VIRY.CZ

Dobry vecer, jestli jsem ve spatne sekci, predem se omlouvam. Problemem meho laptopu je prehrivani. Vetracek bezi na plne pecky, resto se po nekolika hodinach pocitac prehreje az se sam vypne. Nevim jestli je to nejaka ochrana proti shoreni. Zpomaleni systemu eviduji snad jen kdyz mam otevreno vicero oken weboveho prohlizece, avsak zadna videa, jen obycejne textove stranky. Avast ani po cekove kontrole systemu nic nenasel. Pokousel jsem se vlozit vypis logu z RSIT, ale pro jeho velikost - 240 radku to neslo. V adresari system32 mam 19070 adresaru viz obrazek zacinajicich {F942650C-BE61 atd....} vsechny adresare maji datum vytvoreni. ci zmeny 12 a 13. 6.2011.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomas at 2011-06-15 21:11:02
Microsoft Windows 7 Professional
System drive C: has 49 GB (34%) free of 143 GB
Total RAM: 2046 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:23, on 15.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Protector Suite\psqltray.exe
C:\Program Files\Sony\Media Gallery\ElbServer.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Users\Tomas\Downloads\RSIT.exe
C:\Program Files\trend micro\Tomas.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\dinotify.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [Elbserver] C:\Program Files\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lkspedition.local
O17 - HKLM\Software\..\Telephony: DomainName = lkspedition.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lkspedition.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lkspedition.local
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

--
End of file - 10250 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]
{472734EA-242A-422B-ADF8-83D1E48CC825}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2006-11-09 118784]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-07-24 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-07-24 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-07-24 81920]
"PSQLLauncher"=C:\Program Files\Protector Suite\launcher.exe [2011-04-07 55624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-11-05 262144]
"Elbserver"=C:\Program Files\Sony\Media Gallery\ElbServer.exe [2011-01-24 83344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2011-03-15 650080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SfWinStartInfo]
C:\Program Files\SFirm32\sfWinStartupInfo.exe [2010-02-05 161152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHTtray.exe]
C:\Program Files\Common Files\Sony Shared\SOHLib\SHTtray.exe [2010-09-10 99696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Protector Suite\psqlpwd.dll [2011-04-07 101192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2009-07-14 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
C:\Program Files\Protector Suite\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWelcomeScreen"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-15 21:11:02 ----D---- C:\rsit
2011-06-15 19:43:54 ----D---- C:\Windows\temp
2011-06-15 19:43:52 ----A---- C:\ComboFix.txt
2011-06-15 18:41:49 ----D---- C:\Avenger
2011-06-15 18:39:17 ----A---- C:\avenger.txt
2011-06-13 22:00:33 ----AD---- C:\.Trash-999
2011-06-13 16:23:40 ----D---- C:\aee78ebaf4783adb8e853a38f1defb
2011-06-13 16:17:54 ----D---- C:\Program Files\BKWin
2011-06-13 14:53:12 ----D---- C:\Program Files\trend micro
2011-06-13 14:45:58 ----D---- C:\Program Files\Windows Installer Clean Up
2011-06-13 14:45:22 ----D---- C:\Program Files\MSECACHE
2011-06-13 03:22:35 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{9016ED0F-880A-4AD1-931A-92225B4DF2A4}
2011-06-13 03:22:35 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{2F7289D4-DEB2-4C92-B398-922FFD2BA9BE}
2011-06-13 03:22:34 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{6E7429D8-5A2E-4704-B5CF-BF891F86C42C}
2011-06-13 03:22:34 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{6AAD5DB8-C87D-4648-B2D5-E53D0A6CD8DC}
2011-06-13 03:22:34 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{5C9C353C-8E33-437D-98D1-4A163DA8DE9B}
2011-06-13 03:22:32 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{A313E38B-990C-4386-954E-0067EFD22D33}
2011-06-13 03:22:32 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{5ADFB172-9BCE-4EFB-90FB-64E869084EE5}
2011-06-13 03:22:28 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{F98A4066-F892-4650-8B3F-750A542EFFD1}
2011-06-13 03:22:28 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{D7021BA5-5442-44F8-B976-7B6B2892E5DD}
2011-06-13 03:22:28 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{BCBFBBD0-7E2A-4372-832F-DEA4D2503587}
2011-06-13 03:22:27 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{509A6336-294E-44B9-8B9B-7518C78588D6}
2011-06-13 03:22:26 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{7D7F5893-E551-4CEF-B61D-1A80D7196375}
2011-06-13 03:22:26 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{6D3FC5A9-0432-49F7-B764-6E6581B754AB}
2011-06-13 03:22:26 ----D---- C:\Windows\system32\{0B6B3F7F-4C05-48C4-95C6-6A688CA9F3B0}{3A3B3354-D8B8-4146-B026-5E361659EECF}
2011-06-13 03:22:26 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{B455AFE8-98A6-43EB-BB13-7F47E05101D6}
2011-06-13 03:22:24 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{301D01CA-2B7F-443F-AF28-F4DC37644E51}
2011-06-13 03:22:22 ----AD---- C:\Windows\system32\{9762E6AB-BBD4-4E93-88A6-ADA22C422231}{88887331-CD2F-4CD3-AA09-0CB0575195CA}

tady jsem musel ostatni radky smazat, aby se to veslo...


2011-06-12 17:57:11 ----D---- C:\VAIO Entertainment
2011-06-12 17:47:54 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-06-12 17:47:54 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-06-12 17:47:53 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-06-12 17:47:53 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-06-12 17:47:53 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-06-12 17:47:53 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-06-12 17:47:53 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-06-12 17:47:52 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-06-12 17:02:03 ----D---- C:\Users\Tomas\AppData\Roaming\Auslogics
2011-06-11 18:30:05 ----D---- C:\Users\Tomas\AppData\Roaming\ArcSoft
2011-06-11 11:00:56 ----D---- C:\Windows\ERDNT
2011-06-11 10:57:04 ----D---- C:\Qoobox
2011-06-09 21:59:14 ----D---- C:\Users\Tomas\AppData\Roaming\Protector Suite
2011-06-09 21:54:43 ----D---- C:\Program Files\Common Files\SPBA
2011-06-09 20:48:42 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-06-09 20:48:42 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-06-09 20:30:42 ----SHD---- C:\Windows\system32\%APPDATA%
2011-06-09 20:29:35 ----A---- C:\Windows\system32\drivers\TosBtCi.dll
2011-06-09 20:28:15 ----D---- C:\Windows\system32\v80003T_20101215_x32
2011-06-09 20:26:43 ----A---- C:\Windows\tosOBEX.INI
2011-06-09 19:55:25 ----D---- C:\Users\Tomas\AppData\Roaming\skypePM
2011-06-09 19:55:25 ----D---- C:\ProgramData\Skype Extras
2011-06-09 19:54:49 ----D---- C:\Program Files\Common Files\Skype
2011-06-09 02:06:36 ----D---- C:\Program Files\Microsoft SQL Server
2011-06-09 00:00:16 ----D---- C:\Windows\system32\SPReview
2011-06-08 23:10:51 ----D---- C:\Windows\system32\Iosubsys
2011-06-08 23:10:19 ----A---- C:\Windows\system32\omginstlog.txt
2011-06-08 22:42:36 ----A---- C:\Windows\system32\drivers\DMICall.sys
2011-06-04 22:58:47 ----AD---- C:\Windows\system32\appmgmt
2011-06-04 21:21:47 ----A---- C:\Windows\system32\perf-MSSQL10_50.MSSQLSERVER-sqlagtctr.dll
2011-06-04 21:21:15 ----A---- C:\Windows\system32\perf-MSSQLSERVER-sqlctr10.50.1600.1.dll
2011-06-04 21:08:06 ----D---- C:\Program Files\Microsoft SDKs
2011-06-03 13:40:34 ----RA---- C:\Windows\system32\AdobePDF.dll
2011-06-02 16:37:50 ----D---- C:\NVIDIA
2011-06-02 16:35:28 ----D---- C:\Program Files\SystemRequirementsLab
2011-05-29 16:11:25 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 12:25:48 ----D---- C:\Windows\CheckSur
2011-05-23 21:11:11 ----A---- C:\Windows\system32\mstscax.dll
2011-05-23 21:11:10 ----A---- C:\Windows\system32\mstsc.exe
2011-05-23 11:30:16 ----A---- C:\Windows\system32\msxml.dll
2011-05-21 12:50:37 ----D---- C:\Click to Disc
2011-05-19 09:56:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-19 09:56:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-19 09:56:26 ----A---- C:\Windows\system32\poqexec.exe
2011-05-18 22:15:05 ----D---- C:\ProgramData\VAIO Media Platform
2011-05-18 22:10:33 ----A---- C:\Windows\system32\CDDBUISony.dll
2011-05-18 22:10:33 ----A---- C:\Windows\system32\CddbPlaylist2Sony.dll
2011-05-18 22:10:33 ----A---- C:\Windows\system32\CddbMusicIDSony.dll
2011-05-18 22:10:33 ----A---- C:\Windows\system32\CddbLinkSony.dll
2011-05-18 22:10:33 ----A---- C:\Windows\system32\CDDBControlSony.dll
2011-05-16 12:30:19 ----A---- C:\Windows\BDTSupport.dll
2011-05-16 12:30:18 ----A---- C:\Windows\SGDetectionTool.dll
2011-05-16 12:30:17 ----A---- C:\Windows\PCTBDRes.dll
2011-05-16 12:30:17 ----A---- C:\Windows\PCTBDCore.dll
2011-05-16 12:26:43 ----A---- C:\Windows\system32\drivers\pctEFA.sys
2011-05-16 12:26:43 ----A---- C:\Windows\system32\drivers\pctDS.sys
2011-05-16 12:26:41 ----A---- C:\Windows\system32\drivers\pctwfpfilter.sys
2011-05-16 12:26:41 ----A---- C:\Windows\system32\drivers\pctgntdi.sys
2011-05-16 12:26:23 ----A---- C:\Windows\system32\drivers\PCTCore.sys
2011-05-16 12:26:22 ----A---- C:\Windows\system32\drivers\PCTAppEvent.sys
2011-05-16 12:26:14 ----A---- C:\Windows\system32\drivers\PCTSD.sys
2011-05-16 12:26:03 ----A---- C:\Windows\system32\drivers\pctplsg.sys
2011-05-16 12:25:45 ----D---- C:\Program Files\Common Files\PC Tools

======List of files/folders modified in the last 1 months======

2011-06-15 20:59:30 ----AD---- C:\Windows\system32\config
2011-06-15 20:59:24 ----D---- C:\Windows\winsxs
2011-06-15 20:59:24 ----D---- C:\Windows\Tasks
2011-06-15 20:59:24 ----D---- C:\Windows\system32\wfp
2011-06-15 20:59:24 ----D---- C:\Windows\system32\DriverStore
2011-06-15 20:59:24 ----D---- C:\Windows\system32\drivers\etc
2011-06-15 20:59:24 ----D---- C:\Windows\system32\drivers
2011-06-15 20:59:24 ----D---- C:\Windows\system32\cs-CZ
2011-06-15 20:59:24 ----D---- C:\Windows\system32\catroot2
2011-06-15 20:59:23 ----D---- C:\Windows\system32\wbem
2011-06-15 20:59:23 ----D---- C:\Windows\system32\Tasks
2011-06-15 20:59:23 ----D---- C:\Windows\system32\spool
2011-06-15 20:59:23 ----D---- C:\Windows\system32\drivers\UMDF
2011-06-15 20:59:22 ----SHD---- C:\Windows\Installer
2011-06-15 20:59:22 ----D---- C:\Windows\system32\CodeIntegrity
2011-06-15 20:59:22 ----D---- C:\Windows\security
2011-06-15 20:59:22 ----D---- C:\Windows\inf
2011-06-15 20:59:22 ----D---- C:\Windows\AppCompat
2011-06-15 20:59:08 ----RD---- C:\Program Files
2011-06-15 20:59:08 ----D---- C:\ProgramData\FLEXnet
2011-06-15 20:59:08 ----D---- C:\Program Files\Utility
2011-06-15 20:59:07 ----D---- C:\Program Files\Sony
2011-06-15 20:59:07 ----D---- C:\Program Files\Mozilla Firefox
2011-06-15 20:59:06 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-15 20:58:49 ----D---- C:\Windows\registration
2011-06-15 20:58:34 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2011-06-15 20:58:13 ----RD---- C:\Users
2011-06-15 20:58:13 ----HD---- C:\ProgramData
2011-06-15 20:57:34 ----SHD---- C:\$Recycle.Bin
2011-06-15 20:07:20 ----SHD---- C:\System Volume Information
2011-06-15 20:06:16 ----D---- C:\Windows\Prefetch
2011-06-15 20:01:12 ----D---- C:\Windows\System32
2011-06-15 20:01:12 ----D---- C:\Windows
2011-06-15 19:34:48 ----D---- C:\Windows\SoftwareDistribution
2011-06-15 14:01:50 ----D---- C:\Config.Msi
2011-06-14 00:18:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-14 00:13:09 ----D---- C:\Windows\system32\LogFiles
2011-06-13 23:43:23 ----D---- C:\Windows\Downloaded Program Files
2011-06-13 23:43:22 ----D---- C:\TCCARGO
2011-06-13 21:06:15 ----D---- C:\Boot
2011-06-13 17:56:38 ----RSD---- C:\Windows\assembly
2011-06-13 16:55:08 ----D---- C:\Windows\Microsoft.NET
2011-06-13 15:48:57 ----AD---- C:\Windows\system32\en-US
2011-06-13 15:48:46 ----D---- C:\Program Files\Microsoft.NET
2011-06-13 13:47:23 ----A---- C:\Windows\WINCMD.INI
2011-06-13 10:09:37 ----D---- C:\Windows\Logs
2011-06-12 19:39:06 ----A---- C:\Windows\Model.txt
2011-06-12 17:57:18 ----D---- C:\ProgramData\Sony Corporation
2011-06-12 17:45:15 ----D---- C:\Program Files\Common Files\Sony Shared
2011-06-12 14:56:48 ----D---- C:\Windows\Downloaded Installations
2011-06-12 01:01:46 ----D---- C:\Utility
2011-06-11 22:10:44 ----D---- C:\Users\Tomas\AppData\Roaming\Sony Corporation
2011-06-11 19:50:14 ----D---- C:\Program Files\Common Files
2011-06-09 21:58:15 ----D---- C:\Program Files\Protector Suite
2011-06-09 21:55:36 ----AD---- C:\Windows\system32\catroot
2011-06-09 21:55:14 ----D---- C:\Windows\system32\WinBioPlugIns
2011-06-09 19:54:49 ----RD---- C:\Program Files\Skype
2011-06-09 19:54:41 ----D---- C:\ProgramData\Skype
2011-06-08 23:38:18 ----D---- C:\Click to DVD 2
2011-06-08 23:09:33 ----D---- C:\Program Files\Common Files\InstallShield
2011-06-08 13:34:58 ----D---- C:\Windows\system32\NDF
2011-06-04 21:19:17 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2011-06-04 21:19:17 ----SD---- C:\ProgramData\Microsoft
2011-06-04 21:17:18 ----D---- C:\ProgramData\Microsoft Help
2011-06-04 21:14:53 ----D---- C:\Program Files\Microsoft Office
2011-06-04 21:14:17 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-04 21:08:40 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2011-06-02 20:25:43 ----D---- C:\ProgramData\SFirm32
2011-06-02 20:25:10 ----D---- C:\Program Files\SFirm32
2011-05-31 14:27:20 ----D---- C:\Program Files\CCleaner
2011-05-25 13:37:44 ----D---- C:\Users\Tomas\AppData\Roaming\Adobe
2011-05-24 13:03:01 ----D---- C:\Windows\Minidump
2011-05-24 13:03:01 ----D---- C:\Windows\debug
2011-05-24 02:03:54 ----D---- C:\Windows\rescache
2011-05-23 20:37:15 ----D---- C:\Program Files\Windows Sidebar
2011-05-23 20:37:15 ----D---- C:\Program Files\Windows Portable Devices
2011-05-23 20:37:15 ----D---- C:\Program Files\Windows Photo Viewer
2011-05-23 20:37:15 ----D---- C:\Program Files\Windows Media Player
2011-05-23 20:37:15 ----D---- C:\Program Files\Windows Mail
2011-05-23 20:37:15 ----D---- C:\Program Files\Internet Explorer
2011-05-23 20:37:15 ----D---- C:\Program Files\DVD Maker
2011-05-23 20:37:14 ----D---- C:\Program Files\Windows Defender
2011-05-23 20:37:13 ----D---- C:\Windows\servicing
2011-05-23 20:37:13 ----D---- C:\Windows\ehome
2011-05-23 20:37:12 ----D---- C:\Windows\system32\sysprep
2011-05-23 20:37:12 ----D---- C:\Windows\system32\Setup
2011-05-23 20:37:12 ----D---- C:\Windows\system32\oobe
2011-05-23 20:37:12 ----D---- C:\Windows\system32\migration
2011-05-23 20:37:12 ----D---- C:\Windows\system32\da-DK
2011-05-23 20:37:12 ----D---- C:\Windows\system32\cs
2011-05-23 20:37:12 ----D---- C:\Windows\system32\AdvancedInstallers
2011-05-23 20:37:12 ----D---- C:\Windows\PolicyDefinitions
2011-05-23 20:37:11 ----D---- C:\Windows\system32\sppui
2011-05-23 20:37:11 ----D---- C:\Windows\system32\manifeststore
2011-05-23 20:37:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-05-23 20:37:11 ----AD---- C:\Windows\system32\es-ES
2011-05-23 20:37:00 ----D---- C:\Windows\system32\migwiz
2011-05-23 20:36:59 ----D---- C:\Windows\system32\Dism
2011-05-23 20:36:51 ----RSD---- C:\Windows\Fonts
2011-05-23 20:36:50 ----D---- C:\Windows\AppPatch
2011-05-23 20:36:34 ----AD---- C:\Windows\system32\Boot
2011-05-23 20:32:34 ----A---- C:\Windows\system32\msclmd.dll
2011-05-19 09:58:14 ----A---- C:\Windows\system32\MRT.exe
2011-05-18 19:47:18 ----AD---- C:\ProgramData\TEMP
2011-05-18 15:39:32 ----D---- C:\Program Files\VS Revo Group
2011-05-16 12:26:07 ----D---- C:\ProgramData\PC Tools

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2011-02-23 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2011-05-10 192984]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore.sys [2011-03-10 263888]
R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS.sys [2010-07-16 338880]
R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-05-20 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-05-10 102232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2006-10-18 10216]
R1 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD.sys [2011-03-10 233976]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-11-09 140800]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\Windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 31104]
R3 SPI;Sony Programmable I/O Control Device; C:\Windows\system32\DRIVERS\SonyPI.sys [2007-08-03 14720]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-03-19 807424]
S1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2010-08-25 395464]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2010-08-25 37080]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 46976]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 40320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2009-07-14 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 52608]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-05-16 2216448]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-11-01 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2009-07-14 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2009-07-14 28224]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2010-12-12 234800]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 42672]
S3 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 70448]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 80064]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 53760]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-12-02 56760]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2009-07-14 17920]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-05-10 121000]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2008-11-03 299008]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 525680]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-09-27 222464]
R3 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-01 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
S3 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-01-24 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-01-24 75320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2010-10-25 84256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-01 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Ještě poprosím o log z Combofix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Přehřívání ale může být hardwarová závada (např. prach v chladiči).

Trvalo to nejak dlouho. Combofix smaznul sam cosi, takze nesly spustit zadne programy. Udelal jsem obnovu systemu.

ComboFix 11-06-15.02 - Tomas 15.06.2011 22:54:14.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.1178 [GMT 2:00]
Spuštěný z: c:\users\Tomas\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files\Utility
c:\program files\Utility\7-zip\7-zip.dll
c:\program files\Utility\7-zip\7z.dll
c:\program files\Utility\7-zip\7z.exe
c:\program files\Utility\7-zip\7zFM.exe
c:\program files\Utility\7-zip\7zG.exe
c:\program files\Utility\7-zip\Uninstall.exe
c:\program files\Utility\AntiTwin\AntiTwin.exe
c:\program files\Utility\AntiTwin\uninstall.exe
c:\users\Tomas\AppData\Roaming\inst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-15 do 2011-06-15 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-23 18:32 . 2009-07-14 02:05 152064 ----a-w- c:\windows\system32\msclmd.dll
2011-05-14 19:49 . 2010-11-05 10:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-14 19:45 . 2011-05-14 19:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2010-12-06 08:21 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-03-17 13:16 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-03-17 13:18 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-05-10 12:03 . 2011-03-17 13:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-03-17 13:18 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:03 . 2011-03-17 13:17 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-05-10 12:02 . 2011-03-17 13:17 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-03-17 13:17 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-03-17 13:17 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-03-17 13:18 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-27 13:37 . 2011-05-16 10:30 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-04-27 13:37 . 2011-05-16 10:30 2074576 ----a-w- c:\windows\PCTBDCore.dll
2011-04-27 13:37 . 2011-05-16 10:30 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-04-27 13:36 . 2011-05-16 10:30 767952 ----a-w- c:\windows\BDTSupport.dll
2011-03-24 10:39 . 2011-05-16 10:26 105280 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-05-04 09:44 . 2011-03-25 09:45 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2011-04-07 14:56 4432712 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2011-04-07 14:56 4432712 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-05 262144]
"Elbserver"="c:\program files\Sony\Media Gallery\ElbServer.exe" [2011-01-24 83344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-09 118784]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-24 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-24 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-24 81920]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2011-04-07 55624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2011-04-07 14:31 101192 ----a-w- c:\program files\Protector Suite\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-14 09:15 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-10-14 20:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 10:53 1483264 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
2011-03-15 12:44 650080 ----a-w- c:\program files\Sony\PMB\PMBVolumeWatcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SfWinStartInfo]
2010-02-05 16:34 161152 ----a-w- c:\program files\SFirm32\sfWinStartupInfo.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHTtray.exe]
2010-09-10 06:47 99696 ----a-w- c:\program files\Common Files\Sony Shared\SOHLib\SHTtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\Java\jre1.6.0_03\bin\jusched.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOCameraUtility]
c:\program files\Sony\VAIO Camera Utility\VCUServe.exe [BU]
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 549168]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2010-10-25 84256]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-01 1343400]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-02-23 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-03-10 263888]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [2011-03-10 233976]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-05-10 121000]
S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-11-03 299008]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 525680]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\DRIVERS\SonyImgF.sys [2007-04-05 31104]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-09-27 222464]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [2007-08-03 14720]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-03-19 807424]
S3 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Doplňkový sken -------
.
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 78.156.32.2 192.168.2.1
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\mt68a8gr.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(592)
c:\program files\Protector Suite\psqlpwd.dll
c:\program files\Protector Suite\homefus2.dll
c:\program files\Protector Suite\infql2.dll
.
- - - - - - - > 'Explorer.exe'(2496)
c:\program files\Protector Suite\farchns.dll
c:\program files\Protector Suite\infql2.dll
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\CISVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Protector Suite\upeksvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\windows\system32\conhost.exe
c:\program files\Apoint\ApMsgFwd.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Apoint\Apntex.exe
c:\program files\Protector Suite\psqltray.exe
c:\windows\system32\conhost.exe
c:\program files\Protector Suite\ctlcntrv.exe
c:\program files\Sony\VAIO Personalization Manager\VpmIfPav.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-06-15 23:55:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-15 21:55
.
Před spuštěním: Volných bajtů: 50 323 623 936
Po spuštění: Volných bajtů: 50 288 279 552
.
- - End Of File - - B22BE7DA7D8CA8A7226595217F34A911

ComboFix maže sám, pokud zná šmejda. Teď ale omylem smázl 7-zip. Přeinstalujte. Jinak ještě smazal 2 infikované položky. Nastala nějaká změna?

Ano, větráku jsem ulevil odstraněním mechu a chorošů, přesto se PC dost hřeje. Už si nepopálím kolena, když si ho položím na klín, ale z čokolády by byla kaše celkem rychle. Aktuálně mám spuštěny Skype, Outlook, Acrobat, 5 oken v exploreru a word pad. Rychlost by snad byla OK, těžko se mi to posuzuje, ale to hřání mě trochu straší.

Ještě jsem si vzpoměl. V průběhu týdne jsem potřeboval přeinstalovat Bankklient od GE Money. Ten potřebuje SQL server, který za boha nejde nainstalovat. Na technické podpoře tvrdí, že tomu vadí starý klíč registru MSDE a ten je zabetonavanej nejde mi smáznout. Samozřejmě jsem zkusil mazat v nouzovým režimu, i Avengerem, ale nic. Teď mě napadlo, že by to mohlo jít z klíčenky s Linuxem, ale nevím kde registry najít, jestli jsou přes nějakého souborového manažera vůbec vidět. Prozatím jsem se smířil s tím, že mám Bankklienta na pracovní stanici v práci, ale vím že mi to tak začne za 14 dní vadit, že ho nemůžu mít v laptopu kdykolik dispozici a nebudu kvuli tomu moci spát.

Tak to neporadím, neboť nemám nejmenší tušení, kam váš bankklient ukládá registry. Zkuste se do registry podívat ruční editací podle návodu: http://www.viry.cz/forum/viewtopic.php?f=11&t=2791 .

Nemyslím, že by MSDE mělo přímo něco společného s Bankklientem, spíše to má souvislost s SQL Serverem. MSDE je v H_KEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\MSDE ale nevím jak se v linuxu k němu dostat, která je ta první složka po C:\ ale pohledám na netu, nebudu s tím zdržovat.

Díky za ochotu a přeji příjemný večer.

Totéž i vám a nemáte zač!