Prosím o pomoct problem se spywarem Doubleclick

[callvary]

Dobrý den,

potřeboval bych nutně pomoct, protože sám si už nevím rady a očivedně tenhle spyware mi dost vadí při práci. Nechal jsem projel počítač Spybotem a jak jsme čekal našel mi spyware ktery se nazývá double-click nebo tak nějak přesný nazev už si nepamatuji. Bohužel problem pretrval a mam pocit, že spyware tu pořád je zkusil jsem znova kontroly i v nouzevém režimu a i programem který se nazývá SUPERAntiSpyware Professional. Pořád blbne double clik na myši.. smazal jsem i cookis a historii atd přes CCleaner a problem stalé přetrvává prosím poraďte a to urgentně. Předem Díky

[Rudy]

Zdravím!
Poprosím o log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

[callvary]

Dobry den,

Mam celkem zasadni problem v pocitaci jsme mel spaywere doubleclick a po odstraneni mi stale blbe doblou click na mysi.. Projizdil jsem to programy Spybot a SUperAntiwarespaywer prof a to i v nouzem rezimu a problem stale pretrvava. Dokoncem jsme pouzil i CCleaner. Prosim poradte a to urgentne zrzuje me to u prace. Predem diky. a omlouvam se ze v minulem topicu nebyl log..
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tykev at 2012-05-08 19:28:18
Microsoft Windows 7 Ultimate
System drive C: has 34 GB (57%) free of 60 GB
Total RAM: 3326 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:45, on 8.5.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\DisplayFusion\DisplayFusion.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Edimax\Common\RaUI.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\taskhost.exe
C:\Users\Tykev\Downloads\RSIT.exe
C:\Program Files\trend micro\Tykev.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Samsung Multimedia Keyboard.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\Edimax\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Edimax\Common\RaRegistry.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6695 bytes

======Scheduled tasks folder======

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 0395cbc7-10de-452d-a242-c1936816ddd7.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task aaca9135-f2bb-4430-8bb6-1c3d7f9a1c73.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tykev\AppData\Roaming\Mozilla\Firefox\Profiles\cq2pstn4.default

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.2.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-04-20 936528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-04-13 1390672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2011-11-08 59272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-09-30 252296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"HTC Sync Loader"=C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-06-21 593920]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-04-05 2587008]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DisplayFusion"=C:\Program Files\DisplayFusion\DisplayFusion.exe [2008-10-26 587952]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-05-01 3905920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Samsung Multimedia Keyboard.lnk - C:\Program Files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
Wireless Utility.lnk - C:\Program Files\Edimax\Common\RaUI.exe

C:\Users\Tykev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34497023.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92936882.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\34497023.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\92936882.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-05-08 19:19:36 ----D---- C:\rsit
2012-05-08 19:19:36 ----D---- C:\Program Files\trend micro
2012-05-07 19:39:20 ----A---- C:\Windows\ntbtlog.txt
2012-05-07 18:39:40 ----A---- C:\TDSSKiller.2.7.28.0_07.05.2012_18.39.40_log.txt
2012-05-07 15:17:07 ----D---- C:\Users\Tykev\AppData\Roaming\SUPERAntiSpyware.com
2012-05-07 15:16:42 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-05-07 15:16:42 ----D---- C:\Program Files\SUPERAntiSpyware
2012-05-04 13:07:41 ----A---- C:\TDSSKiller.2.7.28.0_04.05.2012_13.07.41_log.txt
2012-05-03 12:46:47 ----AH---- C:\Windows\system32\hamachi.sys
2012-05-03 12:46:42 ----D---- C:\Program Files\LogMeIn Hamachi
2012-05-03 12:14:46 ----D---- C:\Users\Tykev\AppData\Roaming\AVG2012
2012-05-03 12:13:46 ----HD---- C:\$AVG
2012-05-03 12:13:45 ----D---- C:\Windows\system32\drivers\AVG
2012-05-03 12:13:45 ----D---- C:\ProgramData\AVG2012
2012-05-03 12:13:20 ----D---- C:\Program Files\AVG
2012-05-02 15:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-05-02 15:44:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-05-02 15:30:34 ----A---- C:\TDSSKiller.2.7.28.0_02.05.2012_15.30.34_log.txt
2012-05-02 14:21:39 ----A---- C:\TDSSKiller.2.7.28.0_02.05.2012_14.21.39_log.txt
2012-04-29 13:36:57 ----A---- C:\TDSSKiller.2.7.28.0_29.04.2012_13.36.57_log.txt
2012-04-29 13:12:31 ----D---- C:\TDSSKiller_Quarantine
2012-04-29 13:11:13 ----A---- C:\TDSSKiller.2.7.28.0_29.04.2012_13.11.13_log.txt
2012-04-29 13:10:57 ----A---- C:\TDSSKiller.2.7.28.0_29.04.2012_13.10.57_log.txt
2012-04-22 23:45:50 ----D---- C:\Users\Tykev\AppData\Roaming\Mirillis
2012-04-22 23:45:50 ----D---- C:\ProgramData\Mirillis
2012-04-19 04:50:26 ----A---- C:\Windows\system32\drivers\avgidshx.sys
2012-04-15 17:36:55 ----D---- C:\Users\Tykev\AppData\Roaming\SMRecorder
2012-04-12 20:22:29 ----A---- C:\TDSSKiller.2.7.28.0_12.04.2012_20.22.29_log.txt
2012-04-12 18:44:47 ----D---- C:\ProgramData\Kaspersky Lab
2012-04-12 18:37:19 ----A---- C:\TDSSKiller.2.7.28.0_12.04.2012_18.37.19_log.txt
2012-04-12 14:51:20 ----D---- C:\Users\Tykev\AppData\Roaming\Malwarebytes
2012-04-12 14:50:50 ----D---- C:\ProgramData\Malwarebytes
2012-04-12 14:33:27 ----D---- C:\Program Files\GridinSoft Trojan Killer
2012-04-12 14:08:39 ----D---- C:\sh4ldr
2012-04-12 14:08:39 ----D---- C:\Program Files\Enigma Software Group
2012-04-12 14:08:16 ----D---- C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-12 14:08:15 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-12 13:31:52 ----HD---- C:\ProgramData\Common Files
2012-04-12 13:31:17 ----D---- C:\ProgramData\MFAData
2012-04-12 13:05:03 ----D---- C:\ProgramData\F4D55F3E000192B7000C9BC7A6014588

======List of files/folders modified in the last 1 month======

2012-05-08 19:28:32 ----D---- C:\Windows\Temp
2012-05-08 19:27:54 ----D---- C:\Windows\Prefetch
2012-05-08 19:19:36 ----RD---- C:\Program Files
2012-05-08 10:25:09 ----D---- C:\Windows\System32
2012-05-08 10:25:09 ----D---- C:\Windows\inf
2012-05-08 10:25:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-08 10:18:51 ----D---- C:\Windows
2012-05-07 18:39:50 ----D---- C:\Windows\system32\drivers
2012-05-07 15:17:11 ----D---- C:\Windows\Tasks
2012-05-07 15:17:11 ----D---- C:\Windows\system32\Tasks
2012-05-07 15:17:07 ----HD---- C:\ProgramData
2012-05-04 13:19:33 ----SHD---- C:\Windows\Installer
2012-05-03 17:37:05 ----D---- C:\Windows\system32\config
2012-05-03 12:13:56 ----D---- C:\Windows\system32\catroot
2012-05-03 12:13:55 ----D---- C:\Windows\system32\DriverStore
2012-05-03 12:13:31 ----SHD---- C:\System Volume Information
2012-05-02 17:30:04 ----D---- C:\Windows\system32\drivers\etc
2012-05-01 12:41:51 ----D---- C:\Users\Tykev\AppData\Roaming\Skype
2012-04-29 12:56:40 ----D---- C:\Windows\system32\NDF
2012-04-28 12:09:39 ----D---- C:\Users\Tykev\AppData\Roaming\HLSW
2012-04-27 20:04:42 ----D---- C:\Windows\system32\catroot2
2012-04-27 18:50:43 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-04-22 23:44:46 ----D---- C:\Windows\winsxs
2012-04-19 20:36:23 ----D---- C:\Users\Tykev\AppData\Roaming\vlc
2012-04-15 17:17:14 ----D---- C:\Users\Tykev\AppData\Roaming\FileZilla
2012-04-14 14:14:57 ----D---- C:\Users\Tykev\AppData\Roaming\TS3Client
2012-04-12 18:33:40 ----D---- C:\Users\Tykev\AppData\Roaming\Media Player Classic
2012-04-12 18:32:21 ----D---- C:\Program Files\CCleaner
2012-04-12 17:42:20 ----D---- C:\Windows\schemas
2012-04-12 14:08:15 ----D---- C:\Program Files\Common Files
2012-04-12 13:40:23 ----SD---- C:\ProgramData\Microsoft
2012-04-10 13:39:05 ----D---- C:\ProgramData\PMB Files
2012-04-10 10:24:50 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-03-19 301248]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2007-10-12 41752]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2009-05-01 495768]
R3 rt61x86;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr61.sys [2009-10-16 369664]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-03-23 2321520]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-04-30 5106744]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-12-05 75136]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Edimax\Common\RaRegistry.exe [2009-10-06 185632]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------


//EDIT vyosek: Temata sloucena do jednoho

[Rudy]

Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[callvary]

ComboFix 12-05-08.02 - Tykev 08.05.2012 19:57:15.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3326.2357 [GMT 2:00]
Spuštěný z: c:\users\Tykev\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-08 do 2012-05-08 )))))))))))))))))))))))))))))))
.
.
2012-05-08 18:04 . 2012-05-08 18:04 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05210FCC-98D4-4E73-81DC-3A791622AFB7}\offreg.dll
2012-05-08 18:01 . 2012-05-08 18:05 -------- d-----w- c:\users\Tykev\AppData\Local\temp
2012-05-08 18:01 . 2012-05-08 18:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-08 17:19 . 2012-05-08 17:28 -------- d-----w- c:\program files\trend micro
2012-05-08 17:19 . 2012-05-08 17:20 -------- d-----w- C:\rsit
2012-05-07 13:17 . 2012-05-07 13:17 -------- d-----w- c:\users\Tykev\AppData\Roaming\SUPERAntiSpyware.com
2012-05-07 13:16 . 2012-05-07 13:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-05-07 13:16 . 2012-05-07 13:16 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-05-03 10:46 . 2009-03-18 14:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2012-05-03 10:46 . 2012-05-03 10:46 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-05-03 10:14 . 2012-05-03 10:14 -------- d-----w- c:\users\Tykev\AppData\Roaming\AVG2012
2012-05-03 10:13 . 2012-05-03 10:13 -------- d-----w- C:\$AVG
2012-05-03 10:13 . 2012-05-08 16:48 -------- d-----w- c:\windows\system32\drivers\AVG
2012-05-03 10:13 . 2012-05-03 10:59 -------- d-----w- c:\programdata\AVG2012
2012-05-03 10:13 . 2012-05-03 10:13 -------- d-----w- c:\program files\AVG
2012-05-02 13:44 . 2012-05-07 17:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-02 13:44 . 2012-05-02 13:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-04-29 12:54 . 2012-04-29 12:54 -------- d-----w- c:\users\Tykev\AppData\Local\Google
2012-04-29 11:12 . 2012-04-29 11:37 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-29 10:56 . 2012-04-29 10:56 -------- d-----w- c:\users\Tykev\AppData\Local\Diagnostics
2012-04-22 21:45 . 2012-04-22 21:46 -------- d-----w- c:\users\Tykev\AppData\Local\Mirillis
2012-04-22 21:45 . 2012-04-22 21:45 -------- d-----w- c:\users\Tykev\AppData\Roaming\Mirillis
2012-04-22 21:45 . 2012-04-22 21:45 -------- d-----w- c:\programdata\Mirillis
2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-04-15 15:36 . 2012-04-15 15:36 -------- d-----w- c:\users\Tykev\AppData\Roaming\SMRecorder
2012-04-12 16:44 . 2012-04-12 16:44 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-12 12:51 . 2012-04-12 12:51 -------- d-----w- c:\users\Tykev\AppData\Roaming\Malwarebytes
2012-04-12 12:50 . 2012-04-12 12:50 -------- d-----w- c:\programdata\Malwarebytes
2012-04-12 12:33 . 2012-04-12 18:27 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2012-04-12 12:08 . 2012-04-12 15:45 -------- d-----w- C:\sh4ldr
2012-04-12 12:08 . 2012-04-12 12:08 -------- d-----w- c:\program files\Enigma Software Group
2012-04-12 12:08 . 2012-04-12 15:45 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-12 12:08 . 2012-04-12 12:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-04-12 11:31 . 2012-04-12 11:31 -------- d--h--w- c:\programdata\Common Files
2012-04-12 11:31 . 2012-05-08 12:49 -------- d-----w- c:\programdata\MFAData
2012-04-12 11:05 . 2012-04-12 15:41 -------- d-----w- c:\programdata\F4D55F3E000192B7000C9BC7A6014588
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-27 16:50 . 2011-12-05 14:18 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-04-27 16:50 . 2011-12-05 15:01 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-04-27 16:50 . 2011-12-05 14:18 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-04-27 16:34 . 2011-12-05 14:18 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-03-19 03:17 . 2012-03-19 03:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-02-24 06:57 . 2012-03-01 21:01 545 ----a-w- c:\windows\UC.PIF
2012-02-24 06:57 . 2012-03-01 21:01 545 ----a-w- c:\windows\RAR.PIF
2012-02-24 06:57 . 2012-03-01 21:01 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-24 06:57 . 2012-03-01 21:01 545 ----a-w- c:\windows\LHA.PIF
2012-02-24 06:57 . 2012-03-01 21:01 545 ----a-w- c:\windows\ARJ.PIF
2012-02-22 03:25 . 2012-02-22 03:25 235216 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-02-21 12:17 . 2012-02-21 12:17 92910 ----a-w- c:\windows\Scan to PDF Uninstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2008-10-26 587952]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-05-01 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-06-21 593920]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
.
c:\users\Tykev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Multimedia Keyboard.lnk - c:\program files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe [2011-12-18 585728]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]
Wireless Utility.lnk - c:\program files\Edimax\Common\RaUI.exe [2011-12-5 1617920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 15:38 1987976 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2012-03-23 2321520]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2012-04-30 5106744]
R2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2011-05-22 47968]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2012-03-19 301248]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr61.sys [2009-10-16 369664]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0395cbc7-10de-452d-a242-c1936816ddd7.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-05-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task aaca9135-f2bb-4430-8bb6-1c3d7f9a1c73.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\AVG\AVG2012\avgdtiex.dll
FF - ProfilePath - c:\users\Tykev\AppData\Roaming\Mozilla\Firefox\Profiles\cq2pstn4.default\
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-34497023.sys
SafeBoot-92936882.sys
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Edimax\Common\RaRegistry.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\AVG\AVG2012\avgcfgex.exe
c:\windows\system32\taskhost.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-05-08 20:08:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-08 18:08
.
Před spuštěním: Volných bajtů: 36 834 566 144
Po spuštění: Volných bajtů: 36 593 717 248
.
- - End Of File - - 56A4694B946C6849623579AA26166CBC

[Rudy]

Několik položek CF smazal. Nastala nějaká změna?

[callvary]

Mozilla firexo se me tazala jestli ma byt zkontrolovana jako vychozi prohlizec a neslo mi pripojit se k wifi msuel jsem restart pc jinak problem s doubleclickem stale pretrvava

[callvary]

ba naopak bych jeste rekl ze to je horsi nez predtim pri tom scroll i left click funguji normalne

[Rudy]

Mozilla firexo se me tazala jestli ma byt zkontrolovana jako vychozi prohlizec a neslo mi pripojit se k wifi msuel jsem restart pc jinak problem s doubleclickem stale pretrvava

Toto je normální. CF nastavuje systém do defaultu. Zkuste na to pustit Ad-Aware: http://www.stahuj.centrum.cz/utility_a_ ... e/adaware/ . V logu již nevidím nic nebezpečného.

[callvary]

Tak jsem nechal projet PC přes Ad-Aware Pro. Nechal jsem udělat full scan. Tvrvalo to 02:31:16 a nic nenašel a problém stále přetrváva. Tak co teď

[cernohous13]

Rudy promine

ba naopak bych jeste rekl ze to je horsi nez predtim pri tom scroll i left click funguji normalne

- můžeš přesněji popsat problém?
- zkusil jsi jinou myš?
- nejedná se náhodou o nastavení myši?

[callvary]

Mno asi si an to kápl. Nejdřív jsem zkusil myš zapojit do jiného portu to nepomohlo ale pak jsem v ovladacích panelech přepl tlačítka jako pravé a levé a nastavil včechno co se dalo na default. Zatím to vypadá bez problemu. Kdyby něco zase se ozvu Jdu to otestovat v čem mě napdne a když to bude ok tak Vám mockrát děkuji Pánové. Je možnos tjak bych se vám mohl odvěčit ? Popřípadě méte radu jak se víc pohybovat ve věcech ohledně logů apod. ? Abych se i já v tomhle mohl vyznat ? Co je tak za potřebí ? Studuji už 3.rokem IT a zrovne tohle je oblast ve, které nemám zatíkm moc zkušenosti ale většinou sjem si zatím dokázal poradit.

[callvary]

Hmm tak pořád to blbe.. Třebas když označuji text tak se první slovo neoznačí a označí se až druhé. Nebo když označuji dlouhý text tak to po chvili přestane označovat a chce se to označené vložit tak jako když anto 2x kliknete.. Je to lepší ale pořád to blbne

[callvary]

Nebo když klikám na jednotlive složky.. Pro otevření musíte dvákrat kliknout na tu složku. Ja na ni kliknu jednou a uz se otevrene ale ne u kazde trebas kliknu na dve normalne a ta treti se otevre pak. To stejne s programy nebo tlacitkem z5 u firefoxu klinu jednu na sipku zpet a udela to jak kdybych klikl dvakrat tkaze se vrati o dve stanky zpet. Lip to popsat asi nezvladnu

[JaRon]

myslim, ze kolega to spravne smeroval >> na mys
1. skus odstranit ovladac mysi + restart
2. ak sa to neopravi, skus INU mys - najlepsie by bolo s inym konektorom USB/PS2