VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

zamrzávání počítače

https://forum.viry.cz:443/viewtopic.php?t=119365

Stránka 1 z 1

zamrzávání počítače

Napsal: 04 úno 2012 20:08
od lydiet
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lydie at 2012-02-04 20:05:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 249 GB (82%) free of 305 GB
Total RAM: 1791 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:28, on 4.2.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\Lydie\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Lydie\Software\SkypePortable\SkypePortable.exe
C:\Users\Lydie\Software\SkypePortable\App\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Lydie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC69B789-F996-473F-9723-E809E30CF93A}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E70CC4CF-6D01-4387-9719-90D94857F726}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\SYSTEM32\HPSISVC.EXE (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8411 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\WINDOWS\SYSTEM32\HPSISVC.EXE
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\Users\Lydie\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Users\Lydie\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3896.ba4b200.1729248774 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.9.0.1 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3896 "\\.\pipe\gecko-crash-server-pipe.3896" plugin
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Lydie\Software\SkypePortable\SkypePortable.exe"
"C:\Users\Lydie\Software\SkypePortable\App\Skype\Phone\Skype.exe" /datapath:"C:\Users\Lydie\Software\SkypePortable\Data\settings" /removable
C:\Windows\system32\AUDIODG.EXE 0x814
"taskhost.exe"
"C:\Users\Lydie\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lydie\AppData\Roaming\Mozilla\Firefox\Profiles\supngpr5.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Lydie\AppData\Roaming\Mozilla\Firefox\Profiles\supngpr5.default\searchplugins\
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll [2011-12-13 1071456]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-01-10 2779824]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-01-10 3621040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2009-11-19 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Users\Lydie\Software\SkypePortable\App\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager]
C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [2010-03-29 68000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lydie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2008-11-10 275736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 2171904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
""= []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

