VIRY.CZ

Zdravím
Ač jsem ve výcviku, sám si ještě nepomůžu, ale se svými znalostmi jsem se o něco pokusil, ale marně, no ale k věci:
Nějaká havěť mi blokuje prohlížeče, teď píšu z mého primitivního, vytvořeného ve Visual Basicu
Jak se to stalo? Nejprve mi nefungoval Skype, tak jsem ho reinstaloval, následoval reinstal Avastu a chtěl jsem nainstalovat PC Tools Firewall Plus, ale ještě sem to nestih.
Log RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by MPu 3000 at 2011-06-07 18:42:48
Microsoft Windows 7 Ultimate
System drive C: has 3 GB (11%) free of 26 GB
Total RAM: 2046 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:10, on 7.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\MPu 3000\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Users\MPu 3000\Desktop\RSIT.exe
C:\Program Files\trend micro\MPu 3000.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "M:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - Unknown owner - C:\Program Files\AVAST Software\Avast\afwServ.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - M:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 5746 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-24 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"Malwarebytes' Anti-Malware"=M:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-05-29 449584]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Google Update"=C:\Users\MPu [2011-06-07 1746]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-07 18:20:11 ----D---- C:\Program Files\trend micro
2011-06-07 18:20:10 ----D---- C:\rsit
2011-06-07 17:46:48 ----D---- C:\Users\MPu 3000\AppData\Roaming\PCToolsFirewallPlus
2011-06-07 17:41:07 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-06-07 17:41:07 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-06-07 17:41:03 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-06-07 17:41:02 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-06-07 17:41:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-06-07 17:41:01 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-06-07 17:40:44 ----A---- C:\Windows\system32\aswBoot.exe
2011-06-07 15:57:34 ----D---- C:\Users\MPu 3000\AppData\Roaming\skypePM
2011-06-07 15:57:34 ----D---- C:\ProgramData\Skype Extras
2011-06-07 14:05:14 ----D---- C:\ProgramData\PMB Files
2011-06-07 14:04:55 ----D---- C:\Program Files\Pando Networks
2011-06-05 17:11:08 ----D---- C:\Program Files\TaskbarMeters v1.1
2011-06-05 16:40:23 ----D---- C:\Users\MPu 3000\AppData\Roaming\Malwarebytes
2011-06-05 16:40:14 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-06-05 16:40:13 ----D---- C:\ProgramData\Malwarebytes
2011-06-05 16:40:10 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-06-05 11:34:07 ----D---- C:\ProgramData\Disney Interactive
2011-06-05 11:33:04 ----D---- C:\ProgramData\Roaming
2011-06-05 11:32:50 ----A---- C:\Windows\disney.ini
2011-06-05 11:32:48 ----A---- C:\Windows\disneysy.ini
2011-06-03 20:54:54 ----D---- C:\ProgramData\OMSI AM
2011-06-03 19:29:11 ----D---- C:\Users\MPu 3000\AppData\Roaming\OnLive App
2011-06-02 18:31:10 ----D---- C:\Program Files\UPM
2011-06-01 15:11:15 ----D---- C:\ProgramData\FLEXnet
2011-06-01 15:09:23 ----D---- C:\Program Files\Autodesk
2011-06-01 15:09:08 ----D---- C:\Program Files\Common Files\Macrovision Shared
2011-06-01 15:04:53 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-06-01 15:04:06 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-06-01 15:04:06 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-06-01 15:04:05 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-06-01 15:00:20 ----D---- C:\Users\MPu 3000\AppData\Roaming\Autodesk
2011-06-01 15:00:20 ----D---- C:\ProgramData\Autodesk
2011-05-31 14:13:52 ----D---- C:\ProgramData\OneUpIndustries
2011-05-31 14:13:34 ----D---- C:\Program Files\OneUpIndustries
2011-05-31 14:13:32 ----D---- C:\Users\MPu 3000\AppData\Roaming\OneUpIndustries
2011-05-30 12:47:03 ----D---- C:\Windows\system32\MetroClock
2011-05-28 11:06:45 ----A---- C:\Windows\system32\NCTTextToAudio.dll
2011-05-28 11:06:45 ----A---- C:\Windows\system32\NCTAudioFile.dll
2011-05-28 11:06:44 ----A---- C:\Windows\system32\lame_enc.dll
2011-05-26 15:12:39 ----A---- C:\Windows\IsUninst.exe
2011-05-25 15:27:13 ----A---- C:\Windows\CROCCLIP.INI
2011-05-24 17:46:57 ----D---- C:\Windows\Sun
2011-05-24 17:46:51 ----D---- C:\ProgramData\Sun
2011-05-24 17:46:50 ----D---- C:\Program Files\Common Files\Java
2011-05-24 17:46:34 ----A---- C:\Windows\system32\javaws.exe
2011-05-24 17:46:34 ----A---- C:\Windows\system32\javaw.exe
2011-05-24 17:46:34 ----A---- C:\Windows\system32\java.exe
2011-05-24 17:46:34 ----A---- C:\Windows\system32\deployJava1.dll
2011-05-24 17:46:20 ----D---- C:\Program Files\Java
2011-05-24 16:45:46 ----A---- C:\Windows\wcbr.vbs
2011-05-24 16:45:40 ----A---- C:\Windows\wcbr.exe
2011-05-24 16:27:24 ----RASH---- C:\MSDOS.SYS
2011-05-24 16:27:24 ----RASH---- C:\IO.SYS
2011-05-23 20:30:58 ----A---- C:\Windows\system32\pncrt.dll
2011-05-23 14:10:41 ----D---- C:\Program Files\Combined Community Codec Pack
2011-05-22 10:04:00 ----AD---- C:\ProgramData\TEMP
2011-05-22 08:38:05 ----A---- C:\Windows\system32\CmdLineExt.dll
2011-05-22 08:12:37 ----D---- C:\Program Files\Common Files\InstallShield
2011-05-21 17:00:00 ----A---- C:\Windows\system32\drivers\aswFW.sys
2011-05-21 16:59:24 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2011-05-21 13:08:45 ----A---- C:\bdlog.txt
2011-05-21 12:45:55 ----A---- C:\Windows\system32\bdsandbox.txt
2011-05-21 12:19:41 ----D---- C:\Users\MPu 3000\AppData\Roaming\BitDefender
2011-05-21 12:19:35 ----D---- C:\ProgramData\BitDefender
2011-05-21 12:14:54 ----D---- C:\Users\MPu 3000\AppData\Roaming\QuickScan
2011-05-21 12:14:29 ----D---- C:\Program Files\Common Files\BitDefender
2011-05-21 10:09:50 ----A---- C:\Windows\system32\uxtheme.dll.backup
2011-05-21 10:09:48 ----A---- C:\Windows\system32\themeui.dll.backup
2011-05-21 10:09:46 ----A---- C:\Windows\system32\themeservice.dll.backup
2011-05-19 15:52:06 ----D---- C:\ProgramData\AVS4YOU
2011-05-19 15:52:00 ----D---- C:\Users\MPu 3000\AppData\Roaming\AVS4YOU
2011-05-19 15:51:29 ----D---- C:\Program Files\AVS4YOU
2011-05-19 15:50:32 ----D---- C:\Program Files\Common Files\AVSMedia
2011-05-19 15:50:04 ----A---- C:\Windows\system32\msxml3a.dll
2011-05-18 15:12:05 ----D---- C:\Windows\system32\QuickTime
2011-05-18 13:24:07 ----D---- C:\Program Files\Noel Danjou
2011-05-18 13:23:44 ----D---- C:\Users\MPu 3000\AppData\Roaming\GetRightToGo
2011-05-16 18:57:44 ----A---- C:\Windows\system32\MSVBVM50.dll
2011-05-16 18:57:44 ----A---- C:\Windows\ST5UNST.EXE
2011-05-16 17:42:55 ----D---- C:\Program Files\CCleaner
2011-05-15 19:02:41 ----D---- C:\Users\MPu 3000\AppData\Roaming\GHISLER
2011-05-15 19:02:41 ----D---- C:\totalcmd
2011-05-15 19:02:41 ----A---- C:\Windows\UC.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\RAR.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\PKZIP.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\PKUNZIP.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\NOCLOSE.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\LHA.PIF
2011-05-15 19:02:41 ----A---- C:\Windows\ARJ.PIF
2011-05-15 14:36:15 ----D---- C:\Users\MPu 3000\AppData\Roaming\U3
2011-05-15 14:23:59 ----D---- C:\Windows\WindowsMobile
2011-05-15 14:23:01 ----D---- C:\ProgramData\Windows Genuine Advantage
2011-05-11 23:47:36 ----A---- C:\Windows\system32\frapsvid.dll
2011-05-11 15:49:55 ----D---- C:\Windows\system32\appmgmt
2011-05-11 15:44:45 ----D---- C:\Users\MPu 3000\AppData\Roaming\Stealth Software
2011-05-11 13:22:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-05-11 13:22:20 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 13:22:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 13:22:20 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 13:22:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 13:22:19 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 13:22:19 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 13:22:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 13:22:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-10 19:56:50 ----D---- C:\Program Files\Adobe
