VIRY.CZ

Zdravím,

předpokládám, že kolegu zajímá hlavně log z prvního použití CF - zkopíruj mu sem proto obsah Qoobox\ComboFix3.txt

ComboFix 12-04-09.04 - PiP 09.04.2012 19:13:47.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3071.2249 [GMT 2:00]
Spuštěný z: c:\users\PiP\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PiP\AppData\Roaming\Hljijp.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET5A51.tmp
c:\windows\system32\SET5BE9.tmp
c:\windows\system32\SET5E3E.tmp
c:\windows\system32\SET5EDC.tmp
c:\windows\system32\SET6702.tmp
c:\windows\system32\spsys.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-09 do 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 17:21 . 2012-04-09 17:22 -------- dc----w- c:\users\PiP\AppData\Local\temp
2012-04-09 17:21 . 2012-04-09 17:21 -------- dc----w- c:\users\Default\AppData\Local\temp
2012-04-09 16:50 . 2012-04-09 16:53 -------- dc----w- C:\UsbFix
2012-04-09 09:11 . 2012-04-09 09:11 -------- dc----w- c:\users\PiP\AppData\Roaming\AVG2012
2012-04-09 09:10 . 2012-04-09 09:10 -------- dc-h--w- c:\programdata\Common Files
2012-04-09 09:10 . 2012-04-09 09:23 -------- dc----w- c:\programdata\AVG2012
2012-04-09 09:10 . 2012-04-09 09:12 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-09 09:10 . 2012-04-09 09:10 -------- dc----w- C:\$AVG
2012-04-09 09:09 . 2012-04-09 09:09 -------- dc----w- c:\program files\AVG
2012-04-09 09:05 . 2012-04-09 17:08 -------- dc----w- c:\programdata\MFAData
2012-04-08 17:11 . 2012-04-08 17:32 -------- dc----w- c:\users\PiP\AppData\Roaming\gtk-2.0
2012-04-08 16:34 . 2012-04-08 16:34 -------- dc----w- c:\users\PiP\AppData\Local\CrashDumps
2012-04-08 12:54 . 2012-04-08 12:54 -------- dc----w- c:\users\PiP\AppData\Roaming\Zoner
2012-04-08 12:54 . 2012-04-08 12:54 -------- dc----w- c:\users\PiP\AppData\Local\Zoner
2012-04-08 12:54 . 2012-04-08 12:54 -------- dc----w- c:\programdata\Zoner
2012-04-08 12:54 . 2012-04-08 12:54 -------- dc----w- c:\program files\Zoner
2012-04-08 12:42 . 2012-04-08 12:42 -------- dc----w- c:\users\PiP\.thumbnails
2012-04-08 12:05 . 2012-04-08 17:33 -------- dc----w- c:\users\PiP\.gimp-2.6
2012-04-08 12:05 . 2012-04-08 12:05 -------- dc----w- c:\program files\GIMP-2.0
2012-04-08 11:35 . 2012-04-08 11:35 -------- dc----w- c:\program files\SpeedBit Video Accelerator
2012-04-08 11:35 . 2012-04-08 11:35 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2012-04-08 11:30 . 2012-04-08 11:30 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-08 11:30 . 2012-04-08 11:30 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-08 11:30 . 2012-04-08 11:30 -------- d-----w- c:\windows\system32\Macromed
2012-04-03 10:41 . 2012-04-03 10:41 -------- dc----w- C:\$WINDOWS.~BT
2012-04-03 10:13 . 2012-04-03 10:14 -------- dc----w- c:\program files\Google
2012-04-03 07:18 . 2012-04-03 07:18 -------- dc----w- c:\users\PiP\AppData\Roaming\Auslogics
2012-04-03 07:18 . 2012-04-03 07:18 -------- dc----w- c:\program files\Auslogics
2012-03-31 16:38 . 2012-03-31 16:38 -------- dc----w- c:\users\PiP\AppData\Local\Opera
2012-03-31 16:38 . 2012-03-31 16:38 -------- dc----w- c:\program files\Opera
2012-03-31 16:04 . 2012-03-31 16:04 -------- dc----w- c:\programdata\ATI
2012-03-31 16:03 . 2012-03-31 16:03 -------- dc----w- c:\program files\AMD AVT
2012-03-31 16:03 . 2012-03-31 16:03 -------- dc----w- c:\program files\AMD APP
2012-03-31 16:03 . 2012-03-31 16:03 -------- dc----w- c:\program files\Common Files\ATI Technologies
2012-03-31 16:01 . 2012-03-31 16:01 -------- dc----w- c:\program files\ATI
2012-03-31 15:59 . 2012-03-31 15:59 -------- dc----w- C:\AMD
2012-03-31 15:00 . 2012-03-31 15:33 -------- dc----w- c:\program files\SpeedFan
2012-03-31 08:43 . 2012-03-31 08:43 -------- dc----w- c:\programdata\PC Suite
2012-03-31 08:41 . 2012-03-31 10:33 -------- dc----w- c:\windows\system32\DRVSTORE
2012-03-31 08:41 . 2007-05-02 14:31 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-03-31 08:40 . 2012-03-31 08:40 -------- dc----w- c:\programdata\Installations
2012-03-31 08:27 . 2012-03-31 10:36 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2012-03-31 08:27 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2012-03-29 18:16 . 2012-04-06 12:58 -------- dc----w- c:\program files\MSECache
2012-03-28 15:28 . 2012-03-28 15:28 -------- dc----w- c:\program files\VirtualDJ
2012-03-27 17:22 . 2012-04-05 09:08 -------- dc----w- c:\users\PiP\AppData\Local\Mirillis
2012-03-27 17:22 . 2012-03-27 17:22 -------- dc----w- c:\users\PiP\AppData\Roaming\Mirillis
2012-03-27 17:22 . 2012-03-27 17:22 -------- dc----w- c:\programdata\Mirillis
2012-03-27 17:21 . 2012-03-27 17:21 -------- dc----w- c:\program files\Mirillis
2012-03-27 10:42 . 2012-03-27 10:43 -------- dc----w- c:\program files\Scorpions WinCheater