C:\Users\Lydie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-04 19:54:25 ----D---- C:\rsit
2012-02-04 19:54:25 ----D---- C:\Program Files\trend micro
2012-01-23 22:05:01 ----SHD---- C:\Windows\ftpcache
2012-01-23 22:03:59 ----D---- C:\ProgramData\HP
2012-01-23 22:01:25 ----D---- C:\ProgramData\HPSSUPPLY
2012-01-23 22:00:27 ----D---- C:\Program Files (x86)\HP
2012-01-23 21:59:13 ----RA---- C:\Windows\SYSWOW64\mvusbews.dll
2012-01-23 21:58:17 ----A---- C:\Windows\system32\HPM1210SMs.dll
2012-01-23 21:58:14 ----A---- C:\Windows\system32\HPM1210SM.exe
2012-01-23 21:58:13 ----A---- C:\Windows\system32\HPM1210LM.DLL
2012-01-23 21:56:28 ----A---- C:\Windows\system32\m1130wia.dll
2012-01-23 21:54:38 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-01-23 21:54:38 ----A---- C:\Windows\system32\drivers\mvusbews.sys
2012-01-23 21:54:34 ----A---- C:\Windows\system32\mvusbews.dll
2012-01-23 21:54:28 ----RA---- C:\Windows\system32\HPSIsvc.exe
2012-01-23 21:50:57 ----D---- C:\Program Files\HP
2012-01-19 18:51:28 ----D---- C:\b1342993284fd835e344
2012-01-16 18:21:05 ----D---- C:\Users\Lydie\AppData\Roaming\SkypePM
2012-01-15 20:31:02 ----D---- C:\Users\Lydie\AppData\Roaming\SkypePM-BackupBySkypePortable
2012-01-13 18:47:53 ----D---- C:\Users\Lydie\AppData\Roaming\Skype
2012-01-13 18:43:15 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-01-13 18:43:13 ----D---- C:\Users\Lydie\AppData\Roaming\Spyware Terminator
2012-01-13 18:43:13 ----D---- C:\ProgramData\Spyware Terminator
2012-01-13 18:43:08 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-01-13 16:14:11 ----A---- C:\Windows\system32\schannel.dll
2012-01-13 16:14:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-13 16:14:10 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-13 16:14:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-13 16:14:10 ----A---- C:\Windows\system32\webio.dll
2012-01-13 16:14:10 ----A---- C:\Windows\system32\lsass.exe
2012-01-13 16:14:10 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-13 16:14:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-13 16:14:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-13 16:14:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-13 16:14:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-13 16:14:09 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-13 16:14:09 ----A---- C:\Windows\system32\sspicli.dll
2012-01-13 16:14:09 ----A---- C:\Windows\system32\secur32.dll
2012-01-11 09:56:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 09:56:03 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 09:56:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 09:56:02 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 09:56:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-11 09:56:01 ----A---- C:\Windows\system32\jscript.dll
2012-01-11 09:55:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 09:55:59 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 09:55:56 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 09:55:56 ----A---- C:\Windows\system32\packager.dll
2012-01-08 19:40:55 ----A---- C:\PA7302.DAT
2012-01-07 18:09:41 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-01-07 18:09:41 ----A---- C:\Windows\system32\shell32.dll
2012-01-07 17:55:22 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2012-01-07 17:44:15 ----D---- C:\ProgramData\IObit
2012-01-07 17:43:39 ----D---- C:\Users\Lydie\AppData\Roaming\IObit
2012-01-07 17:43:15 ----D---- C:\Program Files (x86)\IObit
2012-01-07 17:32:35 ----AH---- C:\ProgramData\ezsidmv.dat
2012-01-07 16:56:34 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-01-07 16:56:33 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-01-07 16:56:24 ----A---- C:\Windows\system32\drivers\aswFW.sys
2012-01-07 16:55:54 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2012-01-07 16:55:53 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-01-07 16:55:53 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-01-07 16:55:52 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-01-07 16:55:50 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-01-07 16:55:16 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2012-01-07 16:55:04 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-01-07 16:55:04 ----A---- C:\Windows\avastSS.scr
2012-01-07 16:54:36 ----D---- C:\ProgramData\AVAST Software
2012-01-07 16:54:36 ----D---- C:\Program Files\AVAST Software
2012-01-07 16:52:48 ----D---- C:\Users\Lydie\AppData\Roaming\Updatem
2012-01-07 16:52:46 ----D---- C:\Users\Lydie\AppData\Roaming\avv
2012-01-07 16:52:14 ----D---- C:\Software
2012-01-05 15:55:16 ----D---- C:\Windows\system32\SPReview
2012-01-05 15:52:40 ----D---- C:\Windows\system32\EventProviders
2012-01-05 15:19:59 ----A---- C:\Windows\system32\drivers\revoflt.sys
2012-01-05 15:19:54 ----D---- C:\Program Files\VS Revo Group
2012-01-05 10:34:14 ----D---- C:\ProgramData\Martau
2012-01-05 10:34:04 ----D---- C:\Program Files (x86)\Total Uninstall 5

