Prosím o kontrolu logu - spěchá

[FlipKorpik]

Omlouvam se za vytvoreni noveho tematu....Ahoj potrebuji zkontrolovat log...zamrza cela plocha nereaguje na nic tahy mysi prave tlacitko...vubec nic, ikony se nedaji rozkliknout jde to pouze pres pruzkumnika, nahodne se zasekava a nacita a pracuje kdyz nema
mam Win 7 pro

DĚKUJI

Logfile of random's system information tool 1.08 (written by random/random)
Run by kasovaz at 2010-08-20 11:32:07
Microsoft Windows 7 Professional
System drive C: has 442 GB (94%) free of 469 GB
Total RAM: 2013 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:16, on 20.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\pdfforge Toolbar\SearchSettings.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Defender\MSASCui.exe
\Ntnoris\noris\noris.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\SuperOffice\SoCrm.exe
C:\Program Files\SuperOffice\SoEventServer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\kasovaz\Desktop\RSIT.exe
C:\Program Files\trend micro\kasovaz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save page in SuperOffice - res://C:\PROGRA~1\SUPERO~1\SoIeExtensions.dll/SavePageInSuperOffice.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: Super - {CC88D81F-6166-4F46-AC89-B75CD9CEB292} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = abrasivcz.loc
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = abrasivcz.loc
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = abrasivcz.loc
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8156 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2010-08-17 409600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-18 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2010-08-17 409600]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-10 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-10 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-10 151064]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-10-30 1116920]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-18 2065760]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"WEBTRAN"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWelcomeScreen"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-20 10:26:22 ----D---- C:\Program Files\trend micro
2010-08-20 10:26:21 ----D---- C:\rsit
2010-08-20 10:13:09 ----D---- C:\32788R22FWJFW
2010-08-20 10:08:08 ----A---- C:\Bug.txt
2010-08-20 10:08:05 ----A---- C:\Windows\system32\cmd.execf
2010-08-20 09:43:28 ----HD---- C:\$AVG
2010-08-19 11:12:04 ----A---- C:\Windows\system32\pdfcmnnt.dll
2010-08-19 11:12:02 ----D---- C:\Program Files\PDFCreator
2010-08-19 11:12:02 ----A---- C:\Windows\system32\MSMPIDE.DLL
2010-08-18 14:34:42 ----SHD---- C:\Config.Msi
2010-08-18 14:32:42 ----D---- C:\ProgramData\Adobe
2010-08-18 14:32:40 ----D---- C:\Program Files\Common Files\Adobe
2010-08-18 14:32:40 ----D---- C:\Program Files\Adobe
2010-08-18 14:22:53 ----A---- C:\Windows\system32\drivers\avgtdix.sys
2010-08-18 14:22:53 ----A---- C:\Windows\system32\avgrsstx.dll
2010-08-18 14:22:52 ----A---- C:\Windows\system32\drivers\avgldx86.sys
2010-08-18 14:22:51 ----D---- C:\Windows\system32\drivers\Avg
2010-08-18 14:22:51 ----A---- C:\Windows\system32\drivers\avgmfx86.sys
2010-08-18 14:22:50 ----D---- C:\ProgramData\AVG Security Toolbar
2010-08-18 14:22:40 ----D---- C:\ProgramData\avg9
2010-08-18 14:22:40 ----D---- C:\Program Files\AVG
2010-08-17 12:54:06 ----A---- C:\Windows\WTRDCTM.INI
2010-08-17 12:52:40 ----D---- C:\Windows\XXLGS
2010-08-17 12:51:55 ----A---- C:\Windows\MAILTRAN.INI
2010-08-17 12:51:54 ----A---- C:\Windows\TRNCOM.INI
2010-08-17 12:51:43 ----A---- C:\Windows\WDICT32.INI
2010-08-17 12:51:42 ----A---- C:\Windows\WTRAN32.INI
2010-08-17 12:51:37 ----D---- C:\TRANSLAT
2010-08-12 07:07:45 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 07:07:38 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-12 07:07:38 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 07:07:37 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 07:07:36 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 07:07:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 07:07:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 07:07:35 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 07:07:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 07:07:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 07:07:31 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 07:07:31 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 07:07:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 07:07:30 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 07:07:27 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 07:07:27 ----A---- C:\Windows\system32\schannel.dll
2010-08-03 06:59:37 ----A---- C:\Windows\system32\shell32.dll
2010-07-26 14:03:04 ----D---- C:\Users\kasovaz\AppData\Roaming\Macromedia
2010-07-26 14:03:04 ----D---- C:\Users\kasovaz\AppData\Roaming\Adobe
2010-07-26 14:03:01 ----D---- C:\Windows\system32\Macromed
2010-07-22 08:18:14 ----D---- C:\Users\kasovaz\AppData\Roaming\LCS International, a.s
2010-07-22 08:18:14 ----D---- C:\ProgramData\LCS International
2010-07-22 08:16:55 ----D---- C:\Program Files\LCS International

======List of files/folders modified in the last 1 months======

2010-08-20 11:32:14 ----D---- C:\Windows\Temp
2010-08-20 11:13:46 ----SHD---- C:\System Volume Information
2010-08-20 10:39:18 ----D---- C:\Windows\Prefetch
2010-08-20 10:26:22 ----RD---- C:\Program Files
2010-08-20 10:08:05 ----D---- C:\Windows\System32
2010-08-20 09:43:29 ----D---- C:\Users\kasovaz\AppData\Roaming\Mycacy
2010-08-20 07:24:04 ----D---- C:\Windows\system32\config
2010-08-20 07:15:28 ----D---- C:\Windows\inf
2010-08-20 07:15:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-19 11:03:25 ----SHD---- C:\Windows\Installer
2010-08-18 14:32:42 ----HD---- C:\ProgramData
2010-08-18 14:32:40 ----D---- C:\Program Files\Common Files
2010-08-18 14:30:24 ----SD---- C:\Users\kasovaz\AppData\Roaming\Microsoft
2010-08-18 14:28:40 ----D---- C:\Windows\system32\catroot2
2010-08-18 14:23:08 ----RD---- C:\Users
2010-08-18 14:22:53 ----D---- C:\Windows\system32\drivers
2010-08-18 14:21:50 ----D---- C:\Windows
2010-08-18 14:10:57 ----D---- C:\ProgramData\Alwil Software
2010-08-18 13:58:41 ----D---- C:\Users\kasovaz\AppData\Roaming\Iluvl
2010-08-13 08:30:18 ----D---- C:\Windows\Microsoft.NET
2010-08-13 08:30:11 ----RSD---- C:\Windows\assembly
2010-08-13 07:12:09 ----D---- C:\Windows\winsxs
2010-08-13 07:11:10 ----D---- C:\Windows\system32\migration
2010-08-13 07:11:10 ----D---- C:\Program Files\Internet Explorer
2010-08-12 15:27:10 ----D---- C:\ProgramData\Microsoft Help
2010-08-12 07:07:25 ----D---- C:\Windows\system32\catroot
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-26 14:03:03 ----D---- C:\Windows\Downloaded Program Files
2010-07-26 08:12:10 ----D---- C:\Users\kasovaz\AppData\Roaming\Hewlett-Packard
2010-07-22 13:44:35 ----D---- C:\Windows\system32\DriverStore
2010-07-21 07:00:11 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\Windows\System32\Drivers\DRVMCDB.SYS [2006-07-21 99176]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-07-24 36528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-08-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-08-18 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-08-18 243024]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2008-02-22 34832]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2008-02-22 32208]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2008-02-22 9136]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2008-02-22 104240]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2008-02-22 26032]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2008-02-22 14256]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2008-02-22 97584]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2008-02-22 94384]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-25 2758240]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-09-24 125440]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-14 1343400]

-----------------EOF-----------------

[stell]

Zdravim
Odinstaluj:
C:\Program Files\pdfforge Toolbar
precisti CCleanerom
Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,
PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.