2012-03-23 08:05 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C25C5CDB-18AB-4F4A-9CD7-F0408EF13852}\mpengine.dll
2012-03-22 08:17 . 2012-03-22 08:17 -------- dc----w- c:\programdata\Casino
2012-03-18 19:15 . 2012-03-18 19:15 -------- dc----w- c:\program files\Microsoft XNA
2012-03-18 19:12 . 2012-03-18 19:12 -------- dc----w- c:\users\PiP\AppData\Local\Dacris Benchmarks 8.1
2012-03-18 18:53 . 2011-04-05 16:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-03-18 18:53 . 2011-04-05 16:35 78936 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-03-18 18:53 . 2011-02-08 08:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-03-18 18:53 . 2011-04-05 16:35 221784 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-03-18 18:52 . 2012-03-18 19:08 -------- dc----w- c:\program files\Ad-Aware Antivirus
2012-03-18 15:23 . 2012-03-18 15:23 -------- dc----w- c:\users\PiP\AppData\Roaming\Media Player Classic
2012-03-14 21:33 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-14 21:33 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 09:19 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 09:19 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 09:19 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 09:19 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:19 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:19 . 2012-02-17 05:34 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 09:19 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:19 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:19 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-11 11:48 . 2012-03-11 11:48 -------- dc----w- c:\users\PiP\AppData\Roaming\TuneUp Software
2012-03-11 11:47 . 2012-03-11 11:51 -------- dc----w- c:\programdata\TuneUp Software
2012-03-11 11:47 . 2012-03-11 11:47 -------- dcsh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2012-03-11 11:41 . 2012-03-31 16:03 -------- dc----w- c:\programdata\AMD
2012-03-10 21:28 . 2012-03-10 21:28 -------- dc----w- c:\program files\Vypínač na dobrou noc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-09 06:26 . 2012-03-09 06:26 9183232 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-03-09 05:16 . 2012-03-09 05:16 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-03-09 05:16 . 2012-03-09 05:16 791552 ----a-w- c:\windows\system32\aticfx32.dll
2012-03-09 05:11 . 2012-03-09 05:11 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 05:10 . 2012-03-09 05:10 405504 ----a-w- c:\windows\system32\atieclxx.exe
2012-03-09 05:10 . 2012-03-09 05:10 163328 ----a-w- c:\windows\system32\atiesrxx.exe
2012-03-09 05:08 . 2012-03-09 05:08 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2012-03-09 05:07 . 2012-03-09 05:07 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-03-09 05:07 . 2012-03-09 05:07 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-03-09 05:04 . 2012-03-09 05:04 6200320 ----a-w- c:\windows\system32\atidxx32.dll
2012-03-09 04:39 . 2012-03-09 04:39 19739136 ----a-w- c:\windows\system32\atioglxx.dll
2012-03-09 04:36 . 2012-03-09 04:36 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2012-03-09 04:23 . 2012-03-09 04:23 5062656 ----a-w- c:\windows\system32\atiumdva.dll
2012-03-09 04:23 . 2012-03-09 04:23 5954048 ----a-w- c:\windows\system32\atiumdag.dll
2012-03-09 04:18 . 2012-03-09 04:18 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-03-09 04:18 . 2012-03-09 04:18 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-03-09 04:12 . 2012-03-09 04:12 13715968 ----a-w- c:\windows\system32\aticaldd.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\system32\atimpc32.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2012-03-09 03:58 . 2012-03-09 03:58 356352 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-03-09 03:57 . 2012-03-09 03:57 265216 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-03-09 03:56 . 2011-04-20 00:21 33280 ----a-w- c:\windows\system32\atiuxpag.dll
2012-03-09 03:56 . 2012-03-09 03:56 30208 ----a-w- c:\windows\system32\atiu9pag.dll
2012-03-09 03:55 . 2012-03-09 03:55 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 03:47 . 2011-04-20 00:27 51200 ----a-w- c:\windows\system32\coinst.dll
2012-03-08 23:26 . 2012-03-08 23:26 54784 ----a-w- c:\windows\system32\OVDecode.dll
2012-03-03 02:01 . 2012-03-03 02:01 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-03 02:01 . 2012-03-03 02:01 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-03 02:01 . 2012-03-03 02:01 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-03 02:01 . 2012-03-03 02:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-03 02:01 . 2012-03-03 02:01 161792 ----a-w- c:\windows\system32\msls31.dll
2012-03-03 02:01 . 2012-03-03 02:01 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-03-03 02:01 . 2012-03-03 02:01 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-03 02:01 . 2012-03-03 02:01 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-03-03 02:01 . 2012-03-03 02:01 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-03-03 02:01 . 2012-03-03 02:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-03-03 02:01 . 2012-03-03 02:01 367104 ----a-w- c:\windows\system32\html.iec
2012-03-03 02:01 . 2012-03-03 02:01 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-03-03 02:01 . 2012-03-03 02:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-03-03 02:01 . 2012-03-03 02:01 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-03 02:01 . 2012-03-03 02:01 1798656 ----a-w- c:\windows\system32\jscript9.dll
2012-03-03 02:01 . 2012-03-03 02:01 152064 ----a-w- c:\windows\system32\wextract.exe
2012-03-03 02:01 . 2012-03-03 02:01 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-03-03 02:01 . 2012-03-03 02:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-03 02:01 . 2012-03-03 02:01 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-03 02:01 . 2012-03-03 02:01 11776 ----a-w- c:\windows\system32\mshta.exe
2012-03-03 02:01 . 2012-03-03 02:01 101888 ----a-w- c:\windows\system32\admparse.dll
2012-02-26 22:34 . 2012-02-26 22:34 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-02-26 22:34 . 2012-02-26 22:34 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-02-26 21:03 . 2012-02-26 21:03 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-26 15:21 . 2012-02-26 15:21 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-26 15:21 . 2012-02-26 15:21 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-02-26 15:21 . 2012-02-26 15:21 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-02-26 00:34 . 2012-02-26 00:30 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\BrSerIb.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\UAGP35.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:30 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:30 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui
2012-02-26 00:34 . 2012-02-26 00:30 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tpm.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\pscr.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 33792 ----a-w- c:\windows\system32\drivers\cs-CZ\yk62x86.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\MTConfig.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 11264 ----a-w- c:\windows\system32\drivers\cs-CZ\e1q6032.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 27136 ----a-w- c:\windows\system32\drivers\cs-CZ\bfe.dll.mui
2012-02-26 00:34 . 2012-02-26 00:30 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\rdbss.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ndisuio.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\pnpmem.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\BrSerId.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\bthpan.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\wacompen.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\hdaudbus.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\HdAudio.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\hidbth.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\Dot4usb.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\disk.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\atikmdag.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 11776 ----a-w- c:\windows\system32\drivers\cs-CZ\usbhub.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\bcm4sbxp.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 17920 ----a-w- c:\windows\system32\drivers\cs-CZ\E1G60I32.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\modem.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 15872 ----a-w- c:\windows\system32\drivers\cs-CZ\nwifi.sys.mui
2012-02-26 00:34 . 2012-02-26 00:30 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 8704 ----a-w- c:\windows\system32\drivers\cs-CZ\pci.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\vdrvroot.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\isapnp.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\mssmbios.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\VIAAGP.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\ULIAGPKX.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\SISAGP.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\NV_AGP.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\AMDAGP.SYS.mui
