VIRY.CZ

Ahoj,mám problém s virem, který pořád v aplikací mně otravuje. Nemohu se přihlásit protože nezadám ani heslo. Pořád dokola se opakéuje písmeno ééééééé a nemohu to nijak dostat s počítače.
Prosím pomozte mi.

Zdravim a pekny vecer preji

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

Zkuste udelat log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 pripadne jej prejmenujte na RSIT.com

Jak to mám se vložit mně to nejde.

Zkopirujte obsah toho textoveho souboru a dejte jej normalne jako odpoved. Pokud je log moc dlouhy, tak jej, peclive, rozdelte do vice odpovedi

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michaell at 2011-09-27 20:10:55
Microsoft Windows 7 Ultimate
System drive C: has 90 GB (62%) free of 144 GB
Total RAM: 4094 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:33, on 27.9.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Michaell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8279 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"F:\Předčtení loga\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, iobit@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, wrc@avast.com:6.0.1289, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =685749&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\searchplugins\
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"=C:\Program Files\SetPointP\SetPoint.exe [2010-06-26 1609296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMISR]
C:\Program Files (x86)\KYE\FaceCam 311\BM.exe [2010-03-30 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-07-26 958352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-07-26 20880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-07-26 3507088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [2011-01-01 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-08-17 534880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\1.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michaell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-27 20:10:55 ----D---- C:\rsit
2011-09-27 20:10:55 ----D---- C:\Program Files\trend micro
2011-09-27 19:37:34 ----A---- C:\Windows\ntbtlog.txt
2011-09-16 20:23:05 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-09-16 20:23:05 ----A---- C:\Windows\system32\tzres.dll
2011-09-16 20:21:47 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-09-16 20:21:47 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-09-16 20:21:47 ----A---- C:\Windows\system32\fsutil.exe
2011-09-16 20:21:47 ----A---- C:\Windows\system32\esent.dll
2011-09-16 20:21:47 ----A---- C:\Windows\system32\drivers\storport.sys
2011-09-16 20:21:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-09-16 20:21:46 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-09-16 20:20:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-09-16 20:20:41 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-09-16 20:20:40 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-09-12 14:48:56 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2011-09-12 14:48:56 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 21:07:44 ----D---- C:\ProgramData\ATI
2011-09-02 21:07:42 ----D---- C:\Program Files (x86)\AMD APP
2011-09-02 21:07:26 ----D---- C:\ProgramData\AMD
2011-09-02 21:07:25 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2011-09-02 21:05:38 ----D---- C:\ATI
2011-09-02 21:05:01 ----D---- C:\AMD
2011-09-02 20:16:26 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-09-02 20:16:19 ----A---- C:\Windows\system32\drivers\AtiHdmi.sys
2011-09-02 20:15:34 ----A---- C:\Windows\system32\coinst.dll
2011-09-02 10:36:12 ----D---- C:\Users\Michaell\AppData\Roaming\vPacs

======List of files/folders modified in the last 1 month======

2011-09-27 20:11:26 ----D---- C:\Windows\Temp
2011-09-27 20:10:55 ----D---- C:\Program Files
2011-09-27 19:37:34 ----D---- C:\Windows
2011-09-27 19:36:19 ----D---- C:\Users\Michaell\AppData\Roaming\Skype
2011-09-27 19:32:37 ----D---- C:\Windows\Prefetch
2011-09-27 19:32:35 ----D---- C:\Windows\SysWOW64
2011-09-27 17:42:02 ----D---- C:\Windows\system32\config
2011-09-25 21:30:31 ----D---- C:\Windows\System32
2011-09-25 21:30:13 ----SHD---- C:\System Volume Information
2011-09-25 21:22:08 ----D---- C:\Windows\system32\NDF
2011-09-25 21:00:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-25 01:34:15 ----D---- C:\Windows\rescache
2011-09-21 20:38:02 ----D---- C:\Windows\Logs
2011-09-19 19:15:55 ----SHD---- C:\Windows\Installer
2011-09-19 19:06:32 ----D---- C:\Windows\inf
2011-09-19 19:06:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-19 07:36:58 ----RSD---- C:\Windows\assembly
2011-09-18 18:55:39 ----D---- C:\Windows\system32\catroot2
2011-09-17 06:54:51 ----D---- C:\Windows\winsxs
2011-09-16 21:47:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-09-16 21:47:32 ----D---- C:\Windows\system32\DriverStore
2011-09-16 21:47:32 ----D---- C:\Windows\system32\drivers
2011-09-16 21:47:32 ----D---- C:\Windows\system32\cs-CZ
2011-09-16 20:23:40 ----D---- C:\Windows\system32\catroot
2011-09-06 22:45:29 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-09-06 22:45:17 ----A---- C:\Windows\system32\aswBoot.exe
2011-09-03 11:33:59 ----D---- C:\ProgramData\Microsoft Help
2011-09-02 21:41:58 ----D---- C:\Users\Michaell\AppData\Roaming\uTorrent
2011-09-02 21:07:44 ----HD---- C:\ProgramData
2011-09-02 21:07:42 ----RD---- C:\Program Files (x86)
2011-09-02 21:07:39 ----D---- C:\Program Files (x86)\Common Files
2011-09-02 21:07:30 ----D---- C:\Program Files\ATI Technologies
2011-09-02 21:07:24 ----D---- C:\Program Files (x86)\ATI Technologies
2011-09-02 20:16:26 ----D---- C:\Program Files\Common Files
2011-09-02 20:14:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-02 15:44:51 ----D---- C:\Windows\system32\LogFiles
2011-09-02 08:33:47 ----D---- C:\Stažené soubory
2011-08-29 11:04:09 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-21 51600]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 40648]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2010-07-21 23952]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-30 834544]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
S2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-12-26 13520]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
S3 AODDriver2;AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-23 33184]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2011-07-20 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2011-07-20 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2011-07-20 161280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-23 21328]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
S2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
S2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-25 66872]
S2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-01-25 103736]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-20 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 FAH-01;Folding Service #01; C:\Program Files (x86)\Folding@Home #01\Folding@Home #01\FAH-Console.exe [2008-06-30 253952]
S4 FAH-02;Folding Service #02; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [2008-06-30 253952]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 357456]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]

-----------------EOF-----------------

Odinstalujte Advanced SystemCare 4 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Taktez odinstalujte Search Settings a Application Updater - je to havet, pokud nepujde, tak ji vezmeme nasledne nasilne nejakou utilitou

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  motji píše: Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Moc děkuji dnes na to nemám čas,ale snad zítra to vyzkouším a dám vědět co a jak. Snad to pomůže.
Co mám používat místo Advanced a Iobit, Superantifree?
Děkuji.

Misto kramu od IOBitu staci CCleaner+Deffragler a na ochranu treba zmineny SuperAntiSpyware

Pak tedy sem dejte log z ComboFixu...

Tak jsem to všechno udělal, ale vyběhlo mi okno z configu, že se pokouší něco změnit a pokud jsem okno nezrušil, tak combofix nepokračoval.
Tady je log:

ComboFix 11-09-28.01 - Michaell 29.09.2011 10:52:12.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2685 [GMT 2:00]
Spuštěný z: z:\programy\ListiŔ PC\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-29 )))))))))))))))))))))))))))))))
.
.
2011-09-29 08:55 . 2011-09-29 08:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-27 18:10 . 2011-09-27 18:37 -------- d-----w- c:\program files\trend micro
2011-09-27 18:10 . 2011-09-27 18:11 -------- d-----w- C:\rsit
2011-09-27 17:32 . 2011-09-27 17:32 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-16 18:21 . 2011-09-16 18:21 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 2566144 ----a-w- c:\windows\system32\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-09-16 18:21 . 2011-09-16 18:21 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-16 18:21 . 2011-09-16 18:21 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-09-16 18:21 . 2011-09-16 18:21 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-09-16 18:21 . 2011-09-16 18:21 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-09-16 18:21 . 2011-09-16 18:21 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-09-16 18:21 . 2011-09-16 18:21 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-09-16 18:20 . 2011-09-16 18:20 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-16 18:20 . 2011-09-16 18:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-16 18:20 . 2011-09-16 18:20 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-16 18:20 . 2011-09-16 18:20 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-16 18:20 . 2011-09-16 18:20 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-16 18:20 . 2011-09-16 18:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-16 18:20 . 2011-09-16 18:20 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-12 12:48 . 2011-08-19 14:33 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-09-12 12:48 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\users\Michaell\AppData\Local\AMD
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\ATI
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\AMD APP
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\AMD
2011-09-02 19:07 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\ATI
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\AMD
2011-09-02 18:16 . 2011-09-02 18:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-09-02 18:16 . 2010-01-28 14:33 116736 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2011-09-02 18:15 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-02 08:36 . 2011-09-02 08:36 -------- d-----w- c:\users\Michaell\AppData\Roaming\vPacs
2011-08-31 18:28 . 2011-08-31 19:17 -------- d-----w- c:\users\Michaell\AppData\Local\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 20:45 . 2011-07-21 16:01 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-12-29 16:19 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-07-21 16:01 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-21 16:01 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2010-12-29 16:19 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-12-29 16:19 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-12-29 16:19 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-12-29 16:19 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-12-29 16:19 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-24 18:19 . 2011-08-24 18:19 56320 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 18:18 . 2011-08-24 18:18 13601280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-08-24 18:17 . 2011-08-24 18:17 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-21 07:28 . 2011-08-21 07:28 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-21 07:28 . 2011-08-21 07:28 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-21 07:27 . 2011-08-21 07:27 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2011-08-21 07:27 . 2011-08-21 07:27 212992 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\system32\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 338432 ----a-w- c:\windows\system32\conhost.exe
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-08-21 07:27 . 2011-08-21 07:27 243200 ----a-w- c:\windows\system32\wow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-08-21 07:27 . 2011-08-21 07:27 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-21 07:27 . 2011-08-21 07:27 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-08-21 07:26 . 2011-08-21 07:26 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-21 07:26 . 2011-08-21 07:26 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 482816 ----a-w- c:\windows\system32\html.iec
2011-08-21 07:26 . 2011-08-21 07:26 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 386048 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_08.09.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-09-29 08:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:14 . 2011-09-29 08:12 42220 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-09-29 08:45 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-09-29 07:32 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-29 15:03 . 2011-09-29 08:45 13428 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3430405340-3532546218-2775073428-1001_UserData.bin
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 08:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-09-29 08:09 . 2011-09-29 08:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-29 08:56 . 2011-09-29 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-09-29 08:47 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-09-29 08:47 625676 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 625676 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-09-29 08:47 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 104214 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-09-29 08:47 119794 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 119794 c:\windows\system32\perfc005.dat
+ 2011-08-19 20:20 . 2011-09-29 08:55 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-08-19 20:20 . 2011-09-29 08:08 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-09-29 08:08 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-09-29 08:55 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R4 FAH-01;Folding Service 01;c:\program files (x86)\Folding@Home 01\Folding@Home 01\FAH-Console.exe [2008-06-30 253952]
R4 FAH-02;Folding Service 02;c:\program files (x86)\Folding@Home 01\Folding@Home 02\FAH-Console.exe [2008-06-30 253952]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3430405340-3532546218-2775073428-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e6,61,fa,4d,54,cb,46,6b,fb,9b,32,35,2f,e3,04,f4,e0,56,27,e5,17,64,8a,
8f,b4,3c,96,ba,dc,a2,72,41,39,c5,4f,b9,07,ed,95,8f,92,7d,9b,c7,78,3d,a4,17,\
"??"=hex:a7,cd,f1,b2,16,62,c6,b0,e3,e5,b7,ab,c6,03,4e,55
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2011-09-29 10:59:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-29 08:58
ComboFix2.txt 2011-09-29 08:12
.
Před spuštěním: Volných bajtů: 93 123 133 440
Po spuštění: Volných bajtů: 93 021 618 176
.
- - End Of File - - A749BB71A5C0E24AD6C3DDC02ABADD7B

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegNull::
  [HKEY_USERS\S-1-5-21-3430405340-3532546218-2775073428-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  Firefox::
  FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
  FF - prefs.js: browser.search.selectedEngine - Yahoo
  FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =685749&p=
  FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "Skype"=-
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Ta se mi konečně vše podařilo, ale problem stále trvá. Samé ééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééééé....

A takhle do nekonečna, pokud to nezastavím.
Tady je log.

ComboFix 11-09-28.01 - Michaell 29.09.2011 20:20:10.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2787 [GMT 2:00]
Spuštěný z: z:\programy\ListiŔ PC\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michaell\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-29 )))))))))))))))))))))))))))))))
.
.
2011-09-29 18:23 . 2011-09-29 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-29 09:43 . 2011-09-29 09:43 -------- d-----w- c:\users\Michaell\AppData\Roaming\SUPERAntiSpyware.com
2011-09-29 09:43 . 2011-09-29 09:43 -------- d-----w- c:\programdata\!SASCORE
2011-09-27 18:10 . 2011-09-27 18:37 -------- d-----w- c:\program files\trend micro
2011-09-27 18:10 . 2011-09-27 18:11 -------- d-----w- C:\rsit
2011-09-27 17:32 . 2011-09-27 17:32 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-09-16 18:23 . 2011-09-16 18:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-16 18:21 . 2011-09-16 18:21 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-09-16 18:21 . 2011-09-16 18:21 2566144 ----a-w- c:\windows\system32\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-09-16 18:21 . 2011-09-16 18:21 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-09-16 18:21 . 2011-09-16 18:21 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-16 18:21 . 2011-09-16 18:21 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-09-16 18:21 . 2011-09-16 18:21 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-09-16 18:21 . 2011-09-16 18:21 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-09-16 18:21 . 2011-09-16 18:21 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-09-16 18:21 . 2011-09-16 18:21 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-09-16 18:20 . 2011-09-16 18:20 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-16 18:20 . 2011-09-16 18:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-16 18:20 . 2011-09-16 18:20 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-16 18:20 . 2011-09-16 18:20 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-16 18:20 . 2011-09-16 18:20 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-16 18:20 . 2011-09-16 18:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-16 18:20 . 2011-09-16 18:20 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-12 12:48 . 2011-08-19 14:33 27992 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-09-12 12:48 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\users\Michaell\AppData\Local\AMD
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\ATI
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\AMD APP
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-09-02 19:07 . 2011-09-02 19:07 -------- d-----w- c:\programdata\AMD
2011-09-02 19:07 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\ATI
2011-09-02 19:05 . 2011-09-02 19:05 -------- d-----w- C:\AMD
2011-09-02 18:16 . 2011-09-02 18:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-09-02 18:16 . 2010-01-28 14:33 116736 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2011-09-02 18:15 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-02 08:36 . 2011-09-02 08:36 -------- d-----w- c:\users\Michaell\AppData\Roaming\vPacs
2011-08-31 18:28 . 2011-08-31 19:17 -------- d-----w- c:\users\Michaell\AppData\Local\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 20:45 . 2011-07-21 16:01 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-12-29 16:19 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-07-21 16:01 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-21 16:01 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2010-12-29 16:19 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-12-29 16:19 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-12-29 16:19 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-12-29 16:19 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-12-29 16:19 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-24 18:19 . 2011-08-24 18:19 56320 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 18:18 . 2011-08-24 18:18 13601280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-08-24 18:17 . 2011-08-24 18:17 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-21 07:28 . 2011-08-21 07:28 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-21 07:28 . 2011-08-21 07:28 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-21 07:28 . 2011-08-21 07:28 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-21 07:27 . 2011-08-21 07:27 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2011-08-21 07:27 . 2011-08-21 07:27 212992 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2011-08-21 07:27 . 2011-08-21 07:27 163840 ----a-w- c:\windows\system32\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-21 07:27 . 2011-08-21 07:27 106496 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-21 07:27 . 2011-08-21 07:27 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 338432 ----a-w- c:\windows\system32\conhost.exe
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-21 07:27 . 2011-08-21 07:27 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-08-21 07:27 . 2011-08-21 07:27 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-08-21 07:27 . 2011-08-21 07:27 243200 ----a-w- c:\windows\system32\wow64.dll
2011-08-21 07:27 . 2011-08-21 07:27 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-08-21 07:27 . 2011-08-21 07:27 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-08-21 07:27 . 2011-08-21 07:27 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-08-21 07:27 . 2011-08-21 07:27 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-08-21 07:26 . 2011-08-21 07:26 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-21 07:26 . 2011-08-21 07:26 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 482816 ----a-w- c:\windows\system32\html.iec
2011-08-21 07:26 . 2011-08-21 07:26 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-21 07:26 . 2011-08-21 07:26 386048 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_08.09.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-09-29 18:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 18:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 08:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 18:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:14 . 2011-09-29 18:06 42734 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-09-29 18:06 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-09-29 07:32 42548 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-29 15:03 . 2011-09-29 18:06 13428 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3430405340-3532546218-2775073428-1001_UserData.bin
- 2010-12-29 14:59 . 2011-09-29 07:36 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 14:59 . 2011-09-29 17:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 14:59 . 2011-09-29 17:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 14:59 . 2011-09-29 07:36 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-29 07:36 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-29 17:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-29 15:03 . 2011-09-29 07:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 15:03 . 2011-09-29 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-09-29 08:09 . 2011-09-29 08:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-29 18:24 . 2011-09-29 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-09-29 11:13 609896 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-09-29 11:13 625676 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 625676 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-09-29 11:13 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-09-29 07:35 104214 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-09-29 07:35 119794 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-09-29 11:13 119794 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:12 . 2011-09-29 17:50 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-09-29 07:36 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-08-19 20:20 . 2011-09-29 18:23 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-08-19 20:20 . 2011-09-29 08:08 455168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-09-29 08:08 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-09-29 18:23 387428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FAH-01;Folding Service 01;c:\program files (x86)\Folding@Home 01\Folding@Home 01\FAH-Console.exe [2008-06-30 253952]
R4 FAH-02;Folding Service 02;c:\program files (x86)\Folding@Home 01\Folding@Home 02\FAH-Console.exe [2008-06-30 253952]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-09-29 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michaell\AppData\Roaming\Mozilla\Firefox\Profiles\0layldvv.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2011-09-29 20:27:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-29 18:27
ComboFix2.txt 2011-09-29 08:59
ComboFix3.txt 2011-09-29 08:12
.
Před spuštěním: Volných bajtů: 92 782 370 816
Po spuštění: Volných bajtů: 92 702 601 216
.
- - End Of File - - 8730BE9A2DABE85CCBA62DBB278FF80F

A co vyzkouset druhou klavesnici, ci neni chyba v teto

Bohužel to nedělá klávesnice mám to odzkoušeno, když to začne dělat tak mi klávesa nefunguje na mačkání, ale pochvilce se zas ééééééééééé objevý znovu.
Asi toí mám nějak zakletý, protože u druhého počítače to dělá taky.
Dětska lítaj po netu a koukaj na youtube a hraní hry.
Zatím díky za všechno.

A zkousel jste jinou klavesnici, pripadne si ji vypujcete od nekoho at urcite vyloucime jejich chybu...

Tak jsem zkoušel jinou klávesnici a dělalo to stejně. Parkrát jsem udělal combofix a dnes to zatím nic neudělalo, musím zaklepat. Zajmavý je, že když to dělá , tak klávesa é mi nefunguje na zmačknutí a samo se spustí ééééééééééééééé.
No tak nevím snad to bude už o.k. Zatím díky.