======List of files/folders modified in the last 1 month======

2012-02-04 20:05:28 ----D---- C:\Windows\Temp
2012-02-04 20:02:58 ----D---- C:\Windows\Prefetch
2012-02-04 19:54:25 ----D---- C:\Program Files
2012-02-04 14:41:51 ----D---- C:\Windows\system32\config
2012-02-03 12:01:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-01-31 17:23:43 ----D---- C:\Users\Lydie\AppData\Roaming\vlc
2012-01-31 15:58:29 ----D---- C:\Lydie senior
2012-01-31 15:35:55 ----D---- C:\Windows\system32\catroot2
2012-01-31 15:03:42 ----SHD---- C:\System Volume Information
2012-01-27 00:52:58 ----N---- C:\Windows\system32\MpSigStub.exe
2012-01-23 22:14:04 ----D---- C:\JAN senior
2012-01-23 22:08:15 ----SD---- C:\ProgramData\Microsoft
2012-01-23 22:05:01 ----D---- C:\Windows
2012-01-23 22:03:59 ----HD---- C:\ProgramData
2012-01-23 22:01:30 ----SHD---- C:\Windows\Installer
2012-01-23 22:01:16 ----D---- C:\ProgramData\Hewlett-Packard
2012-01-23 22:00:46 ----D---- C:\Windows\SysWOW64
2012-01-23 22:00:41 ----D---- C:\Windows\winsxs
2012-01-23 22:00:27 ----RD---- C:\Program Files (x86)
2012-01-23 21:59:04 ----D---- C:\Windows\System32
2012-01-23 21:59:02 ----D---- C:\Windows\inf
2012-01-23 21:58:58 ----D---- C:\Windows\twain_32
2012-01-23 21:58:56 ----D---- C:\Windows\system32\drivers
2012-01-23 21:58:38 ----D---- C:\Windows\system32\catroot
2012-01-23 21:58:30 ----D---- C:\Windows\system32\DriverStore
2012-01-20 13:33:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-13 19:37:49 ----D---- C:\Windows\pss
2012-01-13 19:36:14 ----D---- C:\Program Files (x86)\Common Files
2012-01-13 19:35:32 ----D---- C:\Program Files (x86)\Lingea
2012-01-13 18:36:50 ----D---- C:\Windows\system32\Tasks
2012-01-13 18:36:49 ----D---- C:\ProgramData\Skype
2012-01-13 18:35:56 ----D---- C:\Windows\SYSWOW64\drivers
2012-01-13 18:27:46 ----D---- C:\Users\Lydie\AppData\Roaming\Skype_old
2012-01-13 18:14:53 ----HD---- C:\Program Files (x86)\InstallJammer Registry
2012-01-13 17:55:00 ----D---- C:\Windows\SoftwareDistribution
2012-01-13 16:59:40 ----D---- C:\ProgramData\SpywareTerminator2012Upgrade
2012-01-13 16:50:04 ----D---- C:\9042fed0af3ff7816f
2012-01-13 16:44:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-13 16:44:05 ----D---- C:\Program Files (x86)\ASUS
2012-01-13 16:30:48 ----D---- C:\Windows\Panther
2012-01-13 16:30:48 ----D---- C:\Windows\ModemLogs
2012-01-13 16:30:48 ----D---- C:\Windows\Logs
2012-01-13 16:30:48 ----D---- C:\Windows\debug
2012-01-13 16:29:04 ----D---- C:\Program Files (x86)\CCleaner
2012-01-13 16:28:23 ----D---- C:\totalcmd
2012-01-12 09:01:26 ----D---- C:\Windows\Microsoft.NET
2012-01-12 09:00:47 ----RSD---- C:\Windows\assembly
2012-01-12 08:31:22 ----D---- C:\Windows\ehome
2012-01-11 22:44:19 ----A---- C:\Windows\system32\MRT.exe
2012-01-09 07:43:38 ----D---- C:\Windows\system32\wdi
2012-01-07 16:49:30 ----D---- C:\ProgramData\MFAData
2012-01-07 16:47:57 ----D---- C:\Windows\system32\drivers\AVG
2012-01-05 19:27:56 ----D---- C:\Windows\rescache
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Windows Media Player
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Windows Mail
2012-01-05 16:19:31 ----D---- C:\Program Files (x86)\Internet Explorer
2012-01-05 16:19:30 ----D---- C:\Program Files\Windows Sidebar
2012-01-05 16:19:30 ----D---- C:\Program Files\Windows Mail
2012-01-05 16:19:30 ----D---- C:\Program Files\Internet Explorer
2012-01-05 16:19:30 ----D---- C:\Program Files\DVD Maker
2012-01-05 16:19:29 ----D---- C:\Program Files\Windows Portable Devices
2012-01-05 16:19:29 ----D---- C:\Program Files\Windows Photo Viewer
2012-01-05 16:19:29 ----D---- C:\Program Files\Windows Media Player
2012-01-05 16:19:29 ----D---- C:\Program Files\Windows Journal
2012-01-05 16:19:29 ----D---- C:\Program Files\Common Files\System
2012-01-05 16:19:28 ----D---- C:\Windows\servicing
2012-01-05 16:19:28 ----D---- C:\Program Files\Windows Defender
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\Setup
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\oobe
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\migration
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\da-DK
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\cs
2012-01-05 16:19:22 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-01-05 16:19:21 ----D---- C:\Windows\SYSWOW64\wbem
2012-01-05 16:19:21 ----D---- C:\Windows\SYSWOW64\sppui
2012-01-05 16:19:21 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-01-05 16:19:21 ----D---- C:\Windows\SYSWOW64\es-ES
2012-01-05 16:19:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-01-05 16:19:20 ----D---- C:\Windows\SYSWOW64\migwiz
2012-01-05 16:19:20 ----D---- C:\Windows\SYSWOW64\Dism
2012-01-05 16:19:04 ----D---- C:\Windows\system32\Setup
2012-01-05 16:19:04 ----D---- C:\Windows\system32\oobe
2012-01-05 16:19:04 ----D---- C:\Windows\system32\migration
2012-01-05 16:19:04 ----D---- C:\Windows\system32\en-US
2012-01-05 16:19:04 ----D---- C:\Windows\system32\da-DK
2012-01-05 16:19:04 ----D---- C:\Windows\system32\cs
2012-01-05 16:19:04 ----D---- C:\Windows\system32\AdvancedInstallers
2012-01-05 16:19:04 ----D---- C:\Windows\PolicyDefinitions
2012-01-05 16:19:03 ----D---- C:\Windows\system32\cs-CZ
2012-01-05 16:19:02 ----D---- C:\Windows\system32\sppui
2012-01-05 16:19:02 ----D---- C:\Windows\system32\manifeststore
2012-01-05 16:19:02 ----D---- C:\Windows\system32\es-ES
2012-01-05 16:19:01 ----D---- C:\Windows\system32\wbem
2012-01-05 16:19:01 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-01-05 16:19:00 ----D---- C:\Windows\system32\migwiz
2012-01-05 16:19:00 ----D---- C:\Windows\system32\Dism
2012-01-05 16:18:43 ----RSD---- C:\Windows\Fonts
2012-01-05 16:18:43 ----D---- C:\Windows\AppPatch
2012-01-05 16:18:34 ----D---- C:\Windows\system32\Boot
2012-01-05 16:14:54 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-01-05 16:14:53 ----A---- C:\Windows\system32\msclmd.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2011-11-28 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2011-11-28 258392]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-11-28 140120]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-04-09 233040]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-04-09 33208]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/06 13:01:14]; \??\C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl [2009-11-19 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-01-13 51496]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 PAC7302;iLook 310; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
S1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-04-09 84696]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2008-07-28 1075712]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
S3 CrystalSysInfo;CrystalSysInfo; \??\E:\CrystalMark2004R2\SysInfoX64.sys []
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2010-04-29 20480]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\WINDOWS\SYSTEM32\HPSISVC.EXE [2010-04-30 127800]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-01-10 1148632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe []
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1255736]

-----------------EOF-----------------

Re: zamrzávání počítače

Napsal: 04 úno 2012 20:54
od Rudy
Poprosím o log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: zamrzávání počítače

Napsal: 04 úno 2012 22:16
od lydiet
ComboFix 12-02-05.01 - Lydie 04.02.2012 21:26:31.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.1026 [GMT 1:00]
Spuštěný z: c:\users\Lydie\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lydie\PDFCreator-1_2_3_setup.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-04 do 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-04 20:48 . 2012-02-04 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-04 18:54 . 2012-02-04 19:05 -------- d-----w- c:\program files\trend micro
2012-02-04 18:54 . 2012-02-04 18:55 -------- d-----w- C:\rsit
2012-02-03 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A786B11F-EA02-476C-846E-4E7E824FAE14}\mpengine.dll
2012-01-23 21:05 . 2012-01-23 21:05 -------- d-sh--w- c:\windows\ftpcache
2012-01-23 21:03 . 2012-01-23 21:03 -------- d-----w- c:\programdata\HP
2012-01-23 21:00 . 2012-01-23 21:01 -------- d-----w- c:\program files (x86)\HP
2012-01-23 20:59 . 2010-04-28 23:49 81920 ----a-r- c:\windows\SysWow64\mvusbews.dll
2012-01-23 20:59 . 2010-03-31 10:51 74240 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPM1210PP.dll
2012-01-23 20:58 . 2010-04-28 23:49 50688 ----a-w- c:\windows\system32\HPM1210SMs.dll
2012-01-23 20:58 . 2010-03-31 10:52 1366016 ----a-w- c:\windows\system32\HPM1210SM.exe
2012-01-23 20:58 . 2010-03-31 10:51 407040 ----a-w- c:\windows\system32\HPM1210LM.DLL
2012-01-23 20:56 . 2010-04-28 23:49 212992 ----a-w- c:\windows\system32\m1130wia.dll
2012-01-23 20:54 . 2010-04-28 23:49 20480 ----a-w- c:\windows\system32\drivers\mvusbews.sys
2012-01-23 20:54 . 2010-04-28 23:49 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-01-23 20:54 . 2010-04-28 23:49 82432 ----a-w- c:\windows\system32\mvusbews.dll
2012-01-23 20:54 . 2010-04-30 01:10 127800 ----a-r- c:\windows\system32\HPSIsvc.exe
2012-01-23 20:50 . 2012-01-23 20:50 -------- d-----w- c:\program files\HP
2012-01-19 17:51 . 2012-01-19 17:51 -------- d-----w- C:\b1342993284fd835e344
2012-01-13 18:36 . 2012-01-13 18:36 -------- d-----w- c:\program files (x86)\Common Files\Lingea Shared
2012-01-13 17:47 . 2012-01-13 17:47 -------- d-----w- c:\users\Lydie\AppData\Roaming\Skype
2012-01-13 17:43 . 2012-01-13 17:43 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-13 17:43 . 2012-02-04 13:29 -------- d-----w- c:\programdata\Spyware Terminator
2012-01-13 17:43 . 2012-01-13 17:43 -------- d-----w- c:\users\Lydie\AppData\Roaming\Spyware Terminator
2012-01-13 17:43 . 2012-01-13 17:43 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-01-13 15:40 . 2012-01-13 15:40 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-13 15:40 . 2012-01-13 15:40 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-13 15:40 . 2012-01-13 15:40 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-13 15:40 . 2012-01-13 15:40 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-11 08:56 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 08:56 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 08:56 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 08:56 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 08:55 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 08:55 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 08:55 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 08:55 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-07 16:55 . 2011-12-30 16:02 23896 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-01-07 16:44 . 2012-01-07 16:44 -------- d-----w- c:\programdata\IObit
2012-01-07 16:43 . 2012-01-07 16:43 -------- d-----w- c:\users\Lydie\AppData\Roaming\IObit
2012-01-07 16:43 . 2012-01-07 16:43 -------- d-----w- c:\program files (x86)\IObit
2012-01-07 15:56 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-07 15:56 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-07 15:56 . 2011-11-28 17:54 140120 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-01-07 15:55 . 2011-11-28 17:53 258392 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-01-07 15:55 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-07 15:55 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-07 15:55 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-07 15:55 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-07 15:55 . 2011-11-28 17:26 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-01-07 15:55 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-07 15:55 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-07 15:54 . 2012-01-07 15:54 -------- d-----w- c:\programdata\AVAST Software
2012-01-07 15:54 . 2012-01-07 15:54 -------- d-----w- c:\program files\AVAST Software
2012-01-07 15:52 . 2012-01-07 15:53 -------- d-----w- c:\users\Lydie\AppData\Roaming\Updatem
2012-01-07 15:52 . 2012-01-07 15:52 -------- d-----w- c:\users\Lydie\AppData\Roaming\avv
2012-01-07 15:52 . 2012-01-13 15:22 -------- d-----w- C:\Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-26 23:52 . 2010-05-04 17:49 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 15:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-05 15:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-11-28 18:01 . 2011-01-16 19:00 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-24 04:52 . 2011-12-14 15:48 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 06:35 . 2012-01-13 15:14 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:34 . 2012-01-13 15:14 224768 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
.
c:\users\Lydie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/06 13:01];c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl [2009-11-19 16:41 146928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPSIService;HP SI Service;c:\windows\SYSTEM32\HPSISVC.EXE [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-01-10 1148632]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000Core.job
- c:\users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-04 15:31]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000UA.job
- c:\users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-04 15:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-01-10 2779824]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-01-10 3621040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
TCP: DhcpNameServer = 192.168.2.1 192.168.120.1
TCP: Interfaces\{AC69B789-F996-473F-9723-E809E30CF93A}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{E70CC4CF-6D01-4387-9719-90D94857F726}: NameServer = 156.154.70.22,156.154.71.22
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Lydie\AppData\Roaming\Mozilla\Firefox\Profiles\supngpr5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2012-02-04 22:11:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-04 21:11
.
Před spuštěním: Volných bajtů: 263 660 068 864
Po spuštění: Volných bajtů: 265 267 683 328
.
- - End Of File - - 8B859B039C1973D5A1CBDAF7C91981C3