[FlipKorpik]

ComboFix 10-08-18.05 - kasovaz 20.08.2010 12:50:25.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2013.957 [GMT 2:00]
Spuštěný z: c:\users\kasovaz\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\kasovaz\AppData\Local\Temp\C1C8.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-20 do 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-20 10:45 . 2010-08-20 10:45 -------- d-----w- c:\program files\CCleaner
2010-08-20 08:26 . 2010-08-20 09:32 -------- d-----w- c:\program files\trend micro
2010-08-20 08:26 . 2010-08-20 08:26 -------- d-----w- C:\rsit
2010-08-20 07:43 . 2010-08-20 07:43 -------- d-----w- C:\$AVG
2010-08-19 09:12 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-08-19 09:12 . 2010-08-19 09:12 -------- d-----w- c:\program files\PDFCreator
2010-08-19 09:12 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2010-08-18 12:33 . 2010-08-18 12:33 -------- d-----w- c:\users\kasovaz\AppData\Local\Adobe
2010-08-18 12:32 . 2010-08-18 12:32 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-18 12:22 . 2010-08-18 12:22 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-18 12:22 . 2010-08-18 12:22 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-18 12:22 . 2010-08-18 12:22 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 12:22 . 2010-08-20 08:25 -------- d-----w- c:\windows\system32\drivers\Avg
2010-08-18 12:22 . 2010-08-18 12:22 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-18 12:22 . 2010-08-20 10:43 -------- d-----w- c:\programdata\AVG Security Toolbar
2010-08-18 12:22 . 2010-08-18 12:22 -------- d-----w- c:\programdata\avg9
2010-08-18 12:22 . 2010-08-18 12:22 -------- d-----w- c:\program files\AVG
2010-08-17 10:52 . 2010-08-17 10:52 -------- d-----w- c:\windows\XXLGS
2010-08-17 10:51 . 2010-08-17 10:56 -------- d-----w- C:\TRANSLAT
2010-08-02 06:55 . 2010-08-02 06:55 -------- d-----w- c:\users\kasovaz\AppData\Local\Microsoft Help
2010-07-26 12:03 . 2010-07-26 12:03 -------- d-----w- c:\windows\system32\Macromed
2010-07-22 11:44 . 2009-07-24 13:51 33280 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\x5pp.dll
2010-07-22 11:44 . 2009-07-24 13:51 11264 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\x5print.dll
2010-07-22 06:16 . 2010-07-22 06:16 -------- d-----w- c:\program files\LCS International

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 09:55 . 2010-07-14 18:04 622422 ----a-w- c:\windows\system32\perfh005.dat
2010-08-20 09:55 . 2010-07-14 18:04 118604 ----a-w- c:\windows\system32\perfc005.dat
2010-08-20 07:43 . 2010-07-17 12:33 -------- d-----w- c:\users\kasovaz\AppData\Roaming\Mycacy
2010-08-18 12:10 . 2010-07-16 11:48 -------- d-----w- c:\programdata\Alwil Software
2010-08-18 11:58 . 2010-07-16 05:23 -------- d-----w- c:\users\kasovaz\AppData\Roaming\Iluvl
2010-08-12 13:27 . 2010-07-14 08:22 -------- d-----w- c:\programdata\Microsoft Help
2010-07-29 06:30 . 2010-08-12 05:07 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 05:07 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-26 06:12 . 2010-07-14 10:37 -------- d-----w- c:\users\kasovaz\AppData\Roaming\Hewlett-Packard
2010-07-22 06:18 . 2010-07-22 06:18 -------- d-----w- c:\users\kasovaz\AppData\Roaming\LCS International, a.s
2010-07-22 06:18 . 2010-07-22 06:18 -------- d-----w- c:\programdata\LCS International
2010-07-20 13:32 . 2009-07-14 07:50 -------- d-----w- c:\program files\Windows Journal
2010-07-20 13:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-07-20 13:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer
2010-07-20 13:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-07-20 13:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\DVD Maker
2010-07-20 13:32 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-07-19 14:20 . 2010-07-22 06:18 1978368 ----a-w- c:\programdata\LCS International\NorisWin32Clients\Helios\NorisWin32.exe
2010-07-19 14:20 . 2010-07-22 06:18 663552 ----a-w- c:\programdata\LCS International\NorisWin32Clients\Helios\lcs.WinComponents.dll
2010-07-19 14:20 . 2010-07-22 06:18 573440 ----a-w- c:\programdata\LCS International\NorisWin32Clients\Helios\lcs.ClientControllers.dll
2010-07-19 14:20 . 2010-07-22 06:18 466944 ----a-w- c:\programdata\LCS International\NorisWin32Clients\Helios\lcs.Shared.dll
2010-07-16 13:06 . 2010-07-16 13:06 -------- d-----w- c:\users\kasovaz\AppData\Roaming\SuperOffice
2010-07-16 12:23 . 2010-07-16 12:23 17338 ----a-w- c:\windows\system32\Fxxplfnt.tmp
2010-07-16 12:16 . 2010-07-14 11:12 124272 ----a-w- c:\users\kasovaz\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-16 11:53 . 2010-07-16 11:53 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-16 11:52 . 2010-07-14 08:24 -------- d-----w- c:\program files\Microsoft Works
2010-07-16 11:48 . 2010-07-16 11:48 -------- d-----w- c:\program files\Alwil Software
2010-07-14 18:09 . 2010-07-14 18:09 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-07-14 18:08 . 2010-07-14 18:08 34816 ----a-w- c:\windows\system32\msasn1.dll
2010-07-14 18:08 . 2010-07-14 18:08 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2010-07-14 18:08 . 2010-07-14 18:08 507568 ----a-w- c:\windows\system32\winload.exe
2010-07-14 18:08 . 2010-07-14 18:08 442920 ----a-w- c:\windows\system32\winresume.exe
2010-07-14 18:08 . 2010-07-14 18:08 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2010-07-14 18:08 . 2010-07-14 18:08 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-07-14 18:03 . 2010-07-14 18:04 36232 ----a-w- c:\windows\system32\perfd005.dat
2010-07-14 18:03 . 2010-07-14 18:04 292004 ----a-w- c:\windows\system32\perfi005.dat
2010-07-14 18:03 . 2010-07-14 18:03 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2010-07-14 18:03 . 2010-07-14 18:03 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2010-07-14 18:03 . 2010-07-14 18:03 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2010-07-14 18:03 . 2010-07-14 18:03 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2010-07-14 11:39 . 2010-07-14 11:37 -------- d-----w- c:\program files\SuperOffice
2010-07-14 11:38 . 2010-07-14 11:38 2998 ----a-r- c:\users\kasovaz\AppData\Roaming\Microsoft\Installer\{A75C1152-8ECA-4218-99AD-6E312EBADB6E}\_C8420169C6BE39CFEF48F3.exe
2010-07-14 11:38 . 2010-07-14 11:38 2998 ----a-r- c:\users\kasovaz\AppData\Roaming\Microsoft\Installer\{A75C1152-8ECA-4218-99AD-6E312EBADB6E}\_6FEFF9B68218417F98F549.exe
2010-07-14 11:38 . 2010-07-14 11:38 -------- d-----w- c:\program files\Common Files\SuperOffice
2010-07-14 11:08 . 2010-07-14 11:08 -------- d-----w- c:\users\kasovaz\AppData\Roaming\Roxio
2010-07-14 11:08 . 2010-07-14 10:45 -------- d-----w- c:\programdata\Sonic
2010-07-14 10:54 . 2010-07-14 10:54 -------- d-----w- c:\program files\MSXML 4.0
2010-07-14 10:45 . 2010-07-14 10:42 -------- d-----w- c:\program files\Roxio
2010-07-14 10:45 . 2010-07-14 10:44 -------- d-----w- c:\programdata\Roxio
2010-07-14 10:44 . 2010-07-14 10:42 -------- d-----w- c:\program files\Common Files\Sonic Shared
2010-07-14 10:43 . 2010-07-14 10:43 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-07-14 10:42 . 2010-07-14 10:42 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-07-14 10:41 . 2010-07-14 10:40 -------- d-----w- c:\program files\Common Files\LightScribe
2010-07-14 10:34 . 2010-07-14 10:34 -------- d-----w- c:\program files\Microsoft Windows Small Business Server
2010-07-14 10:34 . 2010-07-14 10:34 -------- d-----w- c:\users\administrator\AppData\Roaming\Hewlett-Packard
2010-07-14 10:26 . 2010-07-14 10:26 0 --sha-r- c:\windows\system32\drivers\103C_HP_bPC_Pro 3010 PC_Y53307F_0U_QCZC022_EU_4A_I2A94h_SPEGATRON CORPORATION_V1.02_5.17_T100128_WU48-0_L405_M2014_J500_7Intel_867A_92.94_#100714_N10EC8168_(VW308EA#AKB)_X_CD3_Z_2_G80862E22;80862E23.MRK
2010-07-14 10:26 . 2010-07-14 08:15 -------- d-----w- c:\programdata\Hewlett-Packard
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Plocha
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Oblíbené položky
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Šablony
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Nabídka Start
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Dokumenty
2010-07-14 10:26 . 2010-07-14 10:26 -------- d-sh--we c:\programdata\Data aplikací
2010-07-14 08:27 . 2010-07-14 08:14 -------- d-----w- c:\program files\Hewlett-Packard
2010-07-14 08:26 . 2010-07-14 08:26 -------- d-----w- c:\program files\Microsoft Office Suite Activation Assistant
2010-07-14 08:24 . 2010-07-14 08:24 -------- d-----w- c:\program files\Microsoft.NET
2010-07-14 08:20 . 2010-07-14 08:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-14 08:20 . 2010-07-14 08:20 -------- d-----w- c:\programdata\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
2010-07-14 08:15 . 2010-07-14 08:15 -------- d--h--w- c:\program files\Temp
2010-07-14 08:15 . 2010-07-14 08:15 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-14 08:12 . 2010-07-14 08:12 -------- d-----w- c:\program files\Realtek
2010-07-14 08:11 . 2010-07-14 08:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-06-30 06:25 . 2010-08-12 05:07 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-12 05:07 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-12 05:07 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-12 05:07 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-12 05:07 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-12 05:07 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-12 05:07 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 04:07 . 2010-08-12 05:07 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 05:48 . 2010-08-12 05:07 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-14 06:12 . 2010-08-12 05:07 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-08 06:02 . 2010-08-12 05:07 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-05-27 07:24 . 2010-07-14 10:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-07-14 10:48 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:22 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-10 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-10 151064]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-10-30 1116920]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-18 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-14 1343400]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-08-18 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-08-18 243024]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 10:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.bing.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save page in SuperOffice - c:\progra~1\SUPERO~1\SoIeExtensions.dll/SavePageInSuperOffice.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC88D81F-6166-4F46-AC89-B75CD9CEB292} - {76E2006B-AC76-4710 -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-WEBTRAN - (no file)


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4060)
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\AVG\AVG9\avgtray.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2010-08-20 12:56:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-20 10:56

Před spuštěním: Volných bajtů: 463 323 004 928
Po spuštění: Volných bajtů: 463 151 190 016

- - End Of File - - 33C121FBE1C24DFFB52B2ECD4A928D71

[stell]

toto je co za program?/
c:\programdata\LCS International\NorisWin32Clients\Helios\NorisWin32.exe

Toto otestuj na www.virustotal.com
c:\windows\system32\Fxxplfnt.tmp
vysledok vloz sem.

[FlipKorpik]

to je v poradku to je program pro zpravu skladu ve firme

[stell]

ok, otestuj ten subor na VT, a napis ako sa chova pc.

[FlipKorpik]

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.08.20.01 2010.08.20 -
AntiVir 8.2.4.38 2010.08.20 -
Antiy-AVL 2.0.3.7 2010.08.16 -
Věrohodný 5.2.0.5 2010.08.20 -
Avast 4.8.1351.0 2010.08.20 -
Avast5 5.0.332.0 2010.08.20 -
AVG 9.0.0.851 2010.08.20 -
BitDefender 7,2 2010.08.20 -
CAT-quickheal 11,00 2010.08.20 -
ClamAV 0.96.2.0-git 2010.08.20 -
Comodo 5794 2010.08.20 -
DrWeb 5.0.2.03300 2010.08.20 -
Emsisoft 5.0.0.37 2010.08.20 -
eSafe 7.0.17.0 2010.08.19 -
eTrust-Vet 36.1.7802 2010.08.20 -
F-Prot 4.6.1.107 2010.08.19 -
F-Secure 9.0.15370.0 2010.08.20 -
Fortinet 4.1.143.0 2010.08.20 -
GData 21 2010.08.20 -
Ikarus T3.1.1.88.0 2010.08.20 -
Jiangmin 13.0.900 2010.08.19 -
Kaspersky 7.0.0.125 2010.08.20 -
McAfee 5.400.0.1158 2010.08.20 -
McAfee-GW-Edition 2010.1B 2010.08.20 -
Microsoft 1,6103 2010.08.20 -
NOD32 5381 2010.08.20 -
Norman 6.05.11 2010.08.19 -
nProtect 2010-08-20.01 2010.08.20 -
Panda 10.0.2.7 2010.08.20 -
PCTools 7.0.3.5 2010.08.20 -
Prevx 3,0 2010.08.20 -
Stoupající 22.61.04.04 2010.08.20 -
Sophos 4.56.0 2010.08.20 -
Sunbelt 6765 2010.08.20 -
SUPERAntiSpyware 4.40.0.1006 2010.08.20 -
Symantec 20101.1.1.7 2010.08.20 -
TheHacker 6.5.2.1.352 2010.08.20 -
TrendMicro 9.120.0.1004 2010.08.20 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.20 -
VBA32 3.12.14.0 2010.08.20 -
ViRobot 2010.8.16.3990 2010.08.20 -
VirusBuster 5.0.27.0 2010.08.19 -
Další informaceZobrazit všechny
MD5: 8dae1d38746b9d3bc3a23962bc3b1d12
SHA1: cdc80df3d83923654131ed9b2447b23f60a7a095
SHA256: b22f4eef6d200b38b9c5bcdd18408b4c18ce1201198ff25e9c72f6ef6b229991
ssdeep: 384: Dy1GfPtkcWGPZtnNS4Pcv8a6uqCi3iEtgnsYYyfgm: scWGPDnUvH6uqCi3iQyfgm
Velikost souboru: 17338 bytů
První vidět: 2010-08-20 11:26:00
Naposledy spatřen: 2010-08-20 11:26:00
Magic: data
TrID:
Lumena CEL bitmap (58,3%)
Corel Photo Paintu (37,9%)
MS Flight Simulator výkonnosti letadla Info (3,7%)
sigcheck:
Vydavatel ....: n / a
Copyright ....: n / a
produktu ......: n / a
popis ..: n / a
Původní název: n / a
interní název: n / a
verzi souboru.: n / a
komentáře .....: n / a
signatáři ......: -
datum podepsání.: -
ověřené .....: Unsigned
PEiD: -


Jinak PC je ok vsechno funguje jak ma moooc Diky za pomoc

[stell]

ok
odinstaluj combofix-start-spustit skopiruj do okna prikaz combofix /uninstall
ok
Nemas zaco.