AVG Internet security

Zpráva

Monte · #16 Příspěvek od **Monte** » 18 úno 2011 22:18

======List of files/folders modified in the last 1 months======

2011-02-18 22:12:56 ----D---- C:\Windows\Temp
2011-02-18 22:12:52 ----RD---- C:\Program Files
2011-02-18 22:00:06 ----D---- C:\Windows\System32
2011-02-18 22:00:06 ----D---- C:\Windows\inf
2011-02-18 22:00:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-18 21:15:25 ----D---- C:\Windows\Microsoft.NET
2011-02-18 20:12:25 ----D---- C:\Windows\system32\config
2011-02-18 20:04:29 ----D---- C:\Windows
2011-02-18 20:01:31 ----D---- C:\Windows\Registration
2011-02-18 20:01:11 ----D---- C:\Windows\SysWOW64
2011-02-18 20:00:56 ----D---- C:\Program Files (x86)\Internet Explorer
2011-02-18 20:00:23 ----D---- C:\Windows\winsxs
2011-02-18 19:58:46 ----RSD---- C:\Windows\assembly
2011-02-18 18:24:14 ----HD---- C:\ProgramData
2011-02-18 18:24:09 ----RD---- C:\Program Files (x86)
2011-02-18 18:17:43 ----D---- C:\Windows\SYSWOW64\en-US
2011-02-18 18:17:43 ----D---- C:\Windows\system32\en-US
2011-02-18 18:05:51 ----D---- C:\Windows\system32\drivers
2011-02-18 08:21:41 ----SD---- C:\ProgramData\Microsoft
2011-02-18 08:19:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-02-18 08:17:06 ----D---- C:\Program Files (x86)\Common Files
2011-02-18 08:16:25 ----D---- C:\Windows\system32\catroot2
2011-02-18 08:16:25 ----D---- C:\Windows\system32\catroot
2011-02-18 08:06:43 ----D---- C:\Program Files\Internet Explorer
2011-02-17 17:36:01 ----D---- C:\Windows\Tasks
2011-02-17 17:36:01 ----D---- C:\Windows\system32\Tasks
2011-02-17 17:32:39 ----D---- C:\Windows\SYSWOW64\drivers
2011-02-17 17:32:04 ----D---- C:\Windows\system32\DriverStore
2011-02-12 15:04:54 ----D---- C:\Windows\system32\NDF
2011-02-12 13:16:38 ----RD---- C:\Users
2011-02-12 13:12:41 ----D---- C:\Windows\system32\drivers\etc
2011-02-12 11:37:42 ----HD---- C:\Windows\system32\GroupPolicy
2011-02-08 12:24:57 ----D---- C:\Windows\rescache
2011-02-08 12:24:11 ----D---- C:\Windows\Logs
2011-02-07 20:52:19 ----D---- C:\Windows\system32\LogFiles
2011-02-07 20:27:21 ----D---- C:\Windows\system32\wdi
2011-02-07 19:18:23 ----D---- C:\Windows\system32\drivers\UMDF
2011-02-07 18:57:19 ----D---- C:\Program Files\Windows Mail
2011-02-07 18:57:19 ----D---- C:\Program Files (x86)\Windows Mail
2011-02-07 18:40:11 ----D---- C:\Windows\ShellNew
2011-02-07 18:23:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-02-07 18:23:55 ----D---- C:\Windows\system32\cs-CZ
2011-02-07 18:23:55 ----D---- C:\Windows\ehome
2011-02-07 18:23:52 ----D---- C:\Windows\AppPatch
2011-02-07 18:23:47 ----D---- C:\Windows\SYSWOW64\migration
2011-02-07 18:23:47 ----D---- C:\Program Files\Windows Media Player
2011-02-07 18:23:47 ----D---- C:\Program Files (x86)\Windows Media Player
2011-02-07 18:23:46 ----D---- C:\Windows\system32\migration
2011-02-07 18:19:30 ----D---- C:\Windows\debug
2011-02-07 18:01:12 ----D---- C:\Program Files\Common Files
2011-02-07 17:37:30 ----D---- C:\Windows\Downloaded Program Files
2011-02-07 17:35:05 ----D---- C:\Windows\system
2011-02-07 16:58:17 ----D---- C:\Windows\system32\CodeIntegrity
2011-02-07 16:52:25 ----D---- C:\Windows\system32\restore
2011-02-07 16:48:45 ----SHD---- C:\$Recycle.Bin
2011-02-07 16:47:15 ----D---- C:\Program Files\Windows NT
2011-02-07 16:36:53 ----D---- C:\Windows\system32\sysprep
2011-02-07 16:34:28 ----D---- C:\Windows\CSC
2011-02-07 16:32:33 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-07 871408]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 29264]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 273488]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 51792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 20560]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 38960]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2009-10-22 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2009-10-22 68144]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 32816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 cmudaxp;ASUS Xonar D2X Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2010-09-16 1266688]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
R3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [2010-12-16 126464]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 29744]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 20016]
S3 akpru8vm;akpru8vm; C:\Windows\system32\drivers\akpru8vm.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2009-10-22 37680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-05 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-01-10 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-01-10 399416]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2009-10-22 395824]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#17 Příspěvek od **Roli** » 18 úno 2011 23:02

Tak že jdeme na to

Tohle fixni v HJT :

R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 0 v1.1.4322 GAC + NI NID

HJT najdeš zde :

C:\Program Files\trend micro\Nimrod Sherdon.exe

jak to provést jsem již psal.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Program Files (x86)\AVG
C:\ProgramData\avg9

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Pak použij Mbam z mého podpisu stejně jako před tím a dej mi sem z něj také log.