Re: zamrzávání počítače

Napsal: 04 úno 2012 23:02
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: zamrzávání počítače

Napsal: 05 úno 2012 12:38
od lydiet
ComboFix 12-02-05.01 - Lydie 05.02.2012 12:04:10.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.1056 [GMT 1:00]
Spuštěný z: c:\users\Lydie\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lydie\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-05 do 2012-02-05 )))))))))))))))))))))))))))))))
.
.
2012-02-05 11:11 . 2012-02-05 11:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-05 11:11 . 2012-02-05 11:11 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-04 18:54 . 2012-02-04 19:05 -------- d-----w- c:\program files\trend micro
2012-02-04 18:54 . 2012-02-04 18:55 -------- d-----w- C:\rsit
2012-02-03 11:51 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A786B11F-EA02-476C-846E-4E7E824FAE14}\mpengine.dll
2012-01-23 21:05 . 2012-01-23 21:05 -------- d-sh--w- c:\windows\ftpcache
2012-01-23 21:03 . 2012-01-23 21:03 -------- d-----w- c:\programdata\HP
2012-01-23 21:00 . 2012-01-23 21:01 -------- d-----w- c:\program files (x86)\HP
2012-01-23 20:59 . 2010-04-28 23:49 81920 ----a-r- c:\windows\SysWow64\mvusbews.dll
2012-01-23 20:59 . 2010-03-31 10:51 74240 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPM1210PP.dll
2012-01-23 20:58 . 2010-04-28 23:49 50688 ----a-w- c:\windows\system32\HPM1210SMs.dll
2012-01-23 20:58 . 2010-03-31 10:52 1366016 ----a-w- c:\windows\system32\HPM1210SM.exe
2012-01-23 20:58 . 2010-03-31 10:51 407040 ----a-w- c:\windows\system32\HPM1210LM.DLL
2012-01-23 20:56 . 2010-04-28 23:49 212992 ----a-w- c:\windows\system32\m1130wia.dll
2012-01-23 20:54 . 2010-04-28 23:49 20480 ----a-w- c:\windows\system32\drivers\mvusbews.sys
2012-01-23 20:54 . 2010-04-28 23:49 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-01-23 20:54 . 2010-04-28 23:49 82432 ----a-w- c:\windows\system32\mvusbews.dll
2012-01-23 20:54 . 2010-04-30 01:10 127800 ----a-r- c:\windows\system32\HPSIsvc.exe
2012-01-23 20:50 . 2012-01-23 20:50 -------- d-----w- c:\program files\HP
2012-01-19 17:51 . 2012-01-19 17:51 -------- d-----w- C:\b1342993284fd835e344
2012-01-13 18:36 . 2012-01-13 18:36 -------- d-----w- c:\program files (x86)\Common Files\Lingea Shared
2012-01-13 17:47 . 2012-01-13 17:47 -------- d-----w- c:\users\Lydie\AppData\Roaming\Skype
2012-01-13 17:43 . 2012-01-13 17:43 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-01-13 17:43 . 2012-02-04 13:29 -------- d-----w- c:\programdata\Spyware Terminator
2012-01-13 17:43 . 2012-01-13 17:43 -------- d-----w- c:\users\Lydie\AppData\Roaming\Spyware Terminator
2012-01-13 17:43 . 2012-01-13 17:43 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-01-13 15:40 . 2012-01-13 15:40 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-13 15:40 . 2012-01-13 15:40 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-13 15:40 . 2012-01-13 15:40 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-13 15:40 . 2012-01-13 15:40 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-11 08:56 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 08:56 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 08:56 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 08:56 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 08:55 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 08:55 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 08:55 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 08:55 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-07 16:55 . 2011-12-30 16:02 23896 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-01-07 16:44 . 2012-01-07 16:44 -------- d-----w- c:\programdata\IObit
2012-01-07 16:43 . 2012-01-07 16:43 -------- d-----w- c:\users\Lydie\AppData\Roaming\IObit
2012-01-07 16:43 . 2012-01-07 16:43 -------- d-----w- c:\program files (x86)\IObit
2012-01-07 15:56 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-07 15:56 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-07 15:56 . 2011-11-28 17:54 140120 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-01-07 15:55 . 2011-11-28 17:53 258392 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-01-07 15:55 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-07 15:55 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-07 15:55 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-07 15:55 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-07 15:55 . 2011-11-28 17:26 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-01-07 15:55 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-07 15:55 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-07 15:54 . 2012-01-07 15:54 -------- d-----w- c:\programdata\AVAST Software
2012-01-07 15:54 . 2012-01-07 15:54 -------- d-----w- c:\program files\AVAST Software
2012-01-07 15:52 . 2012-01-07 15:53 -------- d-----w- c:\users\Lydie\AppData\Roaming\Updatem
2012-01-07 15:52 . 2012-01-07 15:52 -------- d-----w- c:\users\Lydie\AppData\Roaming\avv
2012-01-07 15:52 . 2012-01-13 15:22 -------- d-----w- C:\Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-26 23:52 . 2010-05-04 17:49 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 15:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-05 15:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-11-28 18:01 . 2011-01-16 19:00 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-24 04:52 . 2011-12-14 15:48 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 06:35 . 2012-01-13 15:14 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:34 . 2012-01-13 15:14 224768 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-04_21.06.44 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-02-04 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-02-05 11:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-04 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-05 11:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-02 18:31 . 2012-02-05 11:14 43996 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-02-05 11:14 46984 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-05-02 17:29 . 2012-02-05 11:14 14836 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2349251419-2664913690-1612775895-1000_UserData.bin
- 2010-05-02 17:29 . 2012-02-04 20:52 14836 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2349251419-2664913690-1612775895-1000_UserData.bin
- 2010-05-02 16:51 . 2012-02-04 20:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-02 16:51 . 2012-02-05 11:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-05-02 16:51 . 2012-02-04 20:53 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-02 16:51 . 2012-02-05 11:14 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-05-02 16:51 . 2012-02-04 20:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-02 16:51 . 2012-02-05 11:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-05-02 16:00 . 2012-02-04 20:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-02 16:00 . 2012-02-05 11:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-02 16:00 . 2012-02-05 11:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-05-02 16:00 . 2012-02-04 20:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-02-04 20:50 . 2012-02-04 20:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-05 11:12 . 2012-02-05 11:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-05 11:12 . 2012-02-05 11:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-04 20:50 . 2012-02-04 20:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-02-04 20:50 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-05 11:12 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 05:01 . 2012-02-05 11:11 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-02-04 20:49 273876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-13 17:18 . 2012-02-05 11:11 274644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2349251419-2664913690-1612775895-1000-12288.dat
- 2012-01-13 17:18 . 2012-02-04 20:49 274644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2349251419-2664913690-1612775895-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
.
c:\users\Lydie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/06 13:01];c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl [2009-11-19 16:41 146928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPSIService;HP SI Service;c:\windows\SYSTEM32\HPSISVC.EXE [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-01-10 1148632]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000Core.job
- c:\users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-04 15:31]
.
2012-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2349251419-2664913690-1612775895-1000UA.job
- c:\users\Lydie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-04 15:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-01-10 2779824]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-01-10 3621040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
TCP: DhcpNameServer = 192.168.2.1 192.168.120.1
TCP: Interfaces\{AC69B789-F996-473F-9723-E809E30CF93A}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{E70CC4CF-6D01-4387-9719-90D94857F726}: NameServer = 156.154.70.22,156.154.71.22
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Lydie\AppData\Roaming\Mozilla\Firefox\Profiles\supngpr5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2012-02-05 12:26:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-05 11:26
ComboFix2.txt 2012-02-04 21:11
.
Před spuštěním: Volných bajtů: 265 080 688 640
Po spuštění: Volných bajtů: 264 800 514 048
.
- - End Of File - - 8CBFA3705C5B7A02AB70B8F6D41E5C7B

Re: zamrzávání počítače

Napsal: 05 úno 2012 13:11
od Rudy
Smazáno, log již vypadá OK. Nastala nějaká změna?

Re: zamrzávání počítače

Napsal: 06 úno 2012 23:40
od lydiet
Zatím vše v pořádku.
Mnohokrát děkuji!!

Re: zamrzávání počítače

Napsal: 07 úno 2012 18:12
od Rudy
Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz