:23:22 ----D---- C:\Windows\System32
2011-07-13 18:23:22 ----D---- C:\Windows\inf
2011-07-13 18:23:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-13 18:20:05 ----D---- C:\Windows\winsxs
2011-07-13 18:19:05 ----D---- C:\windows
2011-07-13 18:17:05 ----D---- C:\Windows\system32\DriverStore
2011-07-13 18:16:03 ----D---- C:\Windows\system32\config
2011-07-13 18:13:50 ----D---- C:\Program Files\Windows Sidebar
2011-07-13 18:13:50 ----D---- C:\Program Files\Windows Portable Devices
2011-07-13 18:13:50 ----D---- C:\Program Files\Windows Mail
2011-07-13 18:13:50 ----D---- C:\Program Files\Internet Explorer
2011-07-13 18:13:50 ----D---- C:\Program Files\DVD Maker
2011-07-13 18:13:49 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-13 18:13:49 ----D---- C:\Program Files\Windows Media Player
2011-07-13 18:13:49 ----D---- C:\Program Files\Windows Journal
2011-07-13 18:13:46 ----D---- C:\Windows\servicing
2011-07-13 18:13:46 ----D---- C:\Windows\ehome
2011-07-13 18:13:46 ----D---- C:\Program Files\Windows Defender
2011-07-13 18:13:42 ----D---- C:\Windows\system32\sysprep
2011-07-13 18:13:42 ----D---- C:\Windows\system32\oobe
2011-07-13 18:13:42 ----D---- C:\Windows\system32\migration
2011-07-13 18:13:42 ----D---- C:\Windows\system32\en-US
2011-07-13 18:13:42 ----D---- C:\Windows\system32\da-DK
2011-07-13 18:13:42 ----D---- C:\Windows\PolicyDefinitions
2011-07-13 18:13:41 ----D---- C:\Windows\system32\sppui
2011-07-13 18:13:41 ----D---- C:\Windows\system32\Setup
2011-07-13 18:13:41 ----D---- C:\Windows\system32\manifeststore
2011-07-13 18:13:41 ----D---- C:\Windows\system32\es-ES
2011-07-13 18:13:41 ----D---- C:\Windows\system32\cs-CZ
2011-07-13 18:13:41 ----D---- C:\Windows\system32\cs
2011-07-13 18:13:41 ----D---- C:\Windows\system32\AdvancedInstallers
2011-07-13 18:13:40 ----D---- C:\Windows\system32\wbem
2011-07-13 18:13:40 ----D---- C:\Windows\system32\migwiz
2011-07-13 18:13:40 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-07-13 18:13:40 ----D---- C:\Windows\system32\drivers
2011-07-13 18:13:40 ----D---- C:\Windows\system32\Dism
2011-07-13 18:13:30 ----RSD---- C:\Windows\Fonts
2011-07-13 18:13:29 ----D---- C:\Windows\AppPatch
2011-07-13 18:13:20 ----D---- C:\Windows\system32\Boot
2011-07-13 18:13:10 ----D---- C:\Windows\system32\wdi
2011-07-13 18:11:01 ----A---- C:\Windows\system32\msclmd.dll
2011-07-13 18:06:30 ----D---- C:\Config.Msi
2011-07-13 17:42:10 ----SHD---- C:\Windows\Installer
2011-07-13 17:42:07 ----RD---- C:\Program Files
2011-07-13 17:41:38 ----DC---- C:\Windows\system32\DRVSTORE
2011-07-13 17:41:37 ----D---- C:\Program Files\Windows Live
2011-07-13 17:40:45 ----SD---- C:\ProgramData\Microsoft
2011-07-13 17:40:18 ----D---- C:\Program Files\Common Files\microsoft shared
2011-07-13 17:35:55 ----D---- C:\Windows\debug
2011-07-13 17:35:53 ----A---- C:\Windows\system32\MRT.exe
2011-07-13 17:35:50 ----D---- C:\Program Files\Microsoft Office
2011-07-13 17:35:42 ----D---- C:\ProgramData\Microsoft Help
2011-07-13 17:33:37 ----SHD---- C:\System Volume Information
2011-07-13 15:54:50 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2011-07-13 11:07:51 ----D---- C:\Users\Honza\AppData\Roaming\skypePM
2011-07-13 11:07:28 ----D---- C:\Users\Honza\AppData\Roaming\AIMP
2011-07-13 10:29:46 ----D---- C:\Program Files\AIMP2
2011-07-12 19:26:42 ----D---- C:\Users\Honza\AppData\Roaming\ICQ
2011-07-11 18:05:23 ----D---- C:\Windows\Tasks
2011-07-11 18:05:23 ----D---- C:\Windows\system32\Tasks
2011-07-11 17:52:23 ----D---- C:\ProgramData\PDFC
2011-07-04 09:50:42 ----A---- C:\Windows\system.ini
2011-07-04 09:50:26 ----D---- C:\Windows\system32\drivers\etc
2011-07-04 09:46:41 ----D---- C:\Program Files\Common Files
2011-07-03 16:40:07 ----D---- C:\Program Files\Google
2011-07-03 15:22:19 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2011-07-01 18:14:45 ----D---- C:\ProgramData
2011-07-01 12:32:59 ----D---- C:\Program Files\Wise Disk Cleaner
2011-07-01 09:30:00 ----D---- C:\Windows\system32\wfp
2011-07-01 09:27:52 ----D---- C:\Windows\registration
2011-07-01 09:27:50 ----D---- C:\Windows\system32\WindowsPowerShell
2011-07-01 09:27:50 ----D---- C:\Windows\system32\WinBioPlugIns
2011-07-01 09:27:50 ----D---- C:\Windows\system32\WCN
2011-07-01 09:27:49 ----D---- C:\Windows\system32\spp
2011-07-01 09:27:49 ----D---- C:\Windows\system32\spool
2011-07-01 09:27:49 ----D---- C:\Windows\system32\Speech
2011-07-01 09:27:49 ----D---- C:\Windows\system32\SMI
2011-07-01 09:27:49 ----D---- C:\Windows\system32\slmgr
2011-07-01 09:27:49 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2011-07-01 09:27:49 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-07-01 09:27:49 ----D---- C:\Windows\system32\NetworkList
2011-07-01 09:27:48 ----SD---- C:\Windows\system32\Microsoft
2011-07-01 09:27:48 ----D---- C:\Windows\system32\MUI
2011-07-01 09:27:48 ----D---- C:\Windows\system32\Msdtc
2011-07-01 09:27:48 ----D---- C:\Windows\system32\Macromed
2011-07-01 09:27:48 ----D---- C:\Windows\system32\IME
2011-07-01 09:27:46 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-01 09:27:46 ----D---- C:\Windows\system32\drivers\NSS
2011-07-01 09:27:45 ----D---- C:\Windows\system32\com
2011-07-01 09:27:44 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2011-07-01 09:27:44 ----D---- C:\Windows\system32\AGEIA
2011-07-01 09:27:44 ----D---- C:\Windows\Speech
2011-07-01 09:27:44 ----D---- C:\Windows\Setup
2011-07-01 09:27:43 ----D---- C:\Windows\schemas
2011-07-01 09:27:43 ----D---- C:\Windows\ServiceProfiles
2011-07-01 09:27:43 ----D---- C:\Windows\security
2011-07-01 09:27:43 ----D---- C:\Windows\Resources
2011-07-01 09:27:43 ----D---- C:\Windows\rescache
2011-07-01 09:27:43 ----D---- C:\Windows\PLA
2011-07-01 09:27:43 ----D---- C:\Windows\Performance
2011-07-01 09:27:42 ----RSD---- C:\Windows\Media
2011-07-01 09:27:41 ----D---- C:\Windows\IME
2011-07-01 09:27:41 ----D---- C:\Windows\Hewlett-Packard
2011-07-01 09:27:41 ----D---- C:\Windows\Help
2011-07-01 09:27:41 ----D---- C:\Windows\Globalization
2011-07-01 09:27:41 ----D---- C:\Windows\diagnostics
2011-07-01 09:27:41 ----D---- C:\Windows\Corel
2011-07-01 09:27:41 ----D---- C:\Windows\Branding
2011-07-01 09:27:40 ----D---- C:\Windows\Boot
2011-07-01 09:27:38 ----RD---- C:\Users
2011-07-01 09:27:38 ----D---- C:\Windows\AppCompat
2011-07-01 09:27:35 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2011-07-01 09:27:35 ----D---- C:\Users\Honza\AppData\Roaming\Sports Interactive
2011-07-01 09:27:35 ----D---- C:\Users\Honza\AppData\Roaming\Samsung
2011-07-01 09:27:35 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2011-07-01 09:27:35 ----D---- C:\Users\Honza\AppData\Roaming\Leawo
2011-07-01 09:27:35 ----D---- C:\Users\Honza\AppData\Roaming\Corel
2011-07-01 09:27:34 ----D---- C:\Users\Honza\AppData\Roaming\COMODO
2011-07-01 09:27:34 ----D---- C:\Users\Honza\AppData\Roaming\Canon
2011-07-01 09:27:34 ----D---- C:\Users\Honza\AppData\Roaming\Autodesk
2011-07-01 09:27:34 ----D---- C:\Users\Honza\AppData\Roaming\Adobe
2011-07-01 09:27:32 ----D---- C:\SYSTEM.SAV
2011-07-01 09:27:31 ----D---- C:\ProgramData\WildTangent
2011-07-01 09:27:31 ----D---- C:\ProgramData\Synetic
2011-07-01 09:27:31 ----AD---- C:\SWSETUP
2011-07-01 09:27:30 ----D---- C:\ProgramData\Symantec
2011-07-01 09:27:30 ----D---- C:\ProgramData\Skype
2011-07-01 09:27:30 ----D---- C:\ProgramData\ScanSoft
2011-07-01 09:27:30 ----D---- C:\ProgramData\Norton
2011-07-01 09:27:30 ----D---- C:\ProgramData\Nero
2011-07-01 09:27:28 ----D---- C:\ProgramData\MFAData
2011-07-01 09:27:28 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2011-07-01 09:27:28 ----D---- C:\ProgramData\InstallShield
2011-07-01 09:27:28 ----D---- C:\ProgramData\ICQ
2011-07-01 09:27:28 ----D---- C:\ProgramData\HP
2011-07-01 09:27:28 ----D---- C:\ProgramData\Hewlett-Packard
2011-07-01 09:27:28 ----D---- C:\ProgramData\Google
2011-07-01 09:27:28 ----D---- C:\ProgramData\DivX
2011-07-01 09:27:27 ----RD---- C:\Program Files\Skype
2011-07-01 09:27:27 ----HD---- C:\ProgramData\CanonBJ
2011-07-01 09:27:27 ----D---- C:\ProgramData\Bentley
2011-07-01 09:27:27 ----D---- C:\ProgramData\Alwil Software
2011-07-01 09:27:27 ----D---- C:\ProgramData\Adobe
2011-07-01 09:27:27 ----D---- C:\Program Files\Wise Registry Cleaner
2011-07-01 09:27:27 ----D---- C:\Program Files\WinRAR
2011-07-01 09:27:27 ----D---- C:\Program Files\Windows NT
2011-07-01 09:27:27 ----D---- C:\Program Files\vShare
2011-07-01 09:27:27 ----D---- C:\Program Files\VideoLAN
2011-07-01 09:27:27 ----D---- C:\Program Files\Veetle
2011-07-01 09:27:27 ----D---- C:\Program Files\USB Vibration
2011-07-01 09:27:27 ----D---- C:\Program Files\ScanSoft
2011-07-01 09:27:26 ----RD---- C:\Program Files\Online Services
2011-07-01 09:27:26 ----D---- C:\Program Files\Samsung
2011-07-01 09:27:26 ----D---- C:\Program Files\SAGEM
2011-07-01 09:27:26 ----D---- C:\Program Files\Reference Assemblies
2011-07-01 09:27:26 ----D---- C:\Program Files\Realtek
2011-07-01 09:27:26 ----D---- C:\Program Files\PhotoModelerPro5 - Demo
2011-07-01 09:27:26 ----D---- C:\Program Files\PhotoModeler6
2011-07-01 09:27:26 ----D---- C:\Program Files\PDF Complete
2011-07-01 09:27:26 ----D---- C:\Program Files\Nero
2011-07-01 09:27:26 ----D---- C:\Program Files\MSBuild
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft.NET
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft WSE
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft Works
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft Visual Studio
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft Silverlight
2011-07-01 09:27:26 ----D---- C:\Program Files\Microsoft
2011-07-01 09:27:25 ----D---- C:\Program Files\Microsoft Office Suite Activation Assistant
2011-07-01 09:27:25 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-07-01 09:27:25 ----D---- C:\Program Files\Microsoft Games
2011-07-01 09:27:25 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-07-01 09:27:25 ----D---- C:\Program Files\MarkAny
2011-07-01 09:27:25 ----D---- C:\Program Files\K-Lite Codec Pack
2011-07-01 09:27:25 ----D---- C:\Program Files\Java
2011-07-01 09:27:24 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-01 09:27:24 ----D---- C:\Program Files\InterVideo
2011-07-01 09:27:24 ----D---- C:\Program Files\IDimager Products
2011-07-01 09:27:24 ----D---- C:\Program Files\ICQ7.0
2011-07-01 09:27:24 ----D---- C:\Program Files\HP
2011-07-01 09:27:22 ----D---- C:\Program Files\HighAndes
2011-07-01 09:27:22 ----D---- C:\Program Files\Hewlett-Packard
2011-07-01 09:27:22 ----D---- C:\Program Files\DivX
2011-07-01 09:27:21 ----D---- C:\Program Files\DAEMON Tools Lite
2011-07-01 09:27:21 ----D---- C:\Program Files\Corel
2011-07-01 09:27:21 ----D---- C:\Program Files\Common Files\Windows Live
2011-07-01 09:27:21 ----D---- C:\Program Files\Common Files\System
2011-07-01 09:27:21 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-07-01 09:27:21 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2011-07-01 09:27:21 ----D---- C:\Program Files\Common Files\Protexis
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\Macrovision Shared
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\InterVideo
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\HP
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\DivX Shared
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\Corel
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\Bentley Shared
2011-07-01 09:27:20 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-07-01 09:27:19 ----HD---- C:\Program Files\CanonBJ
2011-07-01 09:27:19 ----D---- C:\Program Files\Common Files\Ahead
2011-07-01 09:27:19 ----D---- C:\Program Files\Common Files\Adobe
2011-07-01 09:27:19 ----D---- C:\Program Files\CCleaner
2011-07-01 09:27:19 ----D---- C:\Program Files\Bentley
2011-07-01 09:27:19 ----D---- C:\Program Files\Autodesk
2011-07-01 09:27:19 ----D---- C:\Program Files\AutoCAD 2010
2011-07-01 09:27:18 ----D---- C:\Program Files\Ashampoo
2011-07-01 09:27:18 ----D---- C:\Program Files\Alwil Software
2011-07-01 09:27:18 ----D---- C:\Program Files\AGEIA Technologies
2011-07-01 09:27:18 ----D---- C:\Program Files\Adobe
2011-07-01 09:27:18 ----D---- C:\PFiles
2011-07-01 09:27:18 ----D---- C:\NVIDIA
2011-07-01 09:27:17 ----RD---- C:\MSOCache
2011-07-01 09:27:16 ----D---- C:\hp
2011-07-01 09:27:16 ----D---- C:\Folding@HomeCPU
2011-07-01 09:27:16 ----D---- C:\be05603a70d842cdefbf40532077d5
2011-07-01 08:25:39 ----D---- C:\Windows\Downloaded Program Files
2011-07-01 08:18:00 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-06-20 10:42:43 ----D---- C:\Windows\Prefetch
2011-06-18 11:26:52 ----D---- C:\Hry

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\Windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-02-13 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-26 2385760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\Windows\System32\Drivers\adildr.sys [2003-07-17 46167]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 adiusbaw;USB ADSL WAN Adapter; C:\Windows\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ATP;Comodo EasyVPN Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 catchme;catchme; \??\C:\Users\Honza\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\Windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\Windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\Windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Folding@home-CPU-[1];Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [2011-01-04 422400]
R2 Folding@home-CPU-[2];Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [2011-01-04 422400]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-05-20 121344]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-27 211488]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1343400]

-----------------EOF-----------------

[vyosek]

LOg vypada jiz cisty...

[Hanysky]

Tak to je divný, protože se u mě žádná změna neobjevila

[stell]

Zaskok za kolegu.
Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
Application Updater
Folder::
C:\Program Files\Application Updater

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

[Hanysky]

Zde je log z CF.



ComboFix 11-07-15.01 - Honza 15.07.2011 12:10:47.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.2094 [GMT 2:00]
Spuštěný z: c:\users\Honza\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Application Updater
c:\program files\Application Updater\ApplicationUpdater.exe
c:\program files\Application Updater\config.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-15 do 2011-07-15 )))))))))))))))))))))))))))))))
.
.
2011-07-15 10:16 . 2011-07-15 10:19 -------- d-----w- c:\users\Honza\AppData\Local\temp
2011-07-15 10:16 . 2011-07-15 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-15 10:06 . 2011-07-15 10:06 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-07-15 10:06 . 2011-07-15 10:06 -------- d-----w- c:\program files\Common Files\Spigot
2011-07-15 06:48 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DE7648C-B33A-4433-997A-A1112F6A0B99}\mpengine.dll
2011-07-14 16:16 . 2011-07-14 16:16 -------- d-----w- C:\Programky
2011-07-13 16:47 . 2011-07-14 16:16 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-07-13 16:47 . 2011-07-13 16:47 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-13 16:26 . 2011-07-13 16:27 -------- d-----w- C:\rsit
2011-07-13 16:03 . 2011-07-13 16:03 -------- d-----w- c:\windows\system32\SPReview
2011-07-13 16:02 . 2011-07-13 16:02 -------- d-----w- c:\windows\system32\EventProviders
2011-07-13 15:41 . 2011-07-13 15:41 -------- d-----w- c:\windows\cs
2011-07-13 15:41 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-07-13 15:41 . 2011-07-13 15:41 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-07-13 15:40 . 2011-07-13 15:40 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-13 15:39 . 2011-07-13 15:39 -------- d-----w- c:\program files\MSN Toolbar
2011-07-13 15:39 . 2011-07-13 15:39 -------- d-----w- c:\program files\Bing Bar Installer
2011-07-13 15:38 . 2011-07-13 15:38 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\f2a072b01cc41720d\InstallManager_WLE_WLE.exe
2011-07-13 15:38 . 2011-07-13 15:38 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\e8fdb9421cc41720a\MeshBetaRemover.exe
2011-07-13 15:38 . 2011-07-13 15:38 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\DSETUP.dll
2011-07-13 15:38 . 2011-07-13 15:38 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\DXSETUP.exe
2011-07-13 15:38 . 2011-07-13 15:38 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\dsetup32.dll
2011-07-13 15:38 . 2011-07-13 15:38 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\DSETUP.dll
2011-07-13 15:38 . 2011-07-13 15:38 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\DXSETUP.exe
2011-07-13 15:38 . 2011-07-13 15:38 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\dsetup32.dll
2011-07-12 10:39 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-12 10:39 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-12 10:39 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-12 10:39 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-12 10:39 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-12 10:39 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-12 10:38 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-12 10:38 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-03 12:46 . 2011-07-13 16:31 -------- d-----w- c:\program files\trend micro
2011-07-01 16:14 . 2011-07-01 16:14 -------- d-----w- c:\programdata\IObit
2011-07-01 16:14 . 2011-07-01 16:14 -------- d-----w- c:\program files\IObit
2011-07-01 07:37 . 2011-07-12 10:38 -------- d-----w- c:\programdata\AVAST Software
2011-07-01 07:37 . 2011-07-01 07:37 -------- d-----w- c:\program files\AVAST Software
2011-07-01 06:57 . 2011-07-01 07:28 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-07-01 06:40 . 2011-07-01 07:28 -------- d-----w- c:\program files\SpeedFan
2011-07-01 06:35 . 2011-07-01 06:35 -------- d--h--w- c:\programdata\Common Files
2011-07-01 06:35 . 2011-07-01 07:28 -------- d-----w- c:\programdata\AVG Security Toolbar
2011-07-01 06:34 . 2011-07-01 07:28 -------- d-----w- c:\programdata\AVG10
2011-07-01 06:33 . 2011-07-01 07:27 -------- d-----w- c:\program files\AVG
2011-06-29 06:43 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:43 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-06-29 06:43 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:43 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:43 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:43 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 06:43 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:43 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 06:43 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:43 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:43 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-16 14:35 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 14:35 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 14:35 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 16:11 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-08 14:31 . 2010-09-27 16:34 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-24 17:14 . 2010-02-19 13:12 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-22 19:14 . 2011-05-25 12:15 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2005-06-22 05:37 45568 --sha-r- c:\windows\System32\cygz.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programky\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-27 13789728]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"autoclk"="autoclk.exe" [2003-01-30 143360]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-06-24 534880]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2010-2-19 966756]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 OCDE;ZTekWare Original CD Emulator Service;c:\windows\System32\Drivers\OCDE.sys [x]
R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1343400]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2846067574-749932809-432570601-1001\Software\SecuROM\License information*]
"datasecu"=hex:e0,b7,c0,cd,20,bf,39,68,03,56,ce,14,17,f0,c4,6b,ac,7e,9c,60,9e,
17,2e,16,40,ab,83,b4,60,cc,a6,29,ef,c5,52,5c,2a,21,37,82,cb,00,c9,8a,5f,ff,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\folding@homecpu\1\Fah.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\folding@homecpu\2\Fah.exe
c:\folding@homecpu\1\FahCore_a4.exe
c:\folding@homecpu\2\FahCore_a4.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-07-15 12:24:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-15 10:24
ComboFix2.txt 2011-07-04 07:56
ComboFix3.txt 2011-06-30 17:42
ComboFix4.txt 2011-06-30 17:23
.
Před spuštěním: Volných bajtů: 299 392 221 184
Po spuštění: Volných bajtů: 298 674 135 040
.
- - End Of File - - 1F40C1BABE606A0C537B7F3CFE18B561

[vyosek]

Dekuji kolegovi za zaskok

Jeste jeden skript pro ComboFix - postup je stejny

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Common Files\Spigot

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"SearchSettings"=-

Reboot::

[Hanysky]

ComboFix 11-07-15.03 - Honza 16.07.2011 18:25:40.5.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.2321 [GMT 2:00]
Spuštěný z: c:\users\Honza\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\config.ini
c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-16 16:35 . 2011-07-16 16:37 -------- d-----w- c:\users\Honza\AppData\Local\temp
2011-07-16 16:35 . 2011-07-16 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-15 10:34 . 2011-07-15 10:34 -------- d-----w- c:\programdata\KONAMI
2011-07-15 10:06 . 2011-07-15 10:06 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-07-15 06:48 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DE7648C-B33A-4433-997A-A1112F6A0B99}\mpengine.dll
2011-07-14 16:16 . 2011-07-14 16:16 -------- d-----w- C:\Programky
2011-07-13 16:47 . 2011-07-14 16:16 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-07-13 16:47 . 2011-07-13 16:47 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-13 16:26 . 2011-07-13 16:27 -------- d-----w- C:\rsit
2011-07-13 16:03 . 2011-07-13 16:03 -------- d-----w- c:\windows\system32\SPReview
2011-07-13 16:02 . 2011-07-13 16:02 -------- d-----w- c:\windows\system32\EventProviders
2011-07-13 15:41 . 2011-07-13 15:41 -------- d-----w- c:\windows\cs
2011-07-13 15:41 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-07-13 15:41 . 2011-07-13 15:41 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-07-13 15:40 . 2011-07-13 15:40 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-13 15:39 . 2011-07-13 15:39 -------- d-----w- c:\program files\MSN Toolbar
2011-07-13 15:39 . 2011-07-13 15:39 -------- d-----w- c:\program files\Bing Bar Installer
2011-07-13 15:38 . 2011-07-13 15:38 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\f2a072b01cc41720d\InstallManager_WLE_WLE.exe
2011-07-13 15:38 . 2011-07-13 15:38 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\e8fdb9421cc41720a\MeshBetaRemover.exe
2011-07-13 15:38 . 2011-07-13 15:38 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\DSETUP.dll
2011-07-13 15:38 . 2011-07-13 15:38 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\DXSETUP.exe
2011-07-13 15:38 . 2011-07-13 15:38 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\dc982bfa1cc417202\dsetup32.dll
2011-07-13 15:38 . 2011-07-13 15:38 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\DSETUP.dll
2011-07-13 15:38 . 2011-07-13 15:38 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\DXSETUP.exe
2011-07-13 15:38 . 2011-07-13 15:38 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\db5d365d1cc417201\dsetup32.dll
2011-07-12 10:39 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-12 10:39 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-12 10:39 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-12 10:39 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-12 10:39 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-12 10:39 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-12 10:38 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-12 10:38 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-03 12:46 . 2011-07-13 16:31 -------- d-----w- c:\program files\trend micro
2011-07-01 16:14 . 2011-07-01 16:14 -------- d-----w- c:\programdata\IObit
2011-07-01 16:14 . 2011-07-01 16:14 -------- d-----w- c:\program files\IObit
2011-07-01 07:37 . 2011-07-12 10:38 -------- d-----w- c:\programdata\AVAST Software
2011-07-01 07:37 . 2011-07-01 07:37 -------- d-----w- c:\program files\AVAST Software
2011-07-01 06:57 . 2011-07-01 07:28 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-07-01 06:40 . 2011-07-01 07:28 -------- d-----w- c:\program files\SpeedFan
2011-07-01 06:35 . 2011-07-01 06:35 -------- d--h--w- c:\programdata\Common Files
2011-07-01 06:35 . 2011-07-01 07:28 -------- d-----w- c:\programdata\AVG Security Toolbar
2011-07-01 06:34 . 2011-07-01 07:28 -------- d-----w- c:\programdata\AVG10
2011-07-01 06:33 . 2011-07-01 07:27 -------- d-----w- c:\program files\AVG
2011-06-29 06:43 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:43 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-06-29 06:43 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:43 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:43 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:43 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 06:43 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:43 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 06:43 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:43 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:43 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 16:11 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-08 14:31 . 2010-09-27 16:34 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-28 02:53 . 2011-06-16 14:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2010-02-19 13:12 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-03 04:30 . 2011-06-16 14:36 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-16 14:36 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-16 14:36 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-16 14:36 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-16 14:35 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-16 14:35 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-16 14:35 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-16 14:36 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-16 14:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-22 19:14 . 2011-05-25 12:15 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-22 19:10 . 2011-06-16 14:36 981504 ----a-w- c:\windows\system32\wininet.dll
2005-06-22 05:37 45568 --sha-r- c:\windows\System32\cygz.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-15_10.19.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-19 12:20 . 2011-07-16 07:40 41842 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2011-07-16 16:38 44932 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-19 11:56 . 2011-07-16 16:38 15576 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2846067574-749932809-432570601-1001_UserData.bin
+ 2010-02-19 18:57 . 2011-07-16 16:36 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-19 18:57 . 2011-07-15 10:19 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-19 18:57 . 2011-07-16 16:36 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-19 18:57 . 2011-07-15 10:19 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2011-07-16 16:36 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2011-07-15 10:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-19 19:54 . 2011-07-16 07:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-19 19:54 . 2011-07-15 10:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:34 . 2011-07-15 10:27 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-02-19 19:54 . 2011-07-15 10:22 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-19 19:54 . 2011-07-16 07:38 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-19 19:54 . 2011-07-16 07:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-19 19:54 . 2011-07-15 10:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-19 17:10 . 2011-07-15 10:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-19 17:10 . 2011-07-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-19 17:10 . 2011-07-15 10:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-19 17:10 . 2011-07-16 16:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-15 11:24 . 2011-07-15 11:24 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\0012cdaf55b38d1b306f1557490ba0a5\System.Windows.Presentation.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\6b7b1b10687bf18bf588d7c352bc763a\System.Web.DynamicData.Design.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\7cc3f83b09f20782c2ab4a3655af8b20\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e88e6ace53ab318210c1657483321e40\System.AddIn.Contract.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\69b036f1479a9aa93430f2d1676032b2\napcrypt.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0e4f8dcdbb222255ac2b4c078ceaba88\Microsoft.WSMan.Runtime.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f86d7073a7aedac38fcc440fd9e4256a\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\db6549ef559701e11f1f7b115ab007fd\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cd8db1ed1e76bc6dd03076974c9193fd\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ace13e8b124b4d8672dac5a8b26640c5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\42c9b9f386c12ea61100fe8630ba7796\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\405aa271df15b8ce1b0b970f37687152\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\80647c1bde2a8ad63d43064ee575ceda\Microsoft.Vsa.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\80647c1bde2a8ad63d43064ee575ceda\Microsoft.Vsa.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
+ 2011-07-15 10:23 . 2011-07-15 10:23 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
+ 2011-07-15 10:23 . 2011-07-15 10:23 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
- 2011-07-15 10:00 . 2011-07-15 10:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-16 07:38 . 2011-07-16 16:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-15 10:00 . 2011-07-15 10:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-16 07:38 . 2011-07-16 16:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-02-20 13:43 . 2011-07-16 15:24 608194 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2010-02-19 11:59 . 2011-07-14 08:12 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-02-19 11:59 . 2011-07-16 15:41 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:47 . 2011-07-15 20:42 455748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:47 . 2011-07-15 07:39 455748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-15 20:42 . 2011-07-15 20:42 686896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2846067574-749932809-432570601-1001-8192.dat
- 2011-04-20 08:01 . 2011-04-20 08:38 196608 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_SETTINGS__E16DFE45D7AC4FBF87BBB412D05EFC15.exe
+ 2011-04-20 08:01 . 2011-07-15 10:37 196608 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_SETTINGS__E16DFE45D7AC4FBF87BBB412D05EFC15.exe
- 2011-04-20 08:01 . 2011-04-20 08:38 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_PES2011_E_19E2C126E9A346458082E1106EC36033.exe
+ 2011-04-20 08:01 . 2011-07-15 10:37 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_PES2011_E_19E2C126E9A346458082E1106EC36033.exe
- 2011-04-20 08:38 . 2011-04-20 08:38 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\ARPPRODUCTICON.exe
+ 2011-07-15 10:37 . 2011-07-15 10:37 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\ARPPRODUCTICON.exe
+ 2011-07-15 11:24 . 2011-07-15 11:24 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\31ad20a342dffca6fae93d9d43951ee1\WsatConfig.ni.exe
+ 2011-07-15 11:23 . 2011-07-15 11:23 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\6ce21406bbd011fe4116d704f351b42d\UIAutomationClient.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\c61cca52e5c9467d5ba9c7df0442fa6d\TaskScheduler.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\0f3ab06b15535837033db7010227daf4\System.Xml.Linq.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\81b792b325fb9f83a07e17d902fe8540\System.Web.Routing.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\32ea8accfe7c168027782b082f4717b9\System.Web.Extensions.Design.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4f60c6af2d644520b05ff84191b11af5\System.Web.Entity.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\02e3ea1e3b3a3b7d31ef89d89c174aca\System.Web.Entity.Design.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e49ec688e66b420898aff3266bbd0876\System.Web.DynamicData.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\19fac4943f3d22efa5c762c438c2dc68\System.Web.Abstractions.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\51dd363a441db0ee2df678e30386db4e\System.Net.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\552fc73953452031df81da053ec801ff\System.Management.Instrumentation.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\cba11f24af8a59b67973f5b478d7a499\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1e516423097a88e13f1d1bcbd6bb85bf\System.Data.Services.Design.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c8dff7ab6e2f542b37a75612ef1bf1e5\System.Data.Entity.Design.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\210461545c0136309820c2476d70a62a\System.Data.DataSetExtensions.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\f61bb4421b3d4545303d47191358e3e5\System.AddIn.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\ff925a8127595ab053e54e2481cb3526\SMSvcHost.ni.exe
+ 2011-07-15 11:23 . 2011-07-15 11:23 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\8fcb3f856afb930c5add8498cadb4d13\naphlpr.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\c1262c5e0ae47e7cfaff1f0b0b9a9c91\Microsoft.WSMan.Management.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\51fe11fc2fd81d4f3df009b098b645c4\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ce48d1456c11e38b8bae706410d86846\Microsoft.PowerShell.Security.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b99a6c61f2ef7dd809eaabf40c1b4822\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b99a6c61f2ef7dd809eaabf40c1b4822\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b257df20471362d41a2652458fd3d279\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3a9591e7beec6c8e5aded6bcaac0137d\Microsoft.PowerShell.Commands.Management.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\da3b6c72b429486e0be434b431495a44\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\da3b6c72b429486e0be434b431495a44\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-07-15 10:24 . 2011-07-15 10:24 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4066934bbe283927ab0502e8723ae14e\Microsoft.Build.Utilities.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4066934bbe283927ab0502e8723ae14e\Microsoft.Build.Utilities.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\03aded755dc822b9f8d5d883f1e0e18b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-07-15 10:24 . 2011-07-15 10:24 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\03aded755dc822b9f8d5d883f1e0e18b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-07-15 10:23 . 2011-07-15 10:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ca546bfd181c70770764a0e6eae5a005\Microsoft.Build.Engine.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ca546bfd181c70770764a0e6eae5a005\Microsoft.Build.Engine.ni.dll
+ 2010-10-01 11:04 . 2010-10-01 11:04 2097664 c:\windows\Installer\b24d7.msi
+ 2011-07-15 11:24 . 2011-07-15 11:24 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\19b53cc4df37ad4696360d8f6497717c\System.WorkflowServices.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3368235620da4ec6c9c4c11ac8435cd5\System.Web.Mobile.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d5019e956e116fe6bd909cc290afa0d8\System.Web.Extensions.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0b658143d738fe50f20093c5ad57ac85\System.ServiceModel.Web.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\19dd71517d9abd4dc5c8b628a7d31f60\System.Management.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\19dd71517d9abd4dc5c8b628a7d31f60\System.Management.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\965410a52daa434ce7beee37721cd91d\System.Management.Automation.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\965410a52daa434ce7beee37721cd91d\System.Management.Automation.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\01aefbc93c753c194211d7593de24392\System.Data.Services.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\fba36ad8bc16c4552ad9690574921641\System.Data.Services.Client.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\5917898bb1ba46692766a0ab25a28a16\System.Data.Linq.ni.dll
+ 2011-07-15 11:24 . 2011-07-15 11:24 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\7b21afcbf2b3118d7402238962dec0ad\System.Data.Entity.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\041aa19c99a322abd2ecfca9f50ea1fb\PresentationBuildTasks.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\73f98c482dcae417f2a61d5e3cb34d7c\Narrator.ni.exe
+ 2011-07-15 11:23 . 2011-07-15 11:23 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\09915f4b2c72f7177d037c90be074ea4\Microsoft.VisualBasic.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\8a850b3c83b35efaad0cc22561e3a755\Microsoft.PowerShell.Editor.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\82888134800b49ef81dfe30803d3ba43\Microsoft.PowerShell.Commands.Utility.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0f2c09cdc102c6c8ba83c554c7329d25\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0f2c09cdc102c6c8ba83c554c7329d25\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\1b78873b52a9db6847c3a63f9eda9d84\Microsoft.JScript.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\1b78873b52a9db6847c3a63f9eda9d84\Microsoft.JScript.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\6eaed6bd3f727c37ede6d639d9705382\Microsoft.Ink.ni.dll
+ 2011-07-15 11:23 . 2011-07-15 11:23 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\6eaed6bd3f727c37ede6d639d9705382\Microsoft.Ink.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\faa1b94d80284daea8c1999a48cde048\Microsoft.Build.Tasks.ni.dll
+ 2011-07-15 10:24 . 2011-07-15 10:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\faa1b94d80284daea8c1999a48cde048\Microsoft.Build.Tasks.ni.dll
- 2011-07-15 10:17 . 2011-07-15 10:17 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\5b982588218f0a7d3909aab90d17e5ec\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-07-15 10:24 . 2011-07-15 10:24 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\5b982588218f0a7d3909aab90d17e5ec\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-07-15 10:23 . 2011-07-15 10:23 1941504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\54399b23651c6cd297152e1a63954c38\Microsoft.Build.Engine.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programky\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-27 13789728]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"autoclk"="autoclk.exe" [2003-01-30 143360]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2010-2-19 966756]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 OCDE;ZTekWare Original CD Emulator Service;c:\windows\System32\Drivers\OCDE.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1343400]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2846067574-749932809-432570601-1001\Software\SecuROM\License information*]
"datasecu"=hex:e0,b7,c0,cd,20,bf,39,68,03,56,ce,14,17,f0,c4,6b,ac,7e,9c,60,9e,
17,2e,16,40,ab,83,b4,60,cc,a6,29,ef,c5,52,5c,2a,21,37,82,cb,00,c9,8a,5f,ff,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\folding@homecpu\1\Fah.exe
c:\folding@homecpu\2\Fah.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\folding@homecpu\2\FahCore_a4.exe
c:\folding@homecpu\1\FahCore_a4.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-07-16 18:42:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-16 16:42
ComboFix2.txt 2011-07-15 10:24
ComboFix3.txt 2011-07-04 07:56
ComboFix4.txt 2011-06-30 17:42
ComboFix5.txt 2011-07-16 16:24
.
Před spuštěním: Volných bajtů: 297 530 318 848
Po spuštění: Volných bajtů: 297 484 750 848
.
- - End Of File - - E8CE43F75E0C15000FF8ECBE3A6ADE02

[vyosek]

Nastala zmena v chovani

[Hanysky]

Procesor stále na 100%. Jinak žádný jiný problém.

[vyosek]

TOhle uz na havet nevypada

Stáhněte si program HWMonitor
-Nainstalujte a spuste a udělejte mi screen teplot pokud nevíte jak tak podle návodu : http://www.viry.cz/forum/viewtopic.php?f=11&t=14114

[Hanysky]

Tady to je
http://imageshack.us/photo/my-images/36/test1dwf.jpg http://img36.imageshack.us/img36/2600/test1dwf.th.jpg

[vyosek]

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Nejak mi to zacina byt zahadou, poptam se kolegu jeste

[vyosek]

Udelejte krok dle kolegyne

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

[Hanysky]

Mě už to taky přijde velice divné. Moc Vám děkuji, že mi s tím už tak dlouho pomáháte.


----------------------------------------------------------------------------
CrystalDiskInfo 4.0.1 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2011/07/21 11:22:22

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- SAMSUNG HD502IJ ATA Device
- hp DVD-RAM GH40L ATA Device
- ATA Channel 1 (1) [ATA]
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ AU039HLE IDE Controller [SCSI]
- KBGBAX 2Z0DIRC SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502IJ : 500.1 GB [0-2-0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01118
Serial Number : S1W3J9BZ101015
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 4413 hod.
Power On Count : 1764 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _87 _87 _11 0000000012FC Čas na roztočení ploten
04 _98 _98 __0 0000000006E8 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000002E9B Čas potřebný na vyhledání
09 _99 _99 __0 00000000113D Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000006E4 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _70 _60 __0 00001E16001E Teplota toku vzduchu
C2 _65 _59 __0 000023160023 Teplota
C3 100 100 __0 000000136C48 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 88 56 02 2A 00 3F 00 00
010: 00 00 00 00 53 31 57 33 4A 39 42 5A 31 30 31 30
020: 31 35 20 20 20 20 20 20 00 03 80 00 00 04 31 41
030: 41 30 31 31 31 38 53 41 4D 53 55 4E 47 20 48 44
040: 35 30 32 49 4A 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 05 06 00 00 00 4C 00 40
0A0: 01 F8 00 52 70 6B 7C 09 41 23 70 69 BC 01 41 23
0B0: 20 3F 00 FF 00 FF 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 02 4E 92 01 A8 6A 24
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1F 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 04 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AA A5

[vyosek]

Disk je tez v perfektnim stavu

Stahnete SytemLook (viz muj podpis) a ulozte jej na plochu

• Do okna vlozte skript nize

• Kód: Vybrat vše

  :reg
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost /sub

• Kliknete na Look
• Tlacitko Look se zmeni na Scanning a zsedne
• Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
• Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte