zpomalení systému po připojení nb k síti a internetu

[Breza]

systém se extrémně zpomalí po připojení k síti..začne hrabat a je prakticky nepoužitelný.. pokud nespadne, tak cca po hodinc e začne fungovat úplně v pohodě tak 4 hodiny a potom se zase začne sekat
_________________________
Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-08-28 10:59:24
Microsoft Windows 7 Home Premium
System drive C: has 380 GB (64%) free of 596 GB
Total RAM: 4092 MB (89% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
ctfmon.exe
"H:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForPetr.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-17 1889856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-12 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-17 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-05-28 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1815848]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-07-22 450048]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-12 171520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-17 842816]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""= []
"GrpConv"=grpconv -o []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-12-12 52272]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-28 10:59:24 ----D---- C:\Program Files\trend micro
2010-08-28 10:59:23 ----D---- C:\rsit
2010-08-28 10:51:53 ----RD---- C:\32788R22FWJFW
2010-08-28 10:51:10 ----A---- C:\Windows\ntbtlog.txt
2010-08-27 19:35:22 ----D---- C:\Windows\Minidump
2010-08-27 18:22:54 ----D---- C:\Program Files (x86)\Google
2010-08-27 18:22:48 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-08-27 18:22:47 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-08-27 18:22:44 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-08-27 18:22:40 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-08-27 18:22:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-08-27 18:21:46 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-08-27 18:21:43 ----D---- C:\ProgramData\Alwil Software
2010-08-27 18:21:43 ----D---- C:\Program Files\Alwil Software
2010-08-25 21:24:38 ----D---- C:\Program Files (x86)\CCleaner
2010-08-25 13:08:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 13:08:04 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-24 21:30:09 ----D---- C:\Program Files (x86)\QIP Infium
2010-08-24 20:48:23 ----D---- C:\ProgramData\Recovery
2010-08-14 01:30:52 ----D---- C:\ProgramData\Blizzard Entertainment
2010-08-11 22:33:01 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 22:33:01 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 22:33:01 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 22:32:58 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 22:32:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 22:32:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 22:32:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 22:32:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 22:32:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 22:32:29 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 22:32:28 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 22:32:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 22:32:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 22:32:26 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 22:32:26 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 22:32:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 22:32:25 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 22:32:25 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 22:32:25 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 22:32:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 22:32:24 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 22:32:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 22:32:24 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 22:32:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 22:32:24 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 22:32:20 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 22:32:19 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 22:32:17 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 22:32:13 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 22:32:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-11 22:32:12 ----A---- C:\Windows\system32\msxml3.dll
2010-08-09 22:56:49 ----D---- C:\Users\Petr\AppData\Roaming\SkypeCap
2010-08-09 22:54:13 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2010-08-09 22:54:13 ----A---- C:\Windows\SYSWOW64\dsetup.dll
2010-08-09 22:45:14 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2010-08-09 22:45:14 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2010-08-09 22:45:14 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2010-08-09 22:45:14 ----A---- C:\Windows\SYSWOW64\MPG4c32.dll
2010-08-09 22:45:14 ----A---- C:\Windows\SYSWOW64\mfc90.dll
2010-08-09 22:45:13 ----D---- C:\Program Files (x86)\Supertintin for Skype
2010-08-03 15:28:54 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 15:28:53 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-07-31 14:45:28 ----D---- C:\Users\Petr\AppData\Roaming\Tific

======List of files/folders modified in the last 1 months======

2010-08-28 10:59:24 ----RD---- C:\Program Files
2010-08-28 10:51:10 ----D---- C:\Windows
2010-08-28 10:11:57 ----D---- C:\Windows\Prefetch
2010-08-28 08:36:08 ----D---- C:\Windows\Temp
2010-08-27 23:18:07 ----D---- C:\Windows\system32\config
2010-08-27 23:08:01 ----RD---- C:\Program Files (x86)
2010-08-27 23:07:14 ----HD---- C:\ProgramData
2010-08-27 23:07:14 ----A---- C:\ProgramData\HPWALog.txt
2010-08-27 22:40:08 ----SHD---- C:\System Volume Information
2010-08-27 18:23:43 ----D---- C:\Windows\System32
2010-08-27 18:23:43 ----D---- C:\Windows\inf
2010-08-27 18:23:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-27 18:23:07 ----SHD---- C:\Windows\Installer
2010-08-27 18:23:03 ----D---- C:\Windows\Tasks
2010-08-27 18:23:03 ----D---- C:\Windows\system32\Tasks
2010-08-27 18:22:48 ----D---- C:\Windows\system32\drivers
2010-08-27 18:22:32 ----D---- C:\Windows\SysWOW64
2010-08-27 08:44:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-27 08:43:48 ----D---- C:\Program Files (x86)\BitLord
2010-08-26 03:17:57 ----D---- C:\Windows\winsxs
2010-08-26 03:00:58 ----D---- C:\Windows\AppPatch
2010-08-25 23:54:01 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2010-08-25 21:26:09 ----D---- C:\Windows\debug
2010-08-25 21:23:53 ----D---- C:\Windows\Logs
2010-08-25 13:07:55 ----D---- C:\Windows\system32\catroot
2010-08-24 21:06:14 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2010-08-24 18:11:46 ----D---- C:\Windows\system32\catroot2
2010-08-23 22:06:12 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2010-08-14 01:45:27 ----D---- C:\Program Files (x86)\Common Files
2010-08-12 03:38:55 ----D---- C:\Windows\Microsoft.NET
2010-08-12 03:38:47 ----RSD---- C:\Windows\assembly
2010-08-12 03:20:02 ----D---- C:\Windows\SYSWOW64\migration
2010-08-12 03:20:02 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:20:02 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-12 03:20:01 ----D---- C:\Windows\system32\migration
2010-08-07 11:21:56 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2010-08-04 20:16:51 ----D---- C:\Windows\system32\NDF
2010-08-03 20:52:33 ----A---- C:\Windows\system32\MRT.exe
2010-07-31 14:34:17 ----D---- C:\Windows\system32\wbem
2010-07-31 14:33:20 ----D---- C:\Windows\system32\wfp
2010-07-31 14:33:20 ----D---- C:\Windows\system32\DriverStore
2010-07-31 14:33:19 ----D---- C:\Users\Petr\AppData\Roaming\Winamp
2010-07-31 14:33:19 ----D---- C:\ProgramData\Norton
2010-07-31 14:33:17 ----D---- C:\Windows\registration
2010-07-30 19:11:54 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1107000.00C\SYMDS64.SYS [2009-08-30 433200]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1107000.00C\SYMEFA64.SYS [2010-04-22 221232]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-15 273456]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-13 834544]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 28752]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 121936]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 51280]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-08-10 945200]
S1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NISx64\1107000.00C\ccHPx64.sys [2010-02-26 615040]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-07-31 475696]
S1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100825.001\IDSvia64.sys [2010-07-06 463408]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1107000.00C\SRTSPX64.SYS [2010-04-22 32304]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1107000.00C\Ironx64.SYS [2010-04-29 150064]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NISx64\1107000.00C\SYMTDIV.SYS [2010-05-06 451120]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 20048]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 61008]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1484800]
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-05 6038016]
S3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-09-17 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-09-17 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-09-17 21160]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-10 132656]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100825.040\ENG64.SYS [2010-07-31 117808]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100825.040\EX64.SYS [2010-07-31 1791536]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1107000.00C\SRTSP64.SYS [2010-04-22 505392]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-07-22 487936]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-07-10 173104]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-05 203264]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
S2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-17 322624]
S2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-27 136176]
S2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-09-24 125440]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
S2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128]
S2 TVCapSvc;TV Background Capture Service (TVBCS); c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-10-06 296360]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1924400]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-06-19 246520]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1255736]

-----------------EOF-----------------

pomožte mi prosím

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Breza]

uz sken probíhá, tak uvidíme jestli to něco nalezne

[Breza]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

28.8.2010 12:40:04
mbam-log-2010-08-28 (12-40-04).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 287869
Uplynulý čas: 37 minuta(y), 33 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Petr\programy\CorelDraw X4\CorelDraw X4 Keygen.exe (Trojan.Agent.CK) -> No action taken.
C:\Users\Petr\programy\Sony Vegas 7 + DVD Architect 4\keygen.exe (Trojan.Downloader) -> No action taken.
C:\Users\Petr\programy\Sony Vegas 7 + DVD Architect 4\DVD Architect 4.0.125\Sony DVD Architect v4.0 Keygen.exe (Trojan.Downloader) -> No action taken.
C:\Users\Petr\programy\Sony Vegas 7 + DVD Architect 4\Vegas 7.0a\Sony Vegas v7.0a Keygen.exe (Trojan.Downloader) -> No action taken.

[Rudy]

Vše, co MBAM nalezl, smažte.

[Breza]

smazáno..po restartu zadna zmena

[Rudy]

OK. Dejte log z Combofix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[Breza]

combofix nelze spustit:

incompatibile Os. Combofix works only for workstations with windows 2000 and XP

[Rudy]

Na Win7 CF běžně funguje. Zkuste to v nouz. režimu. Stáhl jste ho dnes?

[Breza]

stahl jsem to dneska a neni to na 32 bitove verze?

[Rudy]

Ano, je. Přehlédl jsem, že máte 64bit. Zkusíme OTL:

Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.

[Breza]

napsalo mi to cannot create file C:\users...\cmd.bat

[Rudy]

Zkuste to v nouz. režimu.