Prosím pomoc s virem

[michaelgelo]

Ahoj,mám problém s virem, který pořád v aplikací mně otravuje. Nemohu se přihlásit protože nezadám ani heslo. Pořád dokola se opakéuje písmeno ééééééé a nemohu to nijak dostat s počítače.
Prosím pomozte mi.

[vyosek]

Zdravim a pekny vecer preji

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

Zkuste udelat log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 pripadne jej prejmenujte na RSIT.com

[michaelgelo]

Jak to mám se vložit mně to nejde.

[vyosek]

Zkopirujte obsah toho textoveho souboru a dejte jej normalne jako odpoved. Pokud je log moc dlouhy, tak jej, peclive, rozdelte do vice odpovedi

[michaelgelo]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michaell at 2011-09-27 20:10:55
Microsoft Windows 7 Ultimate
System drive C: has 90 GB (62%) free of 144 GB
Total RAM: 4094 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:33, on 27.9.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Michaell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8279 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"F:\Předčtení loga\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, iobit@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, wrc@avast.com:6.0.1289, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =685749&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\searchplugins\
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"=C:\Program Files\SetPointP\SetPoint.exe [2010-06-26 1609296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMISR]
C:\Program Files (x86)\KYE\FaceCam 311\BM.exe [2010-03-30 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-07-26 958352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-07-26 20880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-07-26 3507088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2011-01-01 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-08-17 534880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\1.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michaell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-27 20:10:55 ----D---- C:\rsit
2011-09-27 20:10:55 ----D---- C:\Program Files\trend micro
2011-09-27 19:37:34 ----A---- C:\Windows\ntbtlog.txt
2011-09-16 20:23:05 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-09-16 20:23:05 ----A---- C:\Windows\system32\tzres.dll
2011-09-16 20:21:47 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-09-16 20:21:47 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-09-16 20:21:47 ----A---- C:\Windows\system32\fsutil.exe
2011-09-16 20:21:47 ----A---- C:\Windows\system32\esent.dll
2011-09-16 20:21:47 ----A---- C:\Windows\system32\drivers\storport.sys
2011-09-16 20:21:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-09-16 20:20:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-09-16 20:20:41 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-09-12 14:48:56 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2011-09-12 14:48:56 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 21:07:44 ----D---- C:\ProgramData\ATI
2011-09-02 21:07:42 ----D---- C:\Program Files (x86)\AMD APP
2011-09-02 21:07:26 ----D---- C:\ProgramData\AMD
2011-09-02 21:07:25 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2011-09-02 21:05:38 ----D---- C:\ATI
2011-09-02 21:05:01 ----D---- C:\AMD
2011-09-02 20:16:26 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-09-02 20:16:19 ----A---- C:\Windows\system32\drivers\AtiHdmi.sys
2011-09-02 20:15:34 ----A---- C:\Windows\system32\coinst.dll
2011-09-02 10:36:12 ----D---- C:\Users\Michaell\AppData\Roaming\vPacs

======List of files/folders modified in the last 1 month======

2011-09-27 20:11:26 ----D---- C:\Windows\Temp
2011-09-27 20:10:55 ----D---- C:\Program Files
2011-09-27 19:37:34 ----D---- C:\Windows
2011-09-27 19:36:19 ----D---- C:\Users\Michaell\AppData\Roaming\Skype
2011-09-27 19:32:37 ----D---- C:\Windows\Prefetch
2011-09-27 19:32:35 ----D---- C:\Windows\SysWOW64
2011-09-27 17:42:02 ----D---- C:\Windows\system32\config
2011-09-25 21:30:31 ----D---- C:\Windows\System32
2011-09-25 21:30:13 ----SHD---- C:\System Volume Information
2011-09-25 21:22:08 ----D---- C:\Windows\system32\NDF
2011-09-25 21:00:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-25 01:34:15 ----D---- C:\Windows\rescache
2011-09-21 20:38:02 ----D---- C:\Windows\Logs
2011-09-19 19:15:55 ----SHD---- C:\Windows\Installer
2011-09-19 19:06:32 ----D---- C:\Windows\inf
2011-09-19 19:06:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-19 07:36:58 ----RSD---- C:\Windows\assembly
2011-09-18 18:55:39 ----D---- C:\Windows\system32\catroot2
2011-09-17 06:54:51 ----D---- C:\Windows\winsxs
2011-09-16 21:47:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-09-16 21:47:32 ----D---- C:\Windows\system32\DriverStore
2011-09-16 21:47:32 ----D---- C:\Windows\system32\drivers
2011-09-16 21:47:32 ----D---- C:\Windows\system32\cs-CZ
2011-09-16 20:23:40 ----D---- C:\Windows\system32\catroot
2011-09-06 22:45:29 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-09-06 22:45:17 ----A---- C:\Windows\system32\aswBoot.exe
2011-09-03 11:33:59 ----D---- C:\ProgramData\Microsoft Help
2011-09-02 21:41:58 ----D---- C:\Users\Michaell\AppData\Roaming\uTorrent
2011-09-02 21:07:44 ----HD---- C:\ProgramData
2011-09-02 21:07:42 ----RD---- C:\Program Files (x86)
2011-09-02 21:07:39 ----D---- C:\Program Files (x86)\Common Files
2011-09-02 21:07:30 ----D---- C:\Program Files\ATI Technologies
2011-09-02 21:07:24 ----D---- C:\Program Files (x86)\ATI Technologies
2011-09-02 20:16:26 ----D---- C:\Program Files\Common Files
2011-09-02 20:14:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-02 15:44:51 ----D---- C:\Windows\system32\LogFiles
2011-09-02 08:33:47 ----D---- C:\Stažené soubory
2011-08-29 11:04:09 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-21 51600]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 40648]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2010-07-21 23952]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-30 834544]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
S2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-12-26 13520]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
S3 AODDriver2;AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-23 33184]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2011-07-20 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2011-07-20 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2011-07-20 161280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-23 21328]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
S2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
S2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-25 66872]
S2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-01-25 103736]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-20 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 FAH-01;Folding Service #01; C:\Program Files (x86)\Folding@Home #01\Folding@Home #01\FAH-Console.exe [2008-06-30 253952]
S4 FAH-02;Folding Service #02; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [2008-06-30 253952]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 357456]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]

-----------------EOF-----------------

[vyosek]

Odinstalujte Advanced SystemCare 4 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Taktez odinstalujte Search Settings a Application Updater - je to havet, pokud nepujde, tak ji vezmeme nasledne nasilne nejakou utilitou

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[michaelgelo]

Moc děkuji dnes na to nemám čas,ale snad zítra to vyzkouším a dám vědět co a jak. Snad to pomůže.
Co mám používat místo Advanced a Iobit, Superantifree?
Děkuji.

[vyosek]

Misto kramu od IOBitu staci CCleaner+Deffragler a na ochranu treba zmineny SuperAntiSpyware

Pak tedy sem dejte log z ComboFixu...

[michaelgelo]

Tak jsem to všechno udělal, ale vyběhlo mi okno z configu, že se pokouší něco změnit a pokud jsem okno nezrušil, tak combofix nepokračoval.
Tady je log:

ComboFix 11-09-28.01 - Michaell 29.09.2011 10:52:12.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2685 [GMT 2:00]
Spuštěný z: z:\programy\ListiŔ PC\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-29 )))))))))))))))))))))))))))))))
.
.
2011-09-29 08:55 . 2011-09-29 08:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-27 18:10 . 2011-09-27 18:37 -------- d-----w- c:\program files\trend micro
2011-09-27 18:10 . 2011-09-27 18:11 -------- d-----w- C:\rsit
2011-09-27 17:32 . 2011-09-27 17:32 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-16 18:21 . 2011-09-16 18:21 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 2566144 ----a-w- c:\windows\system32\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-09-16 18:21 . 2011-09-16 18:21 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-16 18:21 . 2011-09-16 18:21 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-09-16 18:21 . 2011-09-16 18:21 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-09-16 18:21 . 2011-09-16 18:21 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-09-16 18:21 . 2011-09-16 18:21 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-09-16 18:21 . 2011-09-16 18:21 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-09-16 18:20 . 2011-09-16 18:20 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-16 18:20 . 2011-09-16 18:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-16 18:20 . 2011-09-16 18:20 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-16 18:20 . 2011-09-16 18:20 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-16 18:20 . 2011-09-16 18:20 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-16 18:20 . 2011-09-16 18:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-16 18:20 . 2011-09-16 18:20 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-12 12:48 . 2011-08-19 14:33 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-09-12 12:48 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\users\Michaell\AppData\Local\AMD
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\ATI
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\AMD APP
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\AMD
2011-09-02 19:07 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\ATI
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\AMD
2011-09-02 18:16 . 2011-09-02 18:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-09-02 18:16 . 2010-01-28 14:33 116736 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2011-09-02 18:15 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-02 08:36 . 2011-09-02 08:36 -------- d-----w- c:\users\Michaell\AppData\Roaming\vPacs
2011-08-31 18:28 . 2011-08-31 19:17 -------- d-----w- c:\users\Michaell\AppData\Local\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 20:45 . 2011-07-21 16:01 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-12-29 16:19 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-07-21 16:01 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-21 16:01 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2010-12-29 16:19 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-12-29 16:19 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-12-29 16:19 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-12-29 16:19 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-12-29 16:19 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-24 18:19 . 2011-08-24 18:19 56320 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 18:18 . 2011-08-24 18:18 13601280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-08-24 18:17 . 2011-08-24 18:17 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-21 07:28 . 2011-08-21 07:28 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-21 07:28 . 2011-08-21 07:28 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-21 07:27 . 2011-08-21 07:27 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2011-08-21 07:27 . 2011-08-21 07:27 212992 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\system32\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 338432 ----a-w- c:\windows\system32\conhost.exe
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-08-21 07:27 . 2011-08-21 07:27 243200 ----a-w- c:\windows\system32\wow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-08-21 07:27 . 2011-08-21 07:27 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-21 07:27 . 2011-08-21 07:27 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-08-21 07:26 . 2011-08-21 07:26 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-21 07:26 . 2011-08-21 07:26 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 482816 ----a-w- c:\windows\system32\html.iec
2011-08-21 07:26 . 2011-08-21 07:26 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 386048 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_08.09.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-09-29 08:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:14 . 2011-09-29 08:12 42220 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-09-29 08:45 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-09-29 07:32 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-29 15:03 . 2011-09-29 08:45 13428 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3430405340-3532546218-2775073428-1001_UserData.bin
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-09-29 08:09 . 2011-09-29 08:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-29 08:56 . 2011-09-29 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-09-29 08:47 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-09-29 08:47 625676 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 625676 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-09-29 08:47 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 104214 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-09-29 08:47 119794 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 119794 c:\windows\system32\perfc005.dat
+ 2011-08-19 20:20 . 2011-09-29 08:55 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-08-19 20:20 . 2011-09-29 08:08 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-09-29 08:08 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-09-29 08:55 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R4 FAH-01;Folding Service 01;c:\program files (x86)\Folding@Home 01\Folding@Home 01\FAH-Console.exe [2008-06-30 253952]
R4 FAH-02;Folding Service 02;c:\program files (x86)\Folding@Home 01\Folding@Home 02\FAH-Console.exe [2008-06-30 253952]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3430405340-3532546218-2775073428-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e6,61,fa,4d,54,cb,46,6b,fb,9b,32,35,2f,e3,04,f4,e0,56,27,e5,17,64,8a,
8f,b4,3c,96,ba,dc,a2,72,41,39,c5,4f,b9,07,ed,95,8f,92,7d,9b,c7,78,3d,a4,17,\
"??"=hex:a7,cd,f1,b2,16,62,c6,b0,e3,e5,b7,ab,c6,03,4e,55
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2011-09-29 10:59:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-29 08:58
ComboFix2.txt 2011-09-29 08:12
.
Před spuštěním: Volných bajtů: 93 123 133 440
Po spuštění: Volných bajtů: 93 021 618 176
.
- - End Of File - - A749BB71A5C0E24AD6C3DDC02ABADD7B

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegNull::
  [HKEY_USERS\S-1-5-21-3430405340-3532546218-2775073428-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  Firefox::
  FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
  FF - prefs.js: browser.search.selectedEngine - Yahoo
  FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =685749&p=
  FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "Skype"=-
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[michaelgelo]

Ta se mi konečně vše podařilo, ale problem stále trvá. Samé ééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééé....

A takhle do nekonečna, pokud to nezastavím.
Tady je log.

ComboFix 11-09-28.01 - Michaell 29.09.2011 20:20:10.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2787 [GMT 2:00]
Spuštěný z: z:\programy\ListiŔ PC\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michaell\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-29 )))))))))))))))))))))))))))))))
.
.
2011-09-29 18:23 . 2011-09-29 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-29 09:43 . 2011-09-29 09:43 -------- d-----w- c:\users\Michaell\AppData\Roaming\SUPERAntiSpyware.com
2011-09-29 09:43 . 2011-09-29 09:43 -------- d-----w- c:\programdata\!SASCORE
2011-09-27 18:10 . 2011-09-27 18:37 -------- d-----w- c:\program files\trend micro
2011-09-27 18:10 . 2011-09-27 18:11 -------- d-----w- C:\rsit
2011-09-27 17:32 . 2011-09-27 17:32 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-16 18:21 . 2011-09-16 18:21 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 2566144 ----a-w- c:\windows\system32\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-09-16 18:21 . 2011-09-16 18:21 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-16 18:21 . 2011-09-16 18:21 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-09-16 18:21 . 2011-09-16 18:21 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-09-16 18:21 . 2011-09-16 18:21 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-09-16 18:21 . 2011-09-16 18:21 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-09-16 18:21 . 2011-09-16 18:21 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-09-16 18:20 . 2011-09-16 18:20 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-16 18:20 . 2011-09-16 18:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-16 18:20 . 2011-09-16 18:20 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-16 18:20 . 2011-09-16 18:20 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-16 18:20 . 2011-09-16 18:20 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-16 18:20 . 2011-09-16 18:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-16 18:20 . 2011-09-16 18:20 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-12 12:48 . 2011-08-19 14:33 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-09-12 12:48 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\users\Michaell\AppData\Local\AMD
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\ATI
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\AMD APP
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\AMD
2011-09-02 19:07 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\ATI
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\AMD
2011-09-02 18:16 . 2011-09-02 18:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-09-02 18:16 . 2010-01-28 14:33 116736 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2011-09-02 18:15 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-02 08:36 . 2011-09-02 08:36 -------- d-----w- c:\users\Michaell\AppData\Roaming\vPacs
2011-08-31 18:28 . 2011-08-31 19:17 -------- d-----w- c:\users\Michaell\AppData\Local\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 20:45 . 2011-07-21 16:01 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-12-29 16:19 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-07-21 16:01 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-21 16:01 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2010-12-29 16:19 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-12-29 16:19 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-12-29 16:19 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-12-29 16:19 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-12-29 16:19 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-24 18:19 . 2011-08-24 18:19 56320 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 18:18 . 2011-08-24 18:18 13601280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-08-24 18:17 . 2011-08-24 18:17 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-21 07:28 . 2011-08-21 07:28 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-21 07:28 . 2011-08-21 07:28 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-21 07:27 . 2011-08-21 07:27 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2011-08-21 07:27 . 2011-08-21 07:27 212992 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\system32\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 338432 ----a-w- c:\windows\system32\conhost.exe
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-08-21 07:27 . 2011-08-21 07:27 243200 ----a-w- c:\windows\system32\wow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-08-21 07:27 . 2011-08-21 07:27 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-21 07:27 . 2011-08-21 07:27 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-08-21 07:26 . 2011-08-21 07:26 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-21 07:26 . 2011-08-21 07:26 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 482816 ----a-w- c:\windows\system32\html.iec
2011-08-21 07:26 . 2011-08-21 07:26 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 386048 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_08.09.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-09-29 18:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 18:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 18:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:14 . 2011-09-29 18:06 42734 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-09-29 18:06 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-09-29 07:32 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-29 15:03 . 2011-09-29 18:06 13428 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3430405340-3532546218-2775073428-1001_UserData.bin
- 2010-12-29 14:59 . 2011-09-29 07:36 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 14:59 . 2011-09-29 17:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 14:59 . 2011-09-29 17:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 14:59 . 2011-09-29 07:36 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 07:36 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 17:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-09-29 08:09 . 2011-09-29 08:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-29 18:24 . 2011-09-29 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-09-29 11:13 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-09-29 11:13 625676 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 625676 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-09-29 11:13 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 119794 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-09-29 11:13 119794 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:12 . 2011-09-29 17:50 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-09-29 07:36 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-08-19 20:20 . 2011-09-29 18:23 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-08-19 20:20 . 2011-09-29 08:08 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-09-29 08:08 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-09-29 18:23 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FAH-01;Folding Service 01;c:\program files (x86)\Folding@Home 01\Folding@Home 01\FAH-Console.exe [2008-06-30 253952]
R4 FAH-02;Folding Service 02;c:\program files (x86)\Folding@Home 01\Folding@Home 02\FAH-Console.exe [2008-06-30 253952]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-09-29 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2011-09-29 20:27:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-29 18:27
ComboFix2.txt 2011-09-29 08:59
ComboFix3.txt 2011-09-29 08:12
.
Před spuštěním: Volných bajtů: 92 782 370 816
Po spuštění: Volných bajtů: 92 702 601 216
.
- - End Of File - - 8730BE9A2DABE85CCBA62DBB278FF80F

[vyosek]

A co vyzkouset druhou klavesnici, ci neni chyba v teto

[michaelgelo]

Bohužel to nedělá klávesnice mám to odzkoušeno, když to začne dělat tak mi klávesa nefunguje na mačkání, ale pochvilce se zas ééééééééééé objevý znovu.
Asi toí mám nějak zakletý, protože u druhého počítače to dělá taky.
Dětska lítaj po netu a koukaj na youtube a hraní hry.
Zatím díky za všechno.

[vyosek]

A zkousel jste jinou klavesnici, pripadne si ji vypujcete od nekoho at urcite vyloucime jejich chybu...

[michaelgelo]

Tak jsem zkoušel jinou klávesnici a dělalo to stejně. Parkrát jsem udělal combofix a dnes to zatím nic neudělalo, musím zaklepat. Zajmavý je, že když to dělá , tak klávesa é mi nefunguje na zmačknutí a samo se spustí ééééééééééééééé.
No tak nevím snad to bude už o.k. Zatím díky.