Monte · #18 Příspěvek od **Monte** » 19 úno 2011 06:29

Takze,,.,log z OTM

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Program Files (x86)\AVG\AVG9 folder moved successfully.
C:\Program Files (x86)\AVG folder moved successfully.
C:\ProgramData\avg9\Log folder moved successfully.
C:\ProgramData\avg9 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nimrod Sherdon
->Temp folder emptied: 21406396 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 617987 bytes
->Flash cache emptied: 1377 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39131 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 21,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 02192011_062517

Files moved on Reboot...
C:\Users\Nimrod Sherdon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Windows\temp\_avast5_\Webshlock.txt not found!
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2332.log moved successfully.

Registry entries deleted on Reboot...

Monte · #19 Příspěvek od **Monte** » 19 úno 2011 07:27

11 viru.. Dal jsem full scan. Nic jsem nesmazal, cekam na instrukce

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databßze: 5807

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19.2.2011 7:23:47
mbam-log-2011-02-19 (07-23-39).txt

Typ kontroly: ┌plnř test (C:\|D:\|E:\|)
TestovanÚ objekty: 467444
Uplynulř Ŕas: 52 minut, 5 sekund

InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe v registru: 0
InfikovanÚ hodnoty v registru: 0
InfikovanÚ datovÚ polo×ky v registru: 0
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 17

InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ klÝŔe v registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ hodnoty v registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ datovÚ polo×ky v registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ soubory:
d:\system volume information\_restore{4a7a6d5a-bbb9-4236-9d79-567f99b3c406}\RP68\A0018677.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{4a7a6d5a-bbb9-4236-9d79-567f99b3c406}\RP68\A0018695.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{7afd251f-0ede-42d1-9884-dcdb3ecb67d0}\RP213\A0081291.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP80\A0016627.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP82\A0018112.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP86\A0027313.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP86\A0027326.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP86\A0027369.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP86\A0027423.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP87\A0027481.dll (Malware.Packer.T) -> No action taken.
d:\system volume information\_restore{fb4cfc9c-3164-4b36-afbd-9c368fada87c}\RP136\A0060183.dll (Malware.Packer.Gen) -> No action taken.
e:\system volume information\_restore{b68d8e84-2d8c-4014-928e-9424cb3ed8ab}\RP82\A0018248.exe (Trojan.Dropper.PGen) -> No action taken.
e:\Z\Torrent2\oo.defrag.professional.v14.0.167.x64.incl.keygen-mesmerize\keygen.exe (RiskWare.Tool.CK) -> No action taken.
e:\Z\Torrent2\oo.defrag.professional.v14.1.425.incl.keygen-mesmerize\keygen.exe (RiskWare.Tool.CK) -> No action taken.
e:\Z\Torrent2\oo.defrag.professional.v14.1.425.x64.incl.keygen-mesmerize\keygen.exe (RiskWare.Tool.CK) -> No action taken.
e:\Z\Torrent2\pinnacle studio 14 hd ultimate collection\pinnacle studio 14 hd ultimate collection\aaa\pinnacle key all\keygen 10-titanum.exe (Riskware.Tool.CK) -> No action taken.
e:\Z\Torrent2\xp\keyfinder.exe (RiskWare.Tool.CK) -> No action taken.

#20 Příspěvek od **Roli** » 19 úno 2011 22:50

To co Mbam našel nech smazat.

Šmejdy v System Volume Information odstraníš podle TOHOTO návodu.

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Monte · #21 Příspěvek od **Monte** » 20 úno 2011 08:56

Vse probehlo v poradku. Zde log z Combofixu,

ComboFix 11-02-19.02 - Nimrod Sherdon 20.02.2011 8:47.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6142.4619 [GMT 1:00]
Spuštěný z: c:\users\Nimrod Sherdon\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\system
c:\windows\SysWow64\system

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-20 do 2011-02-20 )))))))))))))))))))))))))))))))
.