2011-05-10 19:17:29 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-05-10 19:17:18 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-05-10 18:45:52 ----D---- C:\Users\MPu 3000\AppData\Roaming\Ashampoo
2011-05-10 18:45:13 ----D---- C:\ProgramData\ashampoo
2011-05-10 18:44:52 ----D---- C:\Program Files\Ashampoo
2011-05-10 16:10:34 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-05-10 16:10:17 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-10 16:10:16 ----A---- C:\Windows\system32\DWrite.dll
2011-05-10 16:10:15 ----A---- C:\Windows\system32\FntCache.dll
2011-05-10 16:10:15 ----A---- C:\Windows\system32\d2d1.dll
2011-05-10 14:03:46 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-05-10 14:03:46 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-05-10 14:03:45 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-05-10 13:58:55 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-05-10 13:58:54 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-05-10 13:58:51 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-05-10 13:58:51 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-05-10 13:58:51 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-05-10 13:58:51 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-05-10 13:58:51 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-05-10 13:58:50 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-05-10 13:58:50 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-05-10 13:58:49 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-05-10 13:58:49 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-05-10 13:58:49 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-05-10 13:58:49 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-05-10 13:58:48 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-05-10 13:58:48 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-05-10 13:58:48 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-05-10 13:58:47 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-05-10 13:58:47 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-05-10 13:58:46 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-05-10 13:58:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-05-10 13:58:46 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-05-10 13:58:46 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-05-10 13:58:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-05-10 13:58:44 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-05-10 13:58:44 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-05-10 13:58:44 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-05-10 13:58:44 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-05-10 13:58:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\xinput1_3.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-05-10 13:58:42 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-05-10 13:58:41 ----A---- C:\Windows\system32\d3dx10.dll
2011-05-10 13:58:40 ----A---- C:\Windows\system32\xinput1_2.dll
2011-05-10 13:58:40 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-05-10 13:58:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-05-10 13:58:39 ----A---- C:\Windows\system32\xinput1_1.dll
2011-05-10 13:58:39 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-05-10 13:58:39 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-05-10 13:58:35 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-05-10 13:58:35 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-05-10 13:58:35 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-05-10 13:58:35 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-05-10 13:58:35 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-05-10 13:58:34 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-05-10 13:58:33 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-05-10 13:58:32 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-05-10 13:54:37 ----D---- C:\Windows\system32\directx
2011-05-10 12:42:35 ----D---- C:\Users\MPu 3000\AppData\Roaming\TuxPaint
2011-05-09 20:35:41 ----D---- C:\Users\MPu 3000\AppData\Roaming\Windows Live Writer
2011-05-09 20:23:22 ----D---- C:\Windows\cs
2011-05-09 20:21:54 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-05-09 20:19:18 ----D---- C:\Program Files\Windows Live
2011-05-09 20:18:16 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-05-09 20:18:16 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-05-09 20:18:15 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-05-09 20:17:46 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-05-09 20:16:40 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-09 20:15:57 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-05-09 20:15:57 ----A---- C:\Windows\system32\UIRibbon.dll
2011-05-09 20:13:30 ----D---- C:\Program Files\Common Files\Windows Live
2011-05-09 18:43:24 ----D---- C:\Program Files\Aerosoft
2011-05-09 18:43:18 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-09 18:43:01 ----D---- C:\Program Files\Omsi
2011-05-09 18:20:53 ----D---- C:\Users\MPu 3000\AppData\Roaming\Mozilla
2011-05-09 18:18:33 ----D---- C:\Program Files\Mozilla Firefox
2011-05-09 18:11:01 ----A---- C:\Windows\system32\msonpmon.dll
2011-05-09 18:08:17 ----D---- C:\Program Files\Microsoft Works
2011-05-09 18:07:46 ----D---- C:\Program Files\Microsoft Visual Studio
2011-05-09 18:07:46 ----D---- C:\Program Files\Common Files\DESIGNER
2011-05-09 18:07:15 ----D---- C:\Windows\PCHEALTH
2011-05-09 18:05:42 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-05-09 18:05:03 ----D---- C:\ProgramData\Microsoft Help
2011-05-09 18:05:03 ----D---- C:\Program Files\Microsoft Office
2011-05-09 18:03:38 ----RHD---- C:\MSOCache
2011-05-09 17:58:51 ----D---- C:\Users\MPu 3000\AppData\Roaming\DAEMON Tools Lite
2011-05-09 17:58:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-09 17:33:18 ----D---- C:\Users\MPu 3000\AppData\Roaming\Skype
2011-05-09 17:32:39 ----D---- C:\ProgramData\Skype
2011-05-09 15:08:50 ----D---- C:\Users\MPu 3000\AppData\Roaming\PSpad
2011-05-09 15:07:54 ----D---- C:\Program Files\PSPad editor
2011-05-09 14:48:04 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-05-09 14:48:04 ----D---- C:\ProgramData\Adobe
2011-05-09 14:48:04 ----D---- C:\Program Files\Common Files\Adobe
2011-05-09 14:45:55 ----A---- C:\Windows\system32\ole32.dll
2011-05-09 14:45:47 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-05-09 14:45:47 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-05-09 14:45:47 ----A---- C:\Windows\system32\dnsapi.dll
2011-05-09 14:45:44 ----A---- C:\Windows\system32\ir32_32.dll
2011-05-09 14:45:44 ----A---- C:\Windows\system32\iccvid.dll
2011-05-09 14:45:42 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-05-09 14:45:42 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-05-09 14:45:41 ----A---- C:\Windows\system32\fsutil.exe
2011-05-09 14:45:41 ----A---- C:\Windows\system32\esent.dll
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\storport.sys
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-05-09 14:45:41 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-05-09 14:45:37 ----A---- C:\Windows\system32\tzres.dll
2011-05-09 14:45:33 ----A---- C:\Windows\system32\msasn1.dll
2011-05-09 14:45:31 ----A---- C:\Windows\system32\asycfilt.dll
2011-05-09 14:45:11 ----A---- C:\Windows\system32\mfc40u.dll
2011-05-09 14:45:11 ----A---- C:\Windows\system32\mfc40.dll
2011-05-09 14:44:57 ----A---- C:\Windows\system32\wmp.dll
2011-05-09 14:44:56 ----A---- C:\Windows\system32\wmploc.DLL
2011-05-09 14:44:53 ----A---- C:\Windows\system32\win32k.sys
2011-05-09 14:44:49 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-09 14:44:43 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-09 14:44:41 ----A---- C:\Windows\explorer.exe
2011-05-09 14:44:38 ----A---- C:\Windows\system32\mstscax.dll
2011-05-09 14:44:38 ----A---- C:\Windows\system32\mstsc.exe
2011-05-09 14:41:51 ----A---- C:\Windows\system32\upnp.dll
2011-05-09 14:41:51 ----A---- C:\Windows\system32\msxml6.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\wscsvc.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\wscapi.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\winhttp.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\WebClnt.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\slwga.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\msxml3.dll