2012-02-26 00:34 . 2012-02-26 00:29 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\AGP440.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\viac7.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\processr.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\intelppm.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\amdppm.sys.mui
2012-02-26 00:34 . 2012-02-26 00:29 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\amdk8.sys.mui
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-02-26 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-02-16 2575712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk
backup=c:\windows\pss\AML Device Install.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Run Google Web Accelerator.lnk
backup=c:\windows\pss\Run Google Web Accelerator.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
start AMD Accelerated Video Transcoding device initialization [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 -c--a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-02-26 00:22 136176 -c--atw- c:\users\PiP\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2011-12-13 15:58 11487848 -c----w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 21:29 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]
2012-04-08 11:35 1494216 -c--a-w- c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2012-03-09 00:30 636032 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-02-26 12:54 740216 -c--a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 oypmzmjv;oypmzmjv;c:\windows\system32\drivers\oypmzmjv.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2012-02-14 5104992]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RTCore32;RTCore32;c:\program files\RMClock\RTCore32.sys [x]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 69208]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 94040]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt; [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 253600]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-09 163328]
R4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-03 116648]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-03 116648]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\avgidsehx.sys [2011-12-23 22992]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2012-02-22 299472]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-26 242240]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 221784]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011-04-05 78936]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-03-09 9183232]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-03-09 265216]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 69208]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AVGIDSEH
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 11:30]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-03 10:13]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-03 10:13]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-528348223-278861638-1870145213-1000Core.job
- c:\users\PiP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26 00:22]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-528348223-278861638-1870145213-1000UA.job
- c:\users\PiP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26 00:22]
.
.
------- Doplňkový sken -------
.
LSP: c:\program files\SpeedBit Video Accelerator\SBLSP.dll
TCP: DhcpNameServer = 10.112.1.1 10.112.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
ShellIconOverlayIdentifiers-{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE} - (no file)
HKCU-Run-Hljijp - c:\users\PiP\AppData\Roaming\Hljijp.exe
HKLM-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-Ad-Aware Browsing Protection - c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe
MSConfigStartUp-Ashampoo Core Tuner - c:\program files\Ashampoo\Ashampoo Core Tuner\autostarter.exe
MSConfigStartUp-Hljijp - c:\users\PiP\AppData\Roaming\Hljijp.exe
MSConfigStartUp-MzCPUAccelerator - c:\program files\Mz Ultimate Tools\Mz CPU Accelerator\MzCPUAccelerator.exe
MSConfigStartUp-MzRAMBooster - c:\program files\Mz Ultimate Tools\Mz RAM Booster\MzRAMBooster.exe
MSConfigStartUp-S60 PC Suite Tray - c:\program files\Samsung\Samsung PC Studio 7\PCSuite.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-528348223-278861638-1870145213-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:72,ad,2f,86,69,d3,6a,ed,5c,90,a4,f1,2a,dd,dd,cd,f3,e2,11,44,2d,25,33,
82,c7,73,41,01,80,2c,0b,38,21,3f,c0,e3,c3,52,76,d1,56,17,b9,68,30,ae,a5,4d,\
"??"=hex:d8,56,3a,64,96,66,73,c5,90,57,3b,d9,52,5d,8a,09
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-04-09 19:26:14
ComboFix-quarantined-files.txt 2012-04-09 17:26
.
Před spuštěním: Volných bajtů: 20 875 423 744
Po spuštění: Volných bajtů: 20 609 245 184
.
- - End Of File - - AC70C452A9D6CB4E5B7368C71BF4BEFA

Odinstalujte SpeedBit Video Accelerator.

Spusťte znovu OTL, do okna dole vložte následující skript a klikněte na tlačítko Opravit. Bude následovat restart PC, po něm sem vložte log, který se otevře, a nový jog z RSIT.

Kód: Vybrat vše

:Commands
[EmptyTemp]
[EmptyFlash]
[ClearAllRestorePoints]

:services
gupdate
gupdatem
SBRE
oypmzmjv
AdobeARMservice
AdobeFlashPlayerUpdateSvc

:Files
c:\windows\system32\drivers\oypmzmjv.sys
c:\windows\Tasks\*.job
c:\windows\system32\drivers\SBREdrv.sys

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=-
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: PiP
->Temp folder emptied: 268722 bytes
->Temporary Internet Files folder emptied: 50802 bytes
->FireFox cache emptied: 24755976 bytes
->Google Chrome cache emptied: 233252254 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3836 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20860 bytes
RecycleBin emptied: 659456 bytes

Total Files Cleaned = 247,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: PiP
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SBRE stopped successfully!
Service SBRE deleted successfully!
Service oypmzmjv stopped successfully!
Service oypmzmjv deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File\Folder c:\windows\system32\drivers\oypmzmjv.sys not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-528348223-278861638-1870145213-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-528348223-278861638-1870145213-1000UA.job moved successfully.
File\Folder c:\windows\system32\drivers\SBREdrv.sys not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AVG_TRAY deleted successfully.
Registry key HKEY_LOCAL_MACHINE\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.

OTL by OldTimer - Version 3.2.40.0 log created on 04192012_153444

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Dejte ještě nový log z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by PiP at 2012-04-19 17:07:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 3071 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:08:32, on 19.4.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Windows\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PiP\Downloads\RSIT.exe
C:\Program Files\trend micro\PiP.exe
C:\Users\PiP\AppData\Local\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-google-search.blogspot.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do-Not-Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\Microsoft Office\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\Microsoft Office\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 3814 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PiP\AppData\Roaming\Mozilla\Firefox\Profiles\ulqjuwfl.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/"

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.228 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do-Not-Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-02-20 898912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-02-14 1408352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk]
C:\PROGRA~1\AMD AVT\bin\kdbsync.exe [2012-01-31 10752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BCD3000 Control Panel.lnk]
C:\PROGRA~1\BEHRIN~1\BCD3000\Drivers\BCD3KC~1.EXE [2010-06-18 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
C:\PROGRA~1\Google\Web Accelerator\GoogleWebAccWarden.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-03-03 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStartupSound"=1
"DisableStatusMessages"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-04-19 17:07:48 ----DC---- C:\Program Files\trend micro
2012-04-19 17:07:47 ----DC---- C:\rsit
2012-04-19 15:34:44 ----DC---- C:\_OTL
2012-04-18 20:19:15 ----DC---- C:\Windows\temp
2012-04-18 20:19:12 ----AC---- C:\ComboFix.txt
2012-04-18 12:40:57 ----DC---- C:\$RECYCLE.BIN
2012-04-18 11:44:36 ----DC---- C:\Users\PiP\AppData\Roaming\Malwarebytes
2012-04-18 11:44:23 ----DC---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-18 11:44:23 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-04-18 11:40:12 ----AC---- C:\TDSSKiller.2.7.28.0_18.04.2012_11.40.12_log.txt
2012-04-18 10:51:06 ----DC---- C:\Program Files\Lavalys
2012-04-18 10:03:09 ----DC---- C:\Program Files\Mozilla Firefox
2012-04-17 21:39:56 ----A---- C:\Windows\system32\msonpmon.dll
2012-04-17 21:37:18 ----DC---- C:\Program Files\Microsoft Works
2012-04-17 21:36:36 ----DC---- C:\Program Files\Microsoft Visual Studio
2012-04-17 21:36:35 ----DC---- C:\Program Files\Common Files\DESIGNER
2012-04-17 21:35:40 ----DC---- C:\Windows\PCHEALTH
2012-04-17 21:33:01 ----DC---- C:\Program Files\Microsoft Visual Studio 8
2012-04-17 21:29:23 ----RDC---- C:\MSOCache
2012-04-17 20:37:22 ----AC---- C:\log.txt
2012-04-17 20:33:02 ----DC---- C:\Program Files\Chessmaster 10th Edition
2012-04-17 20:26:36 ----DC---- C:\Program Files\NewFolder Software
2012-04-17 20:24:40 ----DC---- C:\Program Files\TLKGAMES
2012-04-16 20:43:55 ----A---- C:\Windows\system32\drivers\bcd3000wdm.sys
2012-04-16 20:43:55 ----A---- C:\Windows\system32\drivers\bcd3000.sys
2012-04-16 20:43:54 ----DC---- C:\Program Files\Behringer
2012-04-14 11:57:22 ----RASHC---- C:\MSDOS.SYS
2012-04-14 11:57:22 ----RASHC---- C:\IO.SYS
2012-04-13 11:13:21 ----DC---- C:\ProgramData\Microsoft Help
2012-04-11 10:12:33 ----DC---- C:\Users\PiP\AppData\Roaming\AVG
2012-04-11 10:12:10 ----ADC---- C:\ProgramData\TEMP
2012-04-09 19:12:15 ----AC---- C:\Windows\zip.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\SWSC.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\SWREG.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\sed.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\PEV.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\NIRCMD.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\MBR.exe
2012-04-09 19:12:15 ----AC---- C:\Windows\grep.exe
2012-04-09 19:12:08 ----DC---- C:\Windows\ERDNT
2012-04-09 19:12:00 ----DC---- C:\Qoobox
2012-04-09 18:50:18 ----AC---- C:\UsbFix.txt
2012-04-09 18:50:17 ----DC---- C:\UsbFix
2012-04-09 11:11:36 ----DC---- C:\Users\PiP\AppData\Roaming\AVG2012
2012-04-09 11:10:55 ----HDC---- C:\ProgramData\Common Files
2012-04-09 11:10:24 ----DC---- C:\ProgramData\AVG2012
2012-04-09 11:10:24 ----DC---- C:\$AVG
2012-04-09 11:10:24 ----D---- C:\Windows\system32\drivers\AVG
2012-04-09 11:09:34 ----DC---- C:\Program Files\AVG
2012-04-09 11:05:25 ----DC---- C:\ProgramData\MFAData
2012-04-08 19:11:10 ----DC---- C:\Users\PiP\AppData\Roaming\gtk-2.0
2012-04-08 14:54:55 ----DC---- C:\Users\PiP\AppData\Roaming\Zoner
2012-04-08 14:54:55 ----DC---- C:\ProgramData\Zoner
2012-04-08 14:54:19 ----DC---- C:\Program Files\Zoner
2012-04-08 14:05:21 ----DC---- C:\Program Files\GIMP-2.0
2012-04-08 13:30:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-04-08 13:30:07 ----D---- C:\Windows\system32\Macromed
2012-04-03 12:41:26 ----DC---- C:\$WINDOWS.~BT
2012-04-03 12:13:31 ----DC---- C:\Program Files\Google
2012-04-03 09:18:56 ----DC---- C:\Users\PiP\AppData\Roaming\Auslogics
2012-04-03 09:18:49 ----DC---- C:\Program Files\Auslogics
2012-03-31 18:38:21 ----DC---- C:\Users\PiP\AppData\Roaming\Opera
2012-03-31 18:38:07 ----DC---- C:\Program Files\Opera
2012-03-31 18:04:38 ----DC---- C:\ProgramData\ATI
2012-03-31 18:03:38 ----DC---- C:\Program Files\AMD AVT
2012-03-31 18:03:35 ----DC---- C:\Program Files\AMD APP
2012-03-31 18:03:31 ----DC---- C:\Program Files\Common Files\ATI Technologies
2012-03-31 18:01:04 ----DC---- C:\Program Files\ATI
2012-03-31 17:59:25 ----DC---- C:\AMD
2012-03-31 17:00:46 ----DC---- C:\Program Files\SpeedFan
2012-03-31 12:31:33 ----D---- C:\Windows\system32\appmgmt
2012-03-31 10:43:17 ----DC---- C:\ProgramData\PC Suite
2012-03-31 10:41:49 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-31 10:41:27 ----A---- C:\Windows\system32\nmwcdcls.dll
2012-03-31 10:40:07 ----DC---- C:\ProgramData\Installations
2012-03-31 10:27:45 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2012-03-31 10:27:28 ----A---- C:\Windows\system32\drivers\StarOpen.sys
2012-03-29 20:17:35 ----DC---- C:\Program Files\Microsoft Office
2012-03-29 20:16:28 ----DC---- C:\Program Files\MSECache
2012-03-28 17:28:49 ----DC---- C:\Program Files\VirtualDJ
2012-03-27 19:22:45 ----DC---- C:\Users\PiP\AppData\Roaming\Mirillis
2012-03-27 19:22:45 ----DC---- C:\ProgramData\Mirillis
2012-03-27 19:21:49 ----DC---- C:\Program Files\Mirillis
2012-03-27 12:42:40 ----DC---- C:\Program Files\Scorpions WinCheater
2012-03-22 10:17:41 ----DC---- C:\ProgramData\Casino

======List of files/folders modified in the last 1 month======

2012-04-19 17:07:59 ----D---- C:\Windows\Prefetch
2012-04-19 17:07:48 ----RDC---- C:\Program Files
2012-04-19 15:46:37 ----D---- C:\Windows\system32\config
2012-04-19 15:43:38 ----D---- C:\Windows\System32
2012-04-19 15:43:38 ----D---- C:\Windows\inf
2012-04-19 15:43:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-19 15:35:00 ----D---- C:\Windows\Tasks
2012-04-18 21:32:29 ----D---- C:\Windows\system32\drivers
2012-04-18 20:19:15 ----DC---- C:\Windows
2012-04-18 20:11:21 ----C---- C:\Windows\system.ini
2012-04-18 20:11:01 ----D---- C:\Windows\system32\drivers\etc
2012-04-18 20:03:05 ----DC---- C:\Windows\AppPatch
2012-04-18 20:03:02 ----DC---- C:\Program Files\Common Files
2012-04-18 19:55:43 ----SHD---- C:\System Volume Information
2012-04-18 19:02:03 ----DC---- C:\Users\PiP\AppData\Roaming\vlc
2012-04-18 13:04:12 ----DC---- C:\Windows\pss
2012-04-18 13:03:46 ----DC---- C:\Users\PiP\AppData\Roaming\uTorrent
2012-04-18 10:03:31 ----DC---- C:\Users\PiP\AppData\Roaming\Mozilla
2012-04-17 22:10:43 ----D---- C:\Windows\Microsoft.NET
2012-04-17 21:41:28 ----SHDC---- C:\Windows\Installer
2012-04-17 21:41:12 ----DC---- C:\Config.Msi
2012-04-17 21:40:45 ----RSDC---- C:\Windows\assembly
2012-04-17 21:40:29 ----D---- C:\Windows\winsxs
2012-04-17 21:37:12 ----DC---- C:\Program Files\Common Files\microsoft shared
2012-04-17 21:37:02 ----DC---- C:\Program Files\MSBuild
2012-04-17 21:36:31 ----D---- C:\Windows\ShellNew
2012-04-17 21:35:57 ----RSD---- C:\Windows\Fonts
2012-04-17 21:35:40 ----SDC---- C:\ProgramData\Microsoft
2012-04-17 21:35:40 ----DC---- C:\Program Files\Microsoft.NET
2012-04-17 21:32:18 ----C---- C:\Windows\win.ini
2012-04-17 21:32:07 ----DC---- C:\Program Files\Common Files\System
2012-04-17 21:25:56 ----D---- C:\Windows\system32\catroot2
2012-04-16 20:44:40 ----D---- C:\Windows\system32\DriverStore
2012-04-16 20:44:40 ----D---- C:\Windows\system32\catroot
2012-04-13 11:29:10 ----DC---- C:\Users\PiP\AppData\Roaming\Microsoft
2012-04-13 11:25:43 ----D---- C:\Windows\system32\Tasks
2012-04-13 11:13:21 ----DC---- C:\ProgramData
2012-04-13 11:07:09 ----DC---- C:\Users\PiP\AppData\Roaming\DAEMON Tools Lite
2012-04-11 10:14:02 ----D---- C:\Windows\Downloaded Program Files
2012-04-08 13:16:33 ----DC---- C:\Program Files\CCleaner
2012-04-02 15:54:35 ----DC---- C:\ProgramData\AVAST Software
2012-03-31 18:03:40 ----DC---- C:\ProgramData\AMD
2012-03-31 18:03:10 ----DC---- C:\Program Files\ATI Technologies
2012-03-31 12:56:39 ----DC---- C:\Program Files\AVAST Software
2012-03-31 12:16:40 ----HDC---- C:\Program Files\InstallShield Installation Information
2012-03-31 10:48:53 ----D---- C:\Windows\system32\drivers\UMDF
2012-03-28 17:55:05 ----DC---- C:\acap
2012-03-24 18:39:42 ----D---- C:\Windows\system32\wfp
2012-03-24 18:39:41 ----D---- C:\Windows\system32\wbem
2012-03-24 18:39:41 ----D---- C:\Windows\registration
2012-03-21 19:13:21 ----DC---- C:\Windows\Minidump
2012-03-21 19:13:21 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\avgidsehx.sys [2011-12-23 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iteatapi;ITEATAPI_Service_Install; C:\Windows\system32\DRIVERS\iteatapi.sys [2008-05-14 35608]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-02-22 299472]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-26 242240]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 221784]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 78936]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-27 18048]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 9183232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 265216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-23 43008]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 69208]
S1 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-27 271360]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 bcd3000;bcd3000; C:\Windows\system32\DRIVERS\bcd3000.sys [2010-08-05 47208]
S3 bcd3000wdm;bcd3000wdm; C:\Windows\system32\DRIVERS\bcd3000wdm.sys [2010-08-05 27240]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\PiP\AppData\Local\Temp\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RTCore32;RTCore32; \??\C:\Program Files\RMClock\RTCore32.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 69208]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 94040]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-02-14 5104992]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 163328]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jak se chová PC teď?

při samotném přehrávání je to v pohodě, ale jakmile přepnu na jinou záložku, nebo scrolluju na stránce, nebo jakákoliv jiná aktivita, tak se seká audio i video..

Zkoušel jste přeinstalovat ovladače ke grafické kartě?

Spusťte si nějaký flash applet (třeba video na youtube), klikněte na něj pravým tlačítkem a klikněte na Nastavení. Máte zapnutou HW akceleraci?

ovladače jsem zkoušel nejnovější i starší, a akceleraci jsem taky zkoušel přepínat..

Spusťte znovu OTL.
-do bílého okna dole zkopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

hodilo to chybovou zprávu cannot create run.bat on desktop v průbehu skenu.. 5 minut se nic neděje, mám dát sken znovu?

Zdravím.

Dovolím si vstup, aby tu měl kolega výsledný log a mohl pokračovat.
Proveď vše přesně tak, jak Ti Danstahr psal, jen použij takto pozměněný script:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s

%SystemDrive%\PhysicalMBR.bin /md5

Teď už by mělo vše fungovat správně.

http://leteckaposta.cz/485505880 tady je OTL.txt... Extras.txt jsem nikde nenašel

VIRY.CZ

Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...

Re: Zase ten youtube...