2011-02-20 07:51 . 2011-02-20 07:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-19 05:29 . 2011-02-19 05:29 -------- d-----w- c:\programdata\Malwarebytes
2011-02-19 05:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-19 05:29 . 2011-02-19 05:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-19 05:29 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-18 21:12 . 2011-02-19 05:22 -------- d-----w- c:\program files\trend micro
2011-02-18 18:58 . 2011-02-18 18:58 -------- d-----w- c:\windows\SysWow64\URTTEMP
2011-02-18 17:24 . 2011-02-18 18:47 -------- d-----w- c:\programdata\PMB Files
2011-02-18 17:24 . 2011-02-18 17:24 -------- d-----w- c:\program files (x86)\Pando Networks
2011-02-18 07:31 . 2011-02-18 07:31 -------- d-----w- c:\windows\cs
2011-02-18 07:25 . 2011-02-18 07:25 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-18 07:20 . 2011-02-18 07:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-02-18 07:20 . 2011-02-18 07:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-02-18 07:20 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-18 07:19 . 2011-02-18 07:19 -------- d-----w- c:\windows\PCHEALTH
2011-02-18 07:19 . 2011-02-18 07:20 -------- d-----w- c:\program files\Windows Live
2011-02-18 07:18 . 2011-02-18 07:18 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-02-18 07:18 . 2011-02-18 07:18 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-02-18 07:17 . 2011-02-18 07:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-02-18 07:04 . 2011-02-18 07:04 11016 ----a-w- C:\cc_20110218_080427.reg
2011-02-18 05:29 . 2011-02-02 16:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED1FCB2F-70C6-41D0-A2DB-C65D7F996C67}\mpengine.dll
2011-02-18 05:24 . 2011-02-18 05:24 -------- d-----w- c:\program files (x86)\Secunia
2011-02-17 22:00 . 2011-02-17 22:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-02-17 22:00 . 2011-02-17 22:00 -------- d-----w- c:\programdata\!SASCORE
2011-02-17 22:00 . 2011-02-17 22:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-17 16:38 . 2011-02-17 16:38 -------- d-----w- c:\program files (x86)\CCleaner
2011-02-17 16:35 . 2011-02-17 16:37 -------- d-----w- c:\program files (x86)\Google
2011-02-17 16:35 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-17 16:35 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-17 16:35 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-17 16:35 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-17 16:35 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-17 16:35 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-17 16:34 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-17 16:34 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-17 16:34 . 2011-02-17 16:34 -------- d-----w- c:\programdata\Alwil Software
2011-02-17 16:34 . 2011-02-17 16:34 -------- d-----w- c:\program files\Alwil Software
2011-02-12 06:21 . 2011-02-12 06:21 -------- d-----w- c:\program files\Bethesda Softworks
2011-02-11 18:02 . 2011-02-11 18:18 -------- d-----w- c:\program files (x86)\AC Tool
2011-02-09 11:24 . 2011-02-09 11:24 -------- d-----w- c:\windows\SysWow64\drivers\avg
2011-02-08 16:20 . 2011-02-08 16:20 -------- d-----w- C:\Games
2011-02-07 20:25 . 2011-02-07 20:25 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-02-07 20:24 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-02-07 19:50 . 2009-10-22 04:01 80944 ----a-w- c:\windows\system32\drivers\vmci.sys
2011-02-07 19:50 . 2009-10-22 04:00 68144 ----a-w- c:\windows\system32\drivers\vmx86.sys
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-02-07 19:26 . 2011-02-07 19:26 871408 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-07 19:16 . 2011-02-07 19:16 -------- d-----w- c:\program files (x86)\Conduit
2011-02-07 19:16 . 2011-02-07 19:16 -------- d-----w- C:\extensions
2011-02-07 19:16 . 2011-02-07 19:16 -------- d-----w- c:\program files (x86)\uTorrent
2011-02-07 17:57 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-07 17:57 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-02-07 17:54 . 2011-02-07 17:54 -------- d-----w- c:\program files (x86)\MacroGamer
2011-02-07 17:40 . 2011-02-07 17:40 -------- d-----w- c:\program files (x86)\AutoHotkey
2011-02-07 17:39 . 2011-02-07 17:39 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-02-07 17:32 . 2011-02-07 17:32 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2011-02-07 17:32 . 2011-02-07 17:32 34064 ----a-w- c:\windows\SysWow64\lhacm.acm
2011-02-07 17:32 . 2011-02-07 17:32 -------- d-----w- c:\program files (x86)\Teamspeak2_RC2
2011-02-07 17:31 . 2011-02-07 17:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-02-07 17:28 . 2011-02-07 17:28 -------- d-----w- c:\program files (x86)\Razer
2011-02-07 17:23 . 2011-02-07 17:23 -------- d-----w- c:\windows\SysWow64\Wat
2011-02-07 17:23 . 2011-02-07 17:23 -------- d-----w- c:\windows\system32\Wat
2011-02-07 17:11 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-07 17:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-07 17:02 . 2011-02-07 17:02 -------- d-----w- c:\programdata\ATI
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\ATI Stream
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\ATI
2011-02-07 17:00 . 2011-02-07 17:00 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-02-07 17:00 . 2011-02-07 17:01 -------- d-----w- c:\program files\ATI Technologies
2011-02-07 17:00 . 2011-02-07 17:00 -------- d-----w- c:\program files\ATI
2011-02-07 16:56 . 2011-02-07 16:56 -------- d-----w- c:\program files (x86)\Winamp
2011-02-07 16:52 . 2011-02-07 18:05 -------- d-----w- c:\program files (x86)\totalcmd
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-02-07 16:49 . 2011-02-07 16:50 -------- d-----w- c:\program files (x86)\QIP
2011-02-07 16:49 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2011-02-07 16:49 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2011-02-07 16:49 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-07 16:49 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-02-07 16:46 . 2010-10-16 05:19 395776 ----a-w- c:\windows\system32\webio.dll
2011-02-07 16:45 . 2011-02-07 16:45 -------- d-----w- c:\program files (x86)\Opera
2011-02-07 16:37 . 2011-02-07 16:37 -------- d-----w- c:\windows\SysWow64\Macromed
2011-02-07 16:36 . 2011-02-18 19:02 -------- d-sh--w- c:\windows\Installer
2011-02-07 16:34 . 2009-08-19 15:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2011-02-07 16:34 . 2006-10-06 04:45 524768 ----a-w- c:\windows\difxapi.dll
2011-02-07 16:33 . 2010-12-24 07:32 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-02-07 16:33 . 2010-12-24 07:32 412264 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-02-07 16:33 . 2010-12-24 07:32 107624 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-02-07 16:33 . 2011-02-07 16:33 -------- d-----w- c:\program files (x86)\Realtek
2011-02-07 16:32 . 2011-02-08 15:28 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-02-07 16:32 . 2011-02-07 16:33 -------- d-----w- c:\program files (x86)\Intel
2011-02-07 16:32 . 2010-03-02 08:04 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-02-07 16:31 . 2011-02-07 16:31 -------- d-----w- C:\Intel
2011-02-07 16:05 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-07 15:52 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2011-02-07 15:52 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-02-07 15:52 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-02-07 15:52 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-02-07 15:48 . 2011-02-07 15:48 -------- d-----w- c:\users\Nimrod Sherdon
2011-02-07 15:36 . 2011-02-07 15:36 0 ----a-w- c:\windows\ativpsrm.bin
2011-02-07 15:33 . 2011-02-07 15:47 -------- d-----w- c:\windows\Panther
2011-02-06 17:28 . 2010-09-16 10:41 1266688 ----a-w- c:\windows\system32\drivers\cmudaxp.sys
2011-02-06 17:28 . 2007-04-19 14:12 32768 ----a-w- c:\windows\system32\cmudaxp.dll
2011-02-06 17:28 . 2004-04-14 10:28 315392 ----a-w- c:\windows\SysWow64\CmiFltr.dll
2011-02-06 17:28 . 2004-04-14 10:28 315392 ----a-w- c:\windows\system\CmiFltr.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-05 03:37 . 2011-01-05 03:37 8283136 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-05 03:22 . 2011-01-05 03:22 22100480 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-05 03:03 . 2011-01-05 03:03 17043968 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-01-05 03:02 . 2011-01-05 03:02 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-05 03:02 . 2011-01-05 03:02 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-05 03:01 . 2011-01-05 03:01 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-05 02:58 . 2011-01-05 02:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-05 02:58 . 2011-01-05 02:58 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-05 02:57 . 2011-01-05 02:57 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-05 02:56 . 2011-01-05 02:56 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-05 02:56 . 2011-01-05 02:56 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-05 02:56 . 2011-01-05 02:56 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-05 02:55 . 2011-01-05 02:55 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-01-05 02:55 . 2011-01-05 02:55 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-05 02:55 . 2011-01-05 02:55 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-05 02:55 . 2011-01-05 02:55 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-01-05 02:52 . 2011-01-05 02:52 4101632 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-05 02:43 . 2009-07-13 21:59 4844544 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-05 02:33 . 2011-01-05 02:33 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-05 02:33 . 2011-01-05 02:33 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-01-05 02:33 . 2011-01-05 02:33 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-05 02:33 . 2011-01-05 02:33 4162048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-01-05 02:33 . 2011-01-05 02:33 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-01-05 02:33 . 2011-01-05 02:33 6815232 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-05 02:32 . 2011-01-05 02:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-05 02:32 . 2011-01-05 02:32 3218944 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-05 02:31 . 2011-01-05 02:31 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-01-05 02:28 . 2011-01-05 02:28 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-05 02:27 . 2011-01-05 02:27 5305856 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-05 02:25 . 2011-01-05 02:25 3461120 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-01-05 02:20 . 2011-01-05 02:20 353792 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-05 02:20 . 2011-01-05 02:20 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-01-05 02:19 . 2011-01-05 02:19 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 32256 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-05 02:19 . 2011-01-05 02:19 27648 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 294400 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-05 02:18 . 2011-01-05 02:18 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-05 02:18 . 2011-01-05 02:18 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-05 02:18 . 2011-01-05 02:18 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-05 02:18 . 2011-01-05 02:18 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-05 02:17 . 2011-01-05 02:17 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2010-12-30 16:59 . 2010-12-30 16:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll
2010-12-16 08:23 . 2010-12-16 08:23 126464 ----a-w- c:\windows\system32\drivers\RzSynapse.sys
2010-12-07 11:17 . 2010-12-07 11:17 51200 ----a-w- c:\windows\SysWow64\OpenCL.dll
2010-12-07 11:15 . 2010-12-07 11:15 52736 ----a-w- c:\windows\system32\OpenCL.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-07 396152]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2988784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840]
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2009-10-22 129584]

c:\users\Nimrod Sherdon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
posledni.ahk [2011-2-9 2849]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QIP 2005.lnk - c:\program files (x86)\QIP\qip.exe [2011-2-7 3259392]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-02-07 871408]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-05 203776]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2009-10-22 80944]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2010-09-16 1266688]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2010-12-16 126464]

.
Obsah adresáře 'Naplánované úlohy'

2011-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 16:35]

2011-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 16:35]
.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2010-09-16 8761344]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: {C2ED5347-0AF2-40EA-A261-BCD23D94395C} = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3653736276-4212073443-1716572666-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-3653736276-4212073443-1716572666-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\AutoHotkey\AutoHotkey.exe
.
**************************************************************************
.
Celkový čas: 2011-02-20 08:54:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-20 07:54

Před spuštěním: Volných bajtů: 41 945 997 312
Po spuštění: Volných bajtů: 41 656 655 872

- - End Of File - - 55306974E26D34DEEC489CC0089F726D

#22 Příspěvek od **Roli** » 20 úno 2011 21:45

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::
c:\windows\SysWow64\drivers\avg  

Folder::
c:\windows\SysWow64\drivers\avg
c:\program files (x86)\Conduit

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Monte · #23 Příspěvek od **Monte** » 22 úno 2011 11:06

Hned jak budu doma, tak to zkusím a dám pak vědět.

#24 Příspěvek od **Roli** » 22 úno 2011 14:51

Ne zkusíš, ale uděláš a dáš mi sem ten log co z něj vypadne

Monte · #25 Příspěvek od **Monte** » 01 bře 2011 08:11

Dneska to udělám, byl jsem trošku mimo domov.

#26 Příspěvek od **Roli** » 01 bře 2011 12:26

V klidu já mám času dost.

Monte · #27 Příspěvek od **Monte** » 03 bře 2011 19:25

ComboFix 11-03-03.01 - Nimrod Sherdon 03.03.2011 19:16:27.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6142.4634 [GMT 1:00]
Spuštěný z: c:\users\Nimrod Sherdon\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nimrod Sherdon\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

FILE ::
"c:\windows\SysWow64\drivers\avg"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\windows\SysWow64\drivers\avg

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-03 do 2011-03-03 )))))))))))))))))))))))))))))))
.

2011-03-03 18:20 . 2011-03-03 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-26 05:59 . 2011-02-26 05:59 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-25 11:23 . 2010-07-13 14:26 804352 ------w- c:\windows\system32\Cmeauoxy.exe
2011-02-25 11:23 . 2010-10-28 15:27 1267200 ----a-w- c:\windows\system32\drivers\cmudaxp.sys
2011-02-25 11:23 . 2007-04-19 14:12 32768 ----a-w- c:\windows\system32\cmudaxp.dll
2011-02-25 11:23 . 2004-04-14 10:28 315392 ----a-w- c:\windows\system\CmiFltr.dll
2011-02-25 10:52 . 2011-02-25 10:52 -------- d-----w- c:\program files (x86)\7-Zip
2011-02-25 07:32 . 2011-02-25 10:50 -------- d-----w- c:\program files (x86)\foobar2000
2011-02-25 07:31 . 2011-02-25 11:24 -------- d-----w- c:\program files\UNi Xonar Audio
2011-02-23 16:17 . 2011-02-23 16:17 -------- d-----w- c:\program files (x86)\Download Manager
2011-02-20 10:21 . 2011-02-20 10:21 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-02-20 10:21 . 2011-02-20 10:21 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-02-20 09:52 . 2007-12-02 12:28 53248 ----a-w- c:\windows\system\PhysXLoader.dll
2011-02-19 05:29 . 2011-02-19 05:29 -------- d-----w- c:\programdata\Malwarebytes
2011-02-19 05:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-19 05:29 . 2011-02-19 05:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-19 05:29 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-18 21:12 . 2011-02-19 05:22 -------- d-----w- c:\program files\trend micro
2011-02-18 18:58 . 2011-02-18 18:58 -------- d-----w- c:\windows\SysWow64\URTTEMP
2011-02-18 17:24 . 2011-02-18 18:47 -------- d-----w- c:\programdata\PMB Files
2011-02-18 17:24 . 2011-02-18 17:24 -------- d-----w- c:\program files (x86)\Pando Networks
2011-02-18 07:31 . 2011-02-18 07:31 -------- d-----w- c:\windows\cs
2011-02-18 07:25 . 2011-02-18 07:25 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-18 07:20 . 2011-02-18 07:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-02-18 07:20 . 2011-02-18 07:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-02-18 07:20 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-18 07:19 . 2011-02-18 07:19 -------- d-----w- c:\windows\PCHEALTH
2011-02-18 07:19 . 2011-02-18 07:20 -------- d-----w- c:\program files\Windows Live
2011-02-18 07:17 . 2011-02-18 07:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-02-18 07:04 . 2011-02-18 07:04 11016 ----a-w- C:\cc_20110218_080427.reg
2011-02-18 05:29 . 2011-02-02 16:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED1FCB2F-70C6-41D0-A2DB-C65D7F996C67}\mpengine.dll
2011-02-18 05:24 . 2011-02-18 05:24 -------- d-----w- c:\program files (x86)\Secunia
2011-02-17 22:00 . 2011-02-17 22:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-02-17 22:00 . 2011-02-17 22:00 -------- d-----w- c:\programdata\!SASCORE
2011-02-17 22:00 . 2011-02-25 05:57 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-17 16:38 . 2011-02-17 16:38 -------- d-----w- c:\program files (x86)\CCleaner
2011-02-17 16:35 . 2011-02-17 16:37 -------- d-----w- c:\program files (x86)\Google
2011-02-17 16:35 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-17 16:35 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-17 16:35 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-17 16:35 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-17 16:35 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-17 16:35 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-17 16:34 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-17 16:34 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-17 16:34 . 2011-02-17 16:34 -------- d-----w- c:\programdata\Alwil Software
2011-02-17 16:34 . 2011-02-17 16:34 -------- d-----w- c:\program files\Alwil Software
2011-02-12 06:21 . 2011-02-12 06:21 -------- d-----w- c:\program files\Bethesda Softworks
2011-02-11 18:02 . 2011-02-11 18:18 -------- d-----w- c:\program files (x86)\AC Tool
2011-02-08 16:20 . 2011-02-08 16:20 -------- d-----w- C:\Games
2011-02-07 20:25 . 2011-02-07 20:25 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-02-07 20:24 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-02-07 20:24 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-02-07 19:50 . 2009-10-22 04:01 80944 ----a-w- c:\windows\system32\drivers\vmci.sys
2011-02-07 19:50 . 2009-10-22 04:00 68144 ----a-w- c:\windows\system32\drivers\vmx86.sys
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-02-07 19:29 . 2011-02-07 19:29 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-02-07 19:26 . 2011-02-07 19:26 871408 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-07 19:16 . 2011-02-19 05:22 -------- d-----w- c:\program files (x86)\ConduitEngine
2011-02-07 19:16 . 2011-02-07 19:16 -------- d-----w- C:\extensions
2011-02-07 19:16 . 2011-02-07 19:16 -------- d-----w- c:\program files (x86)\uTorrent
2011-02-07 17:57 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-07 17:57 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-02-07 17:54 . 2011-02-07 17:54 -------- d-----w- c:\program files (x86)\MacroGamer
2011-02-07 17:40 . 2011-02-07 17:40 -------- d-----w- c:\program files (x86)\AutoHotkey
2011-02-07 17:39 . 2011-02-07 17:39 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-02-07 17:32 . 2011-02-07 17:32 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2011-02-07 17:32 . 2011-02-07 17:32 34064 ----a-w- c:\windows\SysWow64\lhacm.acm
2011-02-07 17:32 . 2011-02-07 17:32 -------- d-----w- c:\program files (x86)\Teamspeak2_RC2
2011-02-07 17:31 . 2011-02-07 17:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-02-07 17:28 . 2011-02-07 17:28 -------- d-----w- c:\program files (x86)\Razer
2011-02-07 17:23 . 2011-02-07 17:23 -------- d-----w- c:\windows\SysWow64\Wat
2011-02-07 17:23 . 2011-02-07 17:23 -------- d-----w- c:\windows\system32\Wat
2011-02-07 17:11 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-07 17:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-07 17:02 . 2011-02-07 17:02 -------- d-----w- c:\programdata\ATI
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\ATI Stream
2011-02-07 17:01 . 2011-02-07 17:01 -------- d-----w- c:\program files (x86)\ATI
2011-02-07 17:00 . 2011-02-07 17:00 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-02-07 17:00 . 2011-02-07 17:01 -------- d-----w- c:\program files\ATI Technologies
2011-02-07 17:00 . 2011-02-07 17:00 -------- d-----w- c:\program files\ATI
2011-02-07 16:56 . 2011-02-07 16:56 -------- d-----w- c:\program files (x86)\Winamp
2011-02-07 16:52 . 2011-02-07 18:05 -------- d-----w- c:\program files (x86)\totalcmd
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-02-07 16:52 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-02-07 16:49 . 2011-02-07 16:50 -------- d-----w- c:\program files (x86)\QIP
2011-02-07 16:49 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2011-02-07 16:49 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2011-02-07 16:49 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-07 16:49 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-02-07 16:46 . 2010-10-16 05:19 395776 ----a-w- c:\windows\system32\webio.dll
2011-02-07 16:45 . 2011-02-07 16:45 -------- d-----w- c:\program files (x86)\Opera
2011-02-07 16:37 . 2011-02-07 16:37 -------- d-----w- c:\windows\SysWow64\Macromed
2011-02-07 16:36 . 2011-02-26 06:00 -------- d-sh--w- c:\windows\Installer
2011-02-07 16:35 . 2011-02-07 16:35 -------- d-----w- C:\ATI
2011-02-07 16:35 . 2010-09-17 12:53 121856 ------w- c:\windows\system\HsSrv642.dll
2011-02-07 16:35 . 2010-09-17 12:53 121856 ------w- c:\windows\system\HsSrv64.dll
2011-02-07 16:35 . 2010-09-17 12:52 217088 ------w- c:\windows\SysWow64\HsSrv2.dll
2011-02-07 16:35 . 2010-09-17 12:52 217088 ------w- c:\windows\SysWow64\HsSrv.dll
2011-02-07 16:35 . 2008-07-11 14:04 200704 ------w- c:\windows\SysWow64\HsMgr.exe
2011-02-07 16:35 . 2008-07-11 14:03 282112 ------w- c:\windows\system\HsMgr64.exe
2011-02-07 16:35 . 2011-02-07 16:35 -------- d-----w- c:\program files\ASUS Xonar D2X Audio
2011-02-07 16:34 . 2009-08-19 15:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2011-02-07 16:34 . 2006-10-06 04:45 524768 ----a-w- c:\windows\difxapi.dll
2011-02-07 16:33 . 2010-12-24 07:32 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-02-07 16:33 . 2010-12-24 07:32 412264 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-02-07 16:33 . 2010-12-24 07:32 107624 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-02-07 16:33 . 2011-02-07 16:33 -------- d-----w- c:\program files (x86)\Realtek
2011-02-07 16:32 . 2011-02-23 16:22 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-02-07 16:32 . 2011-02-07 16:33 -------- d-----w- c:\program files (x86)\Intel
2011-02-07 16:32 . 2010-03-02 08:04 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-02-07 16:31 . 2011-02-07 16:31 -------- d-----w- C:\Intel
2011-02-07 16:05 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-07 15:52 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-05 03:37 . 2011-01-05 03:37 8283136 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-05 03:22 . 2011-01-05 03:22 22100480 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-05 03:03 . 2011-01-05 03:03 17043968 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-01-05 03:02 . 2011-01-05 03:02 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-05 03:02 . 2011-01-05 03:02 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-05 03:01 . 2011-01-05 03:01 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-05 02:58 . 2011-01-05 02:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-05 02:58 . 2011-01-05 02:58 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-05 02:57 . 2011-01-05 02:57 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-05 02:56 . 2011-01-05 02:56 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-05 02:56 . 2011-01-05 02:56 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-05 02:56 . 2011-01-05 02:56 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-05 02:55 . 2011-01-05 02:55 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-01-05 02:55 . 2011-01-05 02:55 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-05 02:55 . 2011-01-05 02:55 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-05 02:55 . 2011-01-05 02:55 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-01-05 02:52 . 2011-01-05 02:52 4101632 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-05 02:43 . 2009-07-13 21:59 4844544 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-05 02:33 . 2011-01-05 02:33 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-05 02:33 . 2011-01-05 02:33 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-01-05 02:33 . 2011-01-05 02:33 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-05 02:33 . 2011-01-05 02:33 4162048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-01-05 02:33 . 2011-01-05 02:33 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-01-05 02:33 . 2011-01-05 02:33 6815232 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-05 02:32 . 2011-01-05 02:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-05 02:32 . 2011-01-05 02:32 3218944 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-05 02:31 . 2011-01-05 02:31 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-01-05 02:28 . 2011-01-05 02:28 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-05 02:27 . 2011-01-05 02:27 5305856 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-05 02:25 . 2011-01-05 02:25 3461120 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-01-05 02:20 . 2011-01-05 02:20 353792 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-05 02:20 . 2011-01-05 02:20 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-01-05 02:19 . 2011-01-05 02:19 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 32256 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-05 02:19 . 2011-01-05 02:19 27648 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 294400 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-05 02:18 . 2011-01-05 02:18 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-05 02:18 . 2011-01-05 02:18 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-05 02:18 . 2011-01-05 02:18 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-05 02:18 . 2011-01-05 02:18 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-05 02:17 . 2011-01-05 02:17 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2010-12-30 16:59 . 2010-12-30 16:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll
2010-12-16 08:23 . 2010-12-16 08:23 126464 ----a-w- c:\windows\system32\drivers\RzSynapse.sys
2010-12-07 11:17 . 2010-12-07 11:17 51200 ----a-w- c:\windows\SysWow64\OpenCL.dll
2010-12-07 11:15 . 2010-12-07 11:15 52736 ----a-w- c:\windows\system32\OpenCL.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-02-20_07.52.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-03-03 18:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-02-20 07:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-03-03 18:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-20 07:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-20 07:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-03 18:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-07 16:16 . 2011-03-03 05:18 35770 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-03-03 18:10 30554 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2011-02-18 17:05 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-02-25 11:23 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-02-25 11:23 . 2007-04-19 14:12 32768 c:\windows\system32\DriverStore\FileRepository\xonard2x.inf_amd64_neutral_08d09bed9d859914\cmudaxp.dll
+ 2011-02-07 15:38 . 2011-03-03 18:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 15:38 . 2011-02-20 07:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-19 05:26 . 2011-02-20 07:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-19 05:26 . 2011-03-03 18:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-20 07:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-03 18:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-07 15:49 . 2011-03-03 18:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 15:49 . 2011-02-20 07:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:46 . 2011-02-19 05:23 73256 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2011-02-25 06:53 73256 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-02-07 15:49 . 2011-03-03 18:22 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-07 15:49 . 2011-02-20 07:44 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-07 15:49 . 2011-03-03 18:22 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-07 15:49 . 2011-02-20 07:44 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-07 15:49 . 2011-03-03 18:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 15:49 . 2011-02-20 07:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-07 15:49 . 2011-03-03 18:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-07 15:49 . 2011-02-20 07:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-23 16:22 . 2011-02-23 16:22 54784 c:\windows\Installer\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}\NewShortcut2_5539AC05221C47A5AC82A089283E03F8.exe
+ 2010-09-23 03:47 . 2010-09-23 03:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 02:03 . 2010-09-23 02:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe
+ 2010-09-23 01:52 . 2010-09-23 01:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-22 17:12 . 2010-09-22 17:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
- 2011-02-07 20:23 . 2011-02-07 20:23 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-02-07 15:50 . 2011-03-03 18:10 7222 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3653736276-4212073443-1716572666-1001_UserData.bin
- 2011-02-20 07:52 . 2011-02-20 07:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-03-03 18:21 . 2011-03-03 18:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-25 11:24 . 2011-02-25 11:24 445016 c:\windows\SysWOW64\wrap_oal.dll
+ 2011-02-25 11:24 . 2009-04-02 15:59 143360 c:\windows\SysWOW64\VmixP8.dll
- 2011-02-07 16:35 . 2009-04-02 15:59 143360 c:\windows\SysWOW64\VmixP8.dll
+ 2011-02-25 11:24 . 2011-02-25 11:24 109144 c:\windows\SysWOW64\OpenAL32.dll
+ 2011-02-25 11:24 . 2006-09-13 09:21 200704 c:\windows\SysWOW64\Cmpaoxy.dll
- 2011-02-07 16:35 . 2006-09-13 09:21 200704 c:\windows\SysWOW64\Cmpaoxy.dll
+ 2011-02-25 11:24 . 2010-12-16 17:35 303104 c:\windows\SysWOW64\cmasiop.dll
- 2011-02-07 16:35 . 2007-12-13 16:12 122880 c:\windows\SysWOW64\Cm_Oal.dll
+ 2011-02-25 11:24 . 2007-12-13 16:12 122880 c:\windows\SysWOW64\Cm_Oal.dll
+ 2011-02-25 11:24 . 2011-02-25 11:24 466520 c:\windows\system32\wrap_oal.dll
- 2009-07-14 02:36 . 2011-02-20 07:48 663748 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-03-03 18:13 663748 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-03-03 18:13 677930 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-02-20 07:48 677930 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-02-20 07:48 126464 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-03-03 18:13 126464 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-02-20 07:48 146410 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-03-03 18:13 146410 c:\windows\system32\perfc005.dat
+ 2011-02-25 11:24 . 2011-02-25 11:24 123480 c:\windows\system32\OpenAL32.dll
- 2009-07-14 04:45 . 2011-02-18 07:08 276944 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2011-02-25 10:36 276944 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:30 . 2011-02-25 11:23 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-18 17:05 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-17 16:32 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-02-25 11:23 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-02-25 11:23 . 2004-04-14 10:28 315392 c:\windows\system32\DriverStore\FileRepository\xonard2x.inf_amd64_neutral_08d09bed9d859914\CmiFltr.dll
+ 2009-07-14 05:12 . 2011-03-03 18:22 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-02-20 07:52 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-02-25 11:24 . 2010-12-16 17:35 465408 c:\windows\system32\cmasiopx.dll
- 2011-02-07 16:35 . 2007-12-13 16:12 122880 c:\windows\system32\Cm_Oal.dll
+ 2011-02-25 11:24 . 2007-12-13 16:12 122880 c:\windows\system32\Cm_Oal.dll
+ 2009-07-14 05:01 . 2011-03-03 18:20 228636 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2007-11-07 07:12 . 2007-11-07 07:12 232960 c:\windows\Installer\45c10d3.msi
+ 2011-02-23 16:22 . 2011-02-23 16:22 185856 c:\windows\Installer\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}\LaunchGame_A7A9885965A04157A7E510690F7CA567.exe
+ 2011-02-23 16:22 . 2011-02-23 16:22 185856 c:\windows\Installer\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}\GameWebsite_DA2DF8BD3F09482F8F6955E6A791EAC0.exe
+ 2011-02-23 16:22 . 2011-02-23 16:22 185856 c:\windows\Installer\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}\ARPPRODUCTICON.exe
+ 2010-09-22 17:10 . 2010-09-22 17:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-09-10 17:17 . 2010-09-10 17:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-22 19:41 . 2010-09-22 19:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-23 03:47 . 2010-09-23 03:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-22 17:04 . 2010-09-22 17:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-22 18:39 . 2010-09-22 18:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-22 17:50 . 2010-09-22 17:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe
+ 2009-10-27 09:17 . 2009-10-27 09:17 324976 c:\windows\Downloaded Program Files\DLMControl.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-02-25 11:24 . 2011-02-14 21:42 8171520 c:\windows\SysWOW64\CmiCnfgp.dll
+ 2011-02-25 11:23 . 2010-10-28 15:27 1267200 c:\windows\system32\DriverStore\FileRepository\xonard2x.inf_amd64_neutral_08d09bed9d859914\cmudaxp64.sys
+ 2009-07-14 04:45 . 2011-02-25 05:56 3607895 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-02-18 20:54 3607895 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-09-22 17:05 . 2010-09-22 17:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll
+ 2010-09-16 02:08 . 2010-09-16 02:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2010-06-19 16:51 . 2010-06-19 16:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-02-07 20:23 . 2011-02-07 20:23 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-02-20 10:23 . 2011-02-20 10:23 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-07-14 02:34 . 2011-02-20 01:44 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-03-03 05:30 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-02-20 10:21 . 2011-02-20 10:21 27089408 c:\windows\Installer\8192f2.msi
+ 2011-02-23 16:17 . 2011-02-23 16:17 19785728 c:\windows\Installer\45c10cc.msi
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\205fe.msp
+ 2010-09-23 12:43 . 2010-09-23 12:43 43146752 c:\windows\Installer\2057e.msi
+ 2010-09-23 02:03 . 2010-09-23 02:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-07 396152]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-02-25 2987976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840]
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2009-10-22 129584]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

c:\users\Nimrod Sherdon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
posledni.ahk [2011-2-26 2977]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
avast! Free Antivirus.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [2011-2-17 3396624]
QIP 2005.lnk - c:\program files (x86)\QIP\qip.exe [2011-2-7 3259392]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-07 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-02-07 871408]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-05 203776]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2009-10-22 80944]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2010-10-28 1267200]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2010-12-16 126464]

.
Obsah adresáře 'Naplánované úlohy'

2011-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 16:35]

2011-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17 16:35]
.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: {C2ED5347-0AF2-40EA-A261-BCD23D94395C} = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3653736276-4212073443-1716572666-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-3653736276-4212073443-1716572666-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2011-03-03 19:24:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-03 18:24
ComboFix2.txt 2011-02-20 07:54

Před spuštěním: Volných bajtů: 41 093 025 792
Po spuštění: Volných bajtů: 40 928 354 304

- - End Of File - - 2E499F341A6F9F635A3188356DBD1585

#28 Příspěvek od **Roli** » 03 bře 2011 21:40

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Pak dej vědět jaký je stav PC.

Monte · #29 Příspěvek od **Monte** » 04 bře 2011 06:18

PC slape skvele, od te doby co nemam AVG to pripojeni nikdy nepadlo. Otazka zni zda to bylo AVGckem nebo tema virama.
Kazdopadne dekuji za vsechnu pomoc, rozhodnul jsem se vám pridat do kasicky nejaky ten peniz.

Jeste jednou diky

#30 Příspěvek od **Roli** » 04 bře 2011 22:10

Není zač.

VIRY.CZ

AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security

Re: AVG Internet security