2011-05-09 14:41:50 ----A---- C:\Windows\system32\davclnt.dll
2011-05-09 14:41:41 ----A---- C:\Windows\system32\wmpmde.dll
2011-05-09 14:41:29 ----A---- C:\Windows\system32\consent.exe
2011-05-09 14:16:32 ----D---- C:\Users\MPu 3000\AppData\Roaming\ATI
2011-05-09 14:16:32 ----D---- C:\ProgramData\ATI
2011-05-09 14:11:12 ----D---- C:\ProgramData\AVAST Software
2011-05-09 14:11:12 ----D---- C:\Program Files\AVAST Software
2011-05-09 14:06:25 ----D---- C:\Program Files\ATI Technologies
2011-05-09 14:06:22 ----D---- C:\Program Files\ATI
2011-05-09 14:05:54 ----A---- C:\Windows\system32\Oemdspif.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\drivers\AtihdW73.sys
2011-05-09 14:05:54 ----A---- C:\Windows\system32\coinst.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atiuxpag.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atiumdva.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atiumdag.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atiu9pag.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atitmmxx.dll
2011-05-09 14:05:54 ----A---- C:\Windows\system32\atipdlxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-05-09 14:05:53 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-05-09 14:05:53 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atioglxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\ATIODE.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\ATIODCLI.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atimuixx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atimpc32.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atiglpxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atigktxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atiesrxx.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atieclxx.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atidxx32.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\aticfx32.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\aticalrt.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\aticaldd.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\aticalcl.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atibtmon.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atiapfxx.exe
2011-05-09 14:05:53 ----A---- C:\Windows\system32\atiadlxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\ati2edxx.dll
2011-05-09 14:05:53 ----A---- C:\Windows\system32\amdpcom32.dll
2011-05-09 13:37:39 ----SHD---- C:\RECYCLER
2011-05-09 13:27:37 ----D---- C:\Program Files\Microsoft.NET
2011-05-09 13:27:25 ----SHD---- C:\Windows\Installer
2011-05-09 13:25:32 ----D---- C:\Windows\system32\Wat
2011-05-08 20:03:34 ----A---- C:\Windows\system32\msv1_0.dll
2011-05-08 20:03:09 ----D---- C:\Windows\Panther
2011-05-08 20:01:03 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-05-08 20:01:03 ----A---- C:\Windows\system32\PresentationHost.exe
2011-05-08 20:01:03 ----A---- C:\Windows\system32\netfxperf.dll
2011-05-08 20:01:03 ----A---- C:\Windows\system32\mscoree.dll
2011-05-08 20:01:03 ----A---- C:\Windows\system32\dfshim.dll
2011-05-08 19:57:06 ----D---- C:\Windows\PixArt
2011-05-08 19:54:48 ----A---- C:\Windows\system32\MRT.exe
2011-05-08 19:53:09 ----A---- C:\Windows\system32\browserchoice.exe
2011-05-08 19:51:25 ----A---- C:\Windows\system32\drivers\ks.sys
2011-05-08 19:50:59 ----A---- C:\Windows\system32\wcncsvc.dll
2011-05-08 19:49:44 ----A---- C:\Windows\system32\prevhost.exe
2011-05-08 19:48:49 ----A---- C:\Windows\system32\lsasrv.dll
2011-05-08 19:48:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2011-05-08 19:48:44 ----A---- C:\Windows\system32\CPFilters.dll
2011-05-08 19:48:43 ----A---- C:\Windows\system32\sbe.dll
2011-05-08 19:48:43 ----A---- C:\Windows\system32\EncDec.dll
2011-05-08 19:48:32 ----A---- C:\Windows\system32\odbc32.dll
2011-05-08 19:48:28 ----A---- C:\Windows\system32\winresume.exe
2011-05-08 19:48:28 ----A---- C:\Windows\system32\winload.exe
2011-05-08 19:48:28 ----A---- C:\Windows\system32\CertEnroll.dll
2011-05-08 19:48:23 ----A---- C:\Windows\system32\ntdll.dll
2011-05-08 19:48:21 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-05-08 19:48:21 ----A---- C:\Windows\system32\taskschd.dll
2011-05-08 19:48:21 ----A---- C:\Windows\system32\taskeng.exe
2011-05-08 19:48:21 ----A---- C:\Windows\system32\taskcomp.dll
2011-05-08 19:48:21 ----A---- C:\Windows\system32\schtasks.exe
2011-05-08 19:48:21 ----A---- C:\Windows\system32\schedsvc.dll
2011-05-08 19:48:19 ----A---- C:\Windows\system32\psisdecd.dll
2011-05-08 19:48:19 ----A---- C:\Windows\system32\msdri.dll
2011-05-08 19:48:17 ----A---- C:\Windows\system32\shell32.dll
2011-05-08 19:48:16 ----A---- C:\Windows\system32\winlogon.exe
2011-05-08 19:48:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-05-08 19:48:15 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-05-08 19:48:15 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-05-08 19:48:15 ----A---- C:\Windows\system32\drivers\srv.sys
2011-05-08 19:48:14 ----A---- C:\Windows\system32\spoolsv.exe
2011-05-08 19:48:12 ----A---- C:\Windows\system32\kerberos.dll
2011-05-08 19:48:09 ----A---- C:\Windows\system32\srvsvc.dll
2011-05-08 19:48:08 ----A---- C:\Windows\system32\atmlib.dll
2011-05-08 19:48:08 ----A---- C:\Windows\system32\atmfd.dll
2011-05-08 19:48:07 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-08 19:48:06 ----A---- C:\Windows\system32\t2embed.dll
2011-05-08 19:48:04 ----A---- C:\Windows\system32\oleaut32.dll
2011-05-08 19:48:03 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-05-08 19:48:03 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-05-08 19:48:03 ----A---- C:\Windows\system32\secproc_isv.dll
2011-05-08 19:48:03 ----A---- C:\Windows\system32\secproc.dll
2011-05-08 19:48:03 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-05-08 19:48:03 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-05-08 19:48:03 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-05-08 19:48:03 ----A---- C:\Windows\system32\RMActivate.exe
2011-05-08 19:48:02 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-05-08 19:48:01 ----A---- C:\Windows\system32\kernel32.dll
2011-05-08 19:48:01 ----A---- C:\Windows\system32\apphelp.dll
2011-05-08 19:48:00 ----A---- C:\Windows\system32\fontsub.dll
2011-05-08 19:47:59 ----A---- C:\Windows\system32\wintrust.dll
2011-05-08 19:47:59 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-05-08 19:47:56 ----A---- C:\Windows\system32\inetcomm.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\webio.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\quartz.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\msyuv.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\msvidc32.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\mciavi32.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\iyuv_32.dll
2011-05-08 19:47:55 ----A---- C:\Windows\system32\avifil32.dll
2011-05-08 19:47:54 ----A---- C:\Windows\system32\tsbyuv.dll
2011-05-08 19:47:54 ----A---- C:\Windows\system32\msrle32.dll
2011-05-08 19:47:53 ----A---- C:\Windows\system32\schannel.dll
2011-05-08 19:47:53 ----A---- C:\Windows\system32\rtutils.dll
2011-05-08 19:47:52 ----A---- C:\Windows\system32\comctl32.dll
2011-05-08 19:47:51 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-05-08 19:47:51 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-05-08 19:47:51 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-05-08 19:47:51 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-05-08 19:46:27 ----D---- C:\Users\MPu 3000\AppData\Roaming\Macromedia
2011-05-08 19:46:27 ----D---- C:\Users\MPu 3000\AppData\Roaming\Adobe
2011-05-08 19:46:27 ----A---- C:\Windows\system32\mfc42u.dll
2011-05-08 19:46:27 ----A---- C:\Windows\system32\mfc42.dll
2011-05-08 19:46:21 ----D---- C:\Windows\system32\Macromed
2011-05-08 19:43:55 ----N---- C:\Windows\system32\MpSigStub.exe
2011-05-08 19:35:10 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-05-08 19:35:05 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-05-08 19:35:05 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-08 19:35:05 ----A---- C:\Windows\system32\cdd.dll
2011-05-08 19:35:03 ----A---- C:\Windows\system32\cabview.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\wininet.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\urlmon.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-05-08 19:34:45 ----A---- C:\Windows\system32\msrating.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\msls31.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\jsproxy.dll
2011-05-08 19:34:45 ----A---- C:\Windows\system32\iertutil.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\wextract.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\webcheck.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\vbscript.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\url.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\pngfilt.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\occache.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\mshtmler.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\mshtmled.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\mshtml.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\mshta.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\msfeedssync.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\msfeeds.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\licmgr10.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\jscript9.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\jscript.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\inseng.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\imgutil.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iexpress.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieUnatt.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieui.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iesysprep.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iesetup.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iernonce.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iepeers.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieframe.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\iedkcs32.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieapfltr.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieakui.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieaksie.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ieakeng.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\ie4uinit.exe
2011-05-08 19:34:44 ----A---- C:\Windows\system32\icardie.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\dxtrans.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\dxtmsft.dll
2011-05-08 19:34:44 ----A---- C:\Windows\system32\admparse.dll
2011-05-08 19:34:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-08 19:34:14 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-05-08 19:34:14 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-08 19:34:14 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-08 19:34:13 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-08 19:34:13 ----A---- C:\Windows\system32\mf.dll
2011-05-08 19:34:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-05-08 19:23:27 ----D---- C:\Users\MPu 3000\AppData\Roaming\WinRAR
2011-05-08 19:23:23 ----D---- C:\Program Files\WinRAR
2011-05-08 19:17:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-08 19:13:55 ----D---- C:\Users\MPu 3000\AppData\Roaming\Identities
2011-05-08 19:13:46 ----SD---- C:\Users\MPu 3000\AppData\Roaming\Microsoft
2011-05-08 19:13:46 ----D---- C:\Users\MPu 3000\AppData\Roaming\Media Center Programs
2011-05-08 19:13:28 ----SHD---- C:\Recovery
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Šablony
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Plocha
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Oblíbené položky
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Nabídka Start
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Dokumenty
2011-05-08 19:13:27 ----SHD---- C:\ProgramData\Data aplikací
2011-05-08 19:07:30 ----D---- C:\Windows\SoftwareDistribution
2011-05-08 19:04:45 ----D---- C:\Windows\Prefetch
2011-05-08 19:04:28 ----SHD---- C:\System Volume Information
2011-05-08 19:04:28 ----ASH---- C:\pagefile.sys
2011-05-08 19:04:27 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2011-06-07 18:42:47 ----D---- C:\Windows\system32\config
2011-06-07 18:40:11 ----D---- C:\Windows\Temp
2011-06-07 18:37:29 ----D---- C:\Windows\System32
2011-06-07 18:37:29 ----D---- C:\Windows\inf
2011-06-07 18:28:47 ----A---- C:\Windows\win.ini
2011-06-07 18:20:11 ----RD---- C:\Program Files
2011-06-07 18:12:28 ----D---- C:\Windows\system32\NDF
2011-06-07 18:10:38 ----D---- C:\Windows
2011-06-07 18:10:11 ----D---- C:\Windows\system32\Tasks
2011-06-07 18:10:08 ----D---- C:\Program Files\Common Files
2011-06-07 18:01:42 ----D---- C:\Windows\system32\drivers\etc
2011-06-07 17:58:37 ----SD---- C:\ProgramData\Microsoft
2011-06-07 17:49:47 ----D---- C:\Windows\system32\drivers
2011-06-07 17:49:41 ----D---- C:\Windows\system32\DriverStore
2011-06-07 17:49:41 ----D---- C:\Windows\system32\catroot
2011-06-07 17:47:07 ----RD---- C:\Users
2011-06-07 15:57:34 ----HD---- C:\ProgramData
2011-06-06 15:28:53 ----D---- C:\Windows\PolicyDefinitions
2011-05-31 14:14:17 ----RSD---- C:\Windows\assembly
2011-05-28 21:48:45 ----D---- C:\Windows\system32\catroot2
2011-05-28 11:07:19 ----D---- C:\Program Files\Common Files\microsoft shared
2011-05-21 11:34:51 ----D---- C:\Windows\system32\wdi
2011-05-21 10:09:50 ----A---- C:\Windows\system32\uxtheme.dll
2011-05-21 10:09:48 ----A---- C:\Windows\system32\themeui.dll
2011-05-21 10:09:46 ----A---- C:\Windows\system32\themeservice.dll
2011-05-19 15:50:57 ----RSD---- C:\Windows\Fonts
2011-05-19 15:50:23 ----D---- C:\Windows\winsxs
2011-05-17 19:55:45 ----D---- C:\Windows\rescache
2011-05-17 19:48:07 ----D---- C:\Windows\Logs
2011-05-16 17:43:59 ----D---- C:\Windows\debug
2011-05-15 14:27:42 ----D---- C:\Windows\system32\drivers\UMDF
2011-05-15 14:26:31 ----D---- C:\Windows\system32\LogFiles
2011-05-10 19:01:31 ----D---- C:\Windows\Microsoft.NET
2011-05-09 20:50:04 ----D---- C:\Windows\AppPatch
2011-05-09 18:08:07 ----D---- C:\Program Files\MSBuild
2011-05-09 18:07:42 ----D---- C:\Windows\ShellNew
2011-05-09 18:05:22 ----D---- C:\Program Files\Common Files\System
2011-05-09 17:24:27 ----D---- C:\Windows\system32\cs-CZ
2011-05-09 17:24:27 ----D---- C:\Program Files\Windows Mail
2011-05-09 17:24:23 ----D---- C:\Program Files\Windows Media Player
2011-05-09 14:02:29 ----D---- C:\Windows\Tasks
2011-05-09 13:27:37 ----D---- C:\Windows\system32\en-US
2011-05-09 13:22:41 ----D---- C:\Windows\Downloaded Program Files
2011-05-08 20:05:59 ----D---- C:\Windows\ehome
2011-05-08 20:05:58 ----D---- C:\Windows\system32\Boot
2011-05-08 20:05:57 ----D---- C:\Program Files\Internet Explorer
2011-05-08 20:05:56 ----D---- C:\Windows\system32\migration
2011-05-08 19:57:06 ----D---- C:\Windows\twain_32
2011-05-08 19:33:46 ----D---- C:\Windows\system32\restore
2011-05-08 19:20:04 ----D---- C:\Windows\system32\CodeIntegrity
2011-05-08 19:17:18 ----D---- C:\Windows\system32\wbem
2011-05-08 19:13:53 ----SHD---- C:\$Recycle.Bin
2011-05-08 19:13:28 ----D---- C:\Program Files\Windows NT
2011-05-08 19:07:59 ----D---- C:\Windows\system32\sysprep
2011-05-08 19:05:17 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2011-05-10 192984]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-05-10 102232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 BDVEDISK;BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 85128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-10 218688]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-28 6472192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-28 228352]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-05-29 22712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2009-07-14 311808]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2011-05-06 437832]
S3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 bdsandbox;bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-28 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; M:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; M:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-01 1045256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1343400]

-----------------EOF-----------------



//Mám málo místa, protože mám dual boot

Dejte ještě log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Tak, už funguje Google Chrome, zde je log:


ComboFix 11-06-06.07 - MPu 3000 07.06.2011 19:13:06.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.982 [GMT 2:00]
Spuštěný z: c:\users\MPu 3000\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1305976117.2460.bin
c:\programdata\1305976117.4972.bin
E:\Autorun.inf
N:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-07 do 2011-06-07 )))))))))))))))))))))))))))))))
.
.
2011-06-07 17:19 . 2011-06-07 17:20 -------- d-----w- c:\users\MPu 3000\AppData\Local\temp
2011-06-07 16:20 . 2011-06-07 16:43 -------- d-----w- c:\program files\trend micro
2011-06-07 16:20 . 2011-06-07 16:20 -------- d-----w- C:\rsit
2011-06-07 15:46 . 2011-06-07 15:55 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\PCToolsFirewallPlus
2011-06-07 15:41 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-06-07 15:41 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-07 15:41 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-06-07 15:41 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-06-07 15:41 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-07 15:41 . 2011-05-10 11:59 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-06-07 15:40 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-06-07 15:40 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-07 13:57 . 2011-06-07 13:57 -------- d-----w- c:\programdata\Skype Extras
2011-06-07 13:57 . 2011-06-07 13:57 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\skypePM
2011-06-07 12:39 . 2011-06-07 12:39 -------- d-----w- c:\users\MPu 3000\AppData\Local\{FCB22543-4DF8-4A60-99FF-D172CD38AAE0}
2011-06-07 12:05 . 2011-06-07 12:09 -------- d-----w- c:\users\MPu 3000\AppData\Local\PMB Files
2011-06-07 12:05 . 2011-06-07 12:05 -------- d-----w- c:\programdata\PMB Files
2011-06-07 12:04 . 2011-06-07 12:04 -------- d-----w- c:\program files\Pando Networks
2011-06-06 15:09 . 2011-06-06 15:10 -------- d-----w- c:\users\MPu 3000\AppData\Local\{3EDC39B2-0425-4E6B-9EF4-6E5B189CCC65}
2011-06-05 15:11 . 2011-06-05 15:11 -------- d-----w- c:\users\MPu 3000\AppData\Local\Jeff_Key
2011-06-05 15:11 . 2011-06-05 15:11 -------- d-----w- c:\program files\TaskbarMeters v1.1
2011-06-05 14:40 . 2011-06-05 14:40 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Malwarebytes
2011-06-05 14:40 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-05 14:40 . 2011-06-05 14:40 -------- d-----w- c:\programdata\Malwarebytes
2011-06-05 14:40 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-05 13:07 . 2011-06-05 13:07 -------- d-----w- c:\users\MPu 3000\AppData\Local\BuildAGadget Content
2011-06-05 09:34 . 2011-06-05 09:34 -------- d-----w- c:\programdata\Disney Interactive
2011-06-05 09:33 . 2011-06-05 09:33 -------- d-----w- c:\programdata\Roaming
2011-06-04 11:23 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9224F71C-8D8E-405F-A5A7-58B320F61239}\mpengine.dll
2011-06-04 10:02 . 2011-06-04 10:02 -------- d-----w- c:\users\MPu 3000\AppData\Local\{568E08BC-7324-4EB7-87B4-F405577E6696}
2011-06-03 18:54 . 2011-06-03 18:54 -------- d-----w- c:\programdata\OMSI AM
2011-06-03 18:54 . 2011-06-03 18:54 -------- d-----w- c:\users\MPu 3000\AppData\Local\OMSI AM
2011-06-03 17:29 . 2011-06-03 17:30 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\OnLive App
2011-06-03 13:55 . 2011-06-03 13:55 -------- d-----w- c:\users\MPu 3000\AppData\Local\{81E63D2F-C2FD-47C4-A1AA-9F58332122F9}
2011-06-02 16:31 . 2011-06-02 16:31 -------- d-----w- c:\program files\UPM
2011-06-02 15:00 . 2011-06-02 15:00 -------- d-----w- c:\users\MPu 3000\AppData\Local\{C68F02DC-A057-44D5-9CD8-EB782F866254}
2011-06-01 13:11 . 2011-06-01 13:17 -------- d-----w- c:\programdata\FLEXnet
2011-06-01 13:11 . 2011-06-01 13:17 -------- d-----w- c:\users\MPu 3000\AppData\Local\Autodesk
2011-06-01 13:09 . 2011-06-01 13:09 -------- d-----w- c:\program files\Autodesk
2011-06-01 13:04 . 2011-06-07 17:01 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-06-01 13:04 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-06-01 13:04 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-06-01 13:04 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-01 13:00 . 2011-06-07 17:01 -------- d-----w- c:\programdata\Autodesk
2011-06-01 13:00 . 2011-06-01 13:16 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Autodesk
2011-05-31 18:10 . 2011-05-31 18:10 -------- d-----w- c:\users\MPu 3000\AppData\Local\{383F7E16-7358-4BC3-B55D-61428F87DDF1}
2011-05-31 12:13 . 2011-05-31 12:18 -------- d-----w- c:\programdata\OneUpIndustries
2011-05-31 12:13 . 2011-05-31 12:13 -------- d-----w- c:\program files\OneUpIndustries
2011-05-31 12:13 . 2011-05-31 12:18 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\OneUpIndustries
2011-05-30 13:15 . 2011-05-30 13:15 -------- d-----w- c:\users\MPu 3000\AppData\Local\{A3671161-81CB-41EB-A0C0-ACB9F7EF139D}
2011-05-30 12:59 . 2011-05-30 12:59 -------- d-----w- c:\users\MPu 3000\AppData\Local\GHISLER
2011-05-30 10:47 . 2011-05-22 13:43 444 ----a-w- c:\windows\system32\metro.reg
2011-05-30 10:47 . 2011-05-30 10:47 -------- d-----w- c:\windows\system32\MetroClock
2011-05-29 18:42 . 2011-05-29 18:43 -------- d-----w- c:\users\MPu 3000\AppData\Local\{B49CA175-B1E1-4CBE-B4DF-4E5AEC6C7236}
2011-05-28 10:47 . 2011-05-28 10:47 -------- d-----w- c:\users\MPu 3000\AppData\Local\{37BAE3C0-D2D9-498C-9189-8FF765C135A5}
2011-05-28 09:06 . 2002-12-03 01:10 158208 ----a-w- c:\windows\system32\NCTTextToAudio.dll
2011-05-28 09:06 . 2002-12-03 01:02 491520 ----a-w- c:\windows\system32\NCTAudioFile.dll
2011-05-28 09:06 . 2002-03-19 05:18 120832 ----a-w- c:\windows\system32\lame_enc.dll
2011-05-27 12:20 . 2011-05-27 12:20 -------- d-----w- c:\users\MPu 3000\AppData\Local\{CE55B72F-089D-4522-A40C-E551AF5C9412}
2011-05-26 18:56 . 2011-05-26 18:56 -------- d-----w- c:\users\MPu 3000\AppData\Local\Talex
2011-05-26 13:12 . 1997-11-19 13:49 303616 ----a-w- c:\windows\IsUninst.exe
2011-05-26 13:10 . 2011-06-07 15:45 -------- d-----w- c:\users\MPu 3000\AppData\Local\ElevatedDiagnostics
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\windows\Sun
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\program files\Common Files\Java
2011-05-24 15:46 . 2011-05-24 15:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\program files\Java
2011-05-24 14:45 . 2011-05-24 14:46 85 ----a-w- c:\windows\wcbr.vbs
2011-05-24 14:45 . 2011-05-24 14:45 12288 ----a-w- c:\windows\wcbr.exe
2011-05-24 12:34 . 2011-05-24 12:34 -------- d-----w- c:\users\MPu 3000\.thumbnails
2011-05-23 12:10 . 2011-05-23 12:10 -------- d-----w- c:\program files\Combined Community Codec Pack
2011-05-23 12:08 . 2011-05-23 12:08 -------- d-----w- c:\users\MPu 3000\AppData\Local\{366C01DD-2F6C-4CC1-8394-FEC0C53CC299}
2011-05-22 06:38 . 2011-05-22 06:38 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-05-22 06:12 . 2011-05-22 06:12 -------- d-----w- c:\program files\Common Files\InstallShield
2011-05-21 15:00 . 2011-05-10 12:04 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-05-21 14:59 . 2011-05-10 12:03 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-05-21 11:08 . 2011-05-21 12:36 5798 ----a-w- c:\programdata\1305976117.924.bin
2011-05-21 11:08 . 2011-05-21 11:08 116 ----a-w- c:\programdata\1305976117.3616.bin
2011-05-21 10:21 . 2011-05-21 10:21 126843 ----a-w- c:\programdata\1305972882.bdinstall.bin
2011-05-21 10:19 . 2011-05-21 10:22 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\BitDefender
2011-05-21 10:19 . 2011-05-21 13:01 -------- d-----w- c:\programdata\BitDefender
2011-05-21 10:14 . 2011-05-21 10:14 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\QuickScan
2011-05-21 10:14 . 2011-05-21 10:14 -------- d-----w- c:\program files\Common Files\BitDefender
2011-05-21 08:09 . 2009-07-14 01:16 249856 ----a-w- c:\windows\system32\uxtheme.dll.backup
2011-05-21 08:09 . 2009-07-14 01:16 2755072 ----a-w- c:\windows\system32\themeui.dll.backup
2011-05-21 08:09 . 2009-07-14 01:16 37376 ----a-w- c:\windows\system32\themeservice.dll.backup
2011-05-20 10:52 . 2011-05-20 10:52 -------- d-----w- c:\users\MPu 3000\AppData\Local\{BA09C8B3-445E-4CB4-BBB3-77976A83B169}
2011-05-20 10:51 . 2011-05-20 10:52 -------- d-----w- c:\users\MPu 3000\AppData\Local\{16FB3614-2FE2-4368-AA0E-14761B3EC752}
2011-05-19 13:52 . 2011-05-19 13:52 -------- d-----w- c:\programdata\AVS4YOU
2011-05-19 13:52 . 2011-05-19 13:52 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\AVS4YOU
2011-05-19 13:51 . 2011-05-19 14:15 -------- d-----w- c:\program files\AVS4YOU
2011-05-19 13:50 . 2011-05-19 14:15 -------- d-----w- c:\program files\Common Files\AVSMedia
2011-05-19 13:50 . 2010-06-22 07:43 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-05-18 13:12 . 2011-05-18 13:12 -------- d-----w- c:\windows\system32\QuickTime
2011-05-18 11:24 . 2011-05-18 11:24 -------- d-----w- c:\program files\Noel Danjou
2011-05-18 11:23 . 2011-05-18 11:24 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\GetRightToGo
2011-05-16 16:57 . 1999-05-05 20:22 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-05-16 16:57 . 1997-01-16 06:58 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-05-16 15:42 . 2011-05-16 15:42 -------- d-----w- c:\program files\CCleaner
2011-05-15 17:02 . 2011-05-16 16:49 -------- d-----w- C:\totalcmd
2011-05-15 17:02 . 2011-05-15 17:03 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\GHISLER
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-05-15 12:36 . 2011-05-15 12:36 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\U3
2011-05-15 12:23 . 2011-05-15 12:26 -------- d-----w- c:\windows\WindowsMobile
2011-05-11 21:47 . 2011-05-11 21:47 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-11 13:46 . 2011-05-11 13:46 -------- d-----w- c:\users\MPu 3000\AppData\Local\Stealth_Software
2011-05-11 13:44 . 2011-05-11 13:44 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Stealth Software
2011-05-11 13:43 . 2011-05-11 13:43 -------- d-----w- c:\users\MPu 3000\AppData\Local\{223A29BE-5A9F-4DB1-A734-2ED160FBD20B}
2011-05-11 11:22 . 2011-03-25 03:06 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:22 . 2011-03-25 03:06 284160 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:22 . 2011-03-25 03:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:22 . 2011-03-25 03:06 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:22 . 2011-03-25 03:06 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:22 . 2011-03-25 03:06 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:22 . 2011-03-25 03:06 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 11:22 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 11:22 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 17:17 . 2011-05-10 17:17 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-10 17:17 . 2011-05-10 17:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-05-10 16:45 . 2011-05-10 16:52 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Ashampoo
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-21 08:09 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2011-05-21 08:09 . 2009-07-13 23:39 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-05-21 08:09 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2011-05-09 18:18 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-08 17:34 . 2011-05-08 17:34 203776 ----a-w- c:\windows\system32\webcheck.dll
2011-05-06 09:29 . 2011-05-06 09:29 437832 ----a-w- c:\windows\system32\drivers\avckf.sys
2011-05-06 09:29 . 2011-05-06 09:29 558152 ----a-w- c:\windows\system32\drivers\avc3.sys
2011-05-06 09:29 . 2011-05-06 09:29 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\linkinstaller.exe
2011-04-14 16:38 . 2011-05-09 16:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"Malwarebytes' Anti-Malware"="m:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-10 00:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2011-05-06 437832]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
R3 bdsandbox;bdsandbox; [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1343400]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 85128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-10 218688]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-28 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 MBAMService;MBAMService;m:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-28 6472192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-28 228352]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2009-07-13 311808]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001Core.job
- c:\users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 12:02]
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001UA.job
- c:\users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 12:02]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\MPu 3000\AppData\Roaming\Mozilla\Firefox\Profiles\pv48oii7.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-07 19:22:30
ComboFix-quarantined-files.txt 2011-06-07 17:22
.
Před spuštěním: 3 311 607 808
Po spuštění: 3 274 428 416
.
- - End Of File - - A775B0FD143F6C3DDCFC793D60DA2891

Funguje to jen při vyplém Avastu, takže ho du zkusit reinstalovat

Tak, reinstalace pomohla, už vše funguje, ale hádám, že ještě dostanu pár skriptů do ComboFixu, takže čekám

Otevřte poznámkový blok a zkopírujte do něj:

File::
c:\windows\system32\DRIVERS\avchv.sys
c:\windows\system32\DRIVERS\avckf.sys
c:\windows\system32\DRIVERS\bdvedisk.sys

Driver::
avchv
bdsandbox
avckf
BDVEDISK

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



CF smazal trojan Autorun, teď ještě smaže 1 rootkit a zbytky po špatně odinstalovaném Bitdefenderu.

ComboFix 11-06-06.07 - MPu 3000 07.06.2011 20:35:30.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1156 [GMT 2:00]
Spuštěný z: c:\users\MPu 3000\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MPu 3000\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\DRIVERS\avckf.sys"
"c:\windows\system32\DRIVERS\avchv.sys"
"c:\windows\system32\DRIVERS\bdvedisk.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\DRIVERS\avckf.sys
c:\windows\system32\DRIVERS\bdvedisk.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVCKF
-------\Legacy_BDSANDBOX
-------\Legacy_BDVEDISK
-------\Service_avckf
-------\Service_avchv
-------\Service_bdsandbox
-------\Service_BDVEDISK
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-07 do 2011-06-07 )))))))))))))))))))))))))))))))
.
.
2011-06-07 18:41 . 2011-06-07 18:45 -------- d-----w- c:\users\MPu 3000\AppData\Local\temp
2011-06-07 18:41 . 2011-06-07 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-07 17:44 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-06-07 17:44 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-07 17:44 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-07 17:44 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-06-07 17:44 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-06-07 17:44 . 2011-05-10 11:59 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-06-07 17:43 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-06-07 17:43 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-07 16:20 . 2011-06-07 16:43 -------- d-----w- c:\program files\trend micro
2011-06-07 16:20 . 2011-06-07 16:20 -------- d-----w- C:\rsit
2011-06-07 15:46 . 2011-06-07 15:55 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\PCToolsFirewallPlus
2011-06-07 13:57 . 2011-06-07 13:57 -------- d-----w- c:\programdata\Skype Extras
2011-06-07 13:57 . 2011-06-07 13:57 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\skypePM
2011-06-07 12:39 . 2011-06-07 12:39 -------- d-----w- c:\users\MPu 3000\AppData\Local\{FCB22543-4DF8-4A60-99FF-D172CD38AAE0}
2011-06-07 12:05 . 2011-06-07 12:09 -------- d-----w- c:\users\MPu 3000\AppData\Local\PMB Files
2011-06-07 12:05 . 2011-06-07 12:05 -------- d-----w- c:\programdata\PMB Files
2011-06-07 12:04 . 2011-06-07 12:04 -------- d-----w- c:\program files\Pando Networks
2011-06-06 15:09 . 2011-06-06 15:10 -------- d-----w- c:\users\MPu 3000\AppData\Local\{3EDC39B2-0425-4E6B-9EF4-6E5B189CCC65}
2011-06-05 15:11 . 2011-06-05 15:11 -------- d-----w- c:\users\MPu 3000\AppData\Local\Jeff_Key
2011-06-05 15:11 . 2011-06-05 15:11 -------- d-----w- c:\program files\TaskbarMeters v1.1
2011-06-05 14:40 . 2011-06-05 14:40 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Malwarebytes
2011-06-05 14:40 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-05 14:40 . 2011-06-05 14:40 -------- d-----w- c:\programdata\Malwarebytes
2011-06-05 14:40 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-05 13:07 . 2011-06-05 13:07 -------- d-----w- c:\users\MPu 3000\AppData\Local\BuildAGadget Content
2011-06-05 09:34 . 2011-06-05 09:34 -------- d-----w- c:\programdata\Disney Interactive
2011-06-05 09:33 . 2011-06-05 09:33 -------- d-----w- c:\programdata\Roaming
2011-06-04 11:23 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9224F71C-8D8E-405F-A5A7-58B320F61239}\mpengine.dll
2011-06-04 10:02 . 2011-06-04 10:02 -------- d-----w- c:\users\MPu 3000\AppData\Local\{568E08BC-7324-4EB7-87B4-F405577E6696}
2011-06-03 18:54 . 2011-06-03 18:54 -------- d-----w- c:\programdata\OMSI AM
2011-06-03 18:54 . 2011-06-03 18:54 -------- d-----w- c:\users\MPu 3000\AppData\Local\OMSI AM
2011-06-03 17:29 . 2011-06-03 17:30 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\OnLive App
2011-06-03 13:55 . 2011-06-03 13:55 -------- d-----w- c:\users\MPu 3000\AppData\Local\{81E63D2F-C2FD-47C4-A1AA-9F58332122F9}
2011-06-02 16:31 . 2011-06-02 16:31 -------- d-----w- c:\program files\UPM
2011-06-02 15:00 . 2011-06-02 15:00 -------- d-----w- c:\users\MPu 3000\AppData\Local\{C68F02DC-A057-44D5-9CD8-EB782F866254}
2011-06-01 13:11 . 2011-06-01 13:17 -------- d-----w- c:\programdata\FLEXnet
2011-06-01 13:11 . 2011-06-01 13:17 -------- d-----w- c:\users\MPu 3000\AppData\Local\Autodesk
2011-06-01 13:09 . 2011-06-01 13:09 -------- d-----w- c:\program files\Autodesk
2011-06-01 13:04 . 2011-06-07 17:01 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-06-01 13:04 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-06-01 13:04 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-06-01 13:04 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-01 13:00 . 2011-06-07 17:01 -------- d-----w- c:\programdata\Autodesk
2011-06-01 13:00 . 2011-06-01 13:16 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Autodesk
2011-05-31 18:10 . 2011-05-31 18:10 -------- d-----w- c:\users\MPu 3000\AppData\Local\{383F7E16-7358-4BC3-B55D-61428F87DDF1}
2011-05-31 12:13 . 2011-05-31 12:18 -------- d-----w- c:\programdata\OneUpIndustries
2011-05-31 12:13 . 2011-05-31 12:13 -------- d-----w- c:\program files\OneUpIndustries
2011-05-31 12:13 . 2011-05-31 12:18 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\OneUpIndustries
2011-05-30 13:15 . 2011-05-30 13:15 -------- d-----w- c:\users\MPu 3000\AppData\Local\{A3671161-81CB-41EB-A0C0-ACB9F7EF139D}
2011-05-30 12:59 . 2011-05-30 12:59 -------- d-----w- c:\users\MPu 3000\AppData\Local\GHISLER
2011-05-30 10:47 . 2011-05-22 13:43 444 ----a-w- c:\windows\system32\metro.reg
2011-05-30 10:47 . 2011-05-30 10:47 -------- d-----w- c:\windows\system32\MetroClock
2011-05-29 18:42 . 2011-05-29 18:43 -------- d-----w- c:\users\MPu 3000\AppData\Local\{B49CA175-B1E1-4CBE-B4DF-4E5AEC6C7236}
2011-05-28 10:47 . 2011-05-28 10:47 -------- d-----w- c:\users\MPu 3000\AppData\Local\{37BAE3C0-D2D9-498C-9189-8FF765C135A5}
2011-05-28 09:06 . 2002-12-03 01:10 158208 ----a-w- c:\windows\system32\NCTTextToAudio.dll
2011-05-28 09:06 . 2002-12-03 01:02 491520 ----a-w- c:\windows\system32\NCTAudioFile.dll
2011-05-28 09:06 . 2002-03-19 05:18 120832 ----a-w- c:\windows\system32\lame_enc.dll
2011-05-27 12:20 . 2011-05-27 12:20 -------- d-----w- c:\users\MPu 3000\AppData\Local\{CE55B72F-089D-4522-A40C-E551AF5C9412}
2011-05-26 18:56 . 2011-05-26 18:56 -------- d-----w- c:\users\MPu 3000\AppData\Local\Talex
2011-05-26 13:12 . 1997-11-19 13:49 303616 ----a-w- c:\windows\IsUninst.exe
2011-05-26 13:10 . 2011-06-07 15:45 -------- d-----w- c:\users\MPu 3000\AppData\Local\ElevatedDiagnostics
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\windows\Sun
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\program files\Common Files\Java
2011-05-24 15:46 . 2011-05-24 15:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-24 15:46 . 2011-05-24 15:46 -------- d-----w- c:\program files\Java
2011-05-24 14:45 . 2011-05-24 14:46 85 ----a-w- c:\windows\wcbr.vbs
2011-05-24 14:45 . 2011-05-24 14:45 12288 ----a-w- c:\windows\wcbr.exe
2011-05-24 12:34 . 2011-05-24 12:34 -------- d-----w- c:\users\MPu 3000\.thumbnails
2011-05-23 12:10 . 2011-05-23 12:10 -------- d-----w- c:\program files\Combined Community Codec Pack
2011-05-23 12:08 . 2011-05-23 12:08 -------- d-----w- c:\users\MPu 3000\AppData\Local\{366C01DD-2F6C-4CC1-8394-FEC0C53CC299}
2011-05-22 06:38 . 2011-05-22 06:38 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-05-22 06:12 . 2011-05-22 06:12 -------- d-----w- c:\program files\Common Files\InstallShield
2011-05-21 11:08 . 2011-05-21 12:36 5798 ----a-w- c:\programdata\1305976117.924.bin
2011-05-21 11:08 . 2011-05-21 11:08 116 ----a-w- c:\programdata\1305976117.3616.bin
2011-05-21 10:21 . 2011-05-21 10:21 126843 ----a-w- c:\programdata\1305972882.bdinstall.bin
2011-05-21 10:19 . 2011-05-21 10:22 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\BitDefender
2011-05-21 10:19 . 2011-05-21 13:01 -------- d-----w- c:\programdata\BitDefender
2011-05-21 10:14 . 2011-05-21 10:14 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\QuickScan
2011-05-21 10:14 . 2011-05-21 10:14 -------- d-----w- c:\program files\Common Files\BitDefender
2011-05-21 08:09 . 2009-07-14 01:16 249856 ----a-w- c:\windows\system32\uxtheme.dll.backup
2011-05-21 08:09 . 2009-07-14 01:16 2755072 ----a-w- c:\windows\system32\themeui.dll.backup
2011-05-21 08:09 . 2009-07-14 01:16 37376 ----a-w- c:\windows\system32\themeservice.dll.backup
2011-05-20 10:52 . 2011-05-20 10:52 -------- d-----w- c:\users\MPu 3000\AppData\Local\{BA09C8B3-445E-4CB4-BBB3-77976A83B169}
2011-05-20 10:51 . 2011-05-20 10:52 -------- d-----w- c:\users\MPu 3000\AppData\Local\{16FB3614-2FE2-4368-AA0E-14761B3EC752}
2011-05-19 13:52 . 2011-05-19 13:52 -------- d-----w- c:\programdata\AVS4YOU
2011-05-19 13:52 . 2011-05-19 13:52 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\AVS4YOU
2011-05-19 13:51 . 2011-05-19 14:15 -------- d-----w- c:\program files\AVS4YOU
2011-05-19 13:50 . 2011-05-19 14:15 -------- d-----w- c:\program files\Common Files\AVSMedia
2011-05-19 13:50 . 2010-06-22 07:43 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-05-18 13:12 . 2011-05-18 13:12 -------- d-----w- c:\windows\system32\QuickTime
2011-05-18 11:24 . 2011-05-18 11:24 -------- d-----w- c:\program files\Noel Danjou
2011-05-18 11:23 . 2011-05-18 11:24 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\GetRightToGo
2011-05-16 16:57 . 1999-05-05 20:22 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-05-16 16:57 . 1997-01-16 06:58 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-05-16 15:42 . 2011-05-16 15:42 -------- d-----w- c:\program files\CCleaner
2011-05-15 17:02 . 2011-05-16 16:49 -------- d-----w- C:\totalcmd
2011-05-15 17:02 . 2011-05-15 17:03 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\GHISLER
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-05-15 17:02 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-05-15 12:36 . 2011-05-15 12:36 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\U3
2011-05-15 12:23 . 2011-05-15 12:26 -------- d-----w- c:\windows\WindowsMobile
2011-05-11 21:47 . 2011-05-11 21:47 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-11 13:46 . 2011-05-11 13:46 -------- d-----w- c:\users\MPu 3000\AppData\Local\Stealth_Software
2011-05-11 13:44 . 2011-05-11 13:44 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Stealth Software
2011-05-11 13:43 . 2011-05-11 13:43 -------- d-----w- c:\users\MPu 3000\AppData\Local\{223A29BE-5A9F-4DB1-A734-2ED160FBD20B}
2011-05-11 11:22 . 2011-03-25 03:06 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 11:22 . 2011-03-25 03:06 284160 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 11:22 . 2011-03-25 03:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 11:22 . 2011-03-25 03:06 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 11:22 . 2011-03-25 03:06 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 11:22 . 2011-03-25 03:06 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 11:22 . 2011-03-25 03:06 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 11:22 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 11:22 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 17:17 . 2011-05-10 17:17 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-10 17:17 . 2011-05-10 17:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-05-10 16:45 . 2011-05-10 16:52 -------- d-----w- c:\users\MPu 3000\AppData\Roaming\Ashampoo
2011-05-10 16:45 . 2011-05-10 16:45 -------- d-----w- c:\users\MPu 3000\AppData\Local\ashampoo
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2011-05-08 17:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 08:09 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2011-05-21 08:09 . 2009-07-13 23:39 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-05-21 08:09 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2011-05-09 18:18 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-08 17:34 . 2011-05-08 17:34 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-08 17:34 . 2011-05-08 17:34 161792 ----a-w- c:\windows\system32\msls31.dll
2011-05-08 17:34 . 2011-05-08 17:34 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-05-08 17:34 . 2011-05-08 17:34 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-08 17:34 . 2011-05-08 17:34 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-08 17:34 . 2011-05-08 17:34 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-05-08 17:34 . 2011-05-08 17:34 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-05-08 17:34 . 2011-05-08 17:34 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-08 17:34 . 2011-05-08 17:34 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-05-08 17:34 . 2011-05-08 17:34 367104 ----a-w- c:\windows\system32\html.iec
2011-05-08 17:34 . 2011-05-08 17:34 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-05-08 17:34 . 2011-05-08 17:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-08 17:34 . 2011-05-08 17:34 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-08 17:34 . 2011-05-08 17:34 203776 ----a-w- c:\windows\system32\webcheck.dll
2011-05-08 17:34 . 2011-05-08 17:34 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-05-08 17:34 . 2011-05-08 17:34 152064 ----a-w- c:\windows\system32\wextract.exe
2011-05-08 17:34 . 2011-05-08 17:34 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-05-08 17:34 . 2011-05-08 17:34 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-08 17:34 . 2011-05-08 17:34 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-08 17:34 . 2011-05-08 17:34 11776 ----a-w- c:\windows\system32\mshta.exe
2011-05-08 17:34 . 2011-05-08 17:34 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-08 17:34 . 2011-05-08 17:34 101888 ----a-w- c:\windows\system32\admparse.dll
2011-05-08 17:34 . 2011-05-08 17:34 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-08 17:34 . 2011-05-08 17:34 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-05-08 17:34 . 2011-05-08 17:34 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-05-08 17:34 . 2011-05-08 17:34 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-08 17:34 . 2011-05-08 17:34 3181568 ----a-w- c:\windows\system32\mf.dll
2011-05-08 17:34 . 2011-05-08 17:34 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-05-08 17:34 . 2011-05-08 17:34 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-05-06 09:29 . 2011-05-06 09:29 558152 ----a-w- c:\windows\system32\drivers\avc3.sys
2011-05-06 09:29 . 2011-05-06 09:29 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-03-11 05:40 . 2011-05-08 17:46 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-05-08 17:46 1137664 ----a-w- c:\windows\system32\mfc42.dll
2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\linkinstaller.exe
2011-04-14 16:38 . 2011-05-09 16:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"Malwarebytes' Anti-Malware"="m:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-10 00:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-10 218688]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-28 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 MBAMService;MBAMService;m:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-28 6472192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-28 228352]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2009-07-13 311808]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001Core.job
- c:\users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 12:02]
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343529563-3139259224-1895477009-1001UA.job
- c:\users\MPu 3000\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 12:02]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\MPu 3000\AppData\Roaming\Mozilla\Firefox\Profiles\pv48oii7.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-06-07 20:48:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-07 18:48
ComboFix2.txt 2011-06-07 17:22
.
Před spuštěním: 3 379 802 112
Po spuštění: 3 150 405 632
.
- - End Of File - - 952FF6296819CDA594B0139CF07D3037

Log již vypadá čistý. Nastala nějaká změna?

Vse funguje jak ma!
Dekuji mnohokrat

Rádo se stalo!