VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tibor at 2012-05-09 08:44:48
Microsoft Windows 7 Professional
System drive C: has 14 GB (35%) free of 40 GB
Total RAM: 3579 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:44:51, on 9.5.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
D:\Programy\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Programy\Automatické vypnutí počítače\avp.exe
C:\Windows\Explorer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskhost.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Tibor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Automatické vypnutí počítače.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - D:\Programy\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe

--
End of file - 6315 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default

prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, linkfilter@kaspersky.ru:9.0.0.736, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, pdfforge@mybrowserbar.com:4.3, wtxpcom@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =642886&p="

"bkmrksync@nokia.com"=D:\Programy\Nokia\Nokia PC Suite 7\bkmrksync\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=d:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\extensions\
AstroToolbar@toolbarnet.com
centrumpomocnik@centrum.cz
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\searchplugins\
absearch-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - Astroburn Toolbar - C:\Program Files\Astroburn Toolbar\ABToolbar.dll [2011-05-23 1000768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-04-23 983904]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2009-12-24 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files\Bluetooth Suite\AthBtTray.exe [2010-04-01 285784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files\Bluetooth Suite\BtvStack.exe [2010-04-01 445528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Programy\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-06-09 206208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Automatické vypnutí počítače.lnk - D:\Programy\Automatické vypnutí počítače\avp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-10 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.dvsd"=pdvcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-05-09 08:32:16 ----D---- C:\Program Files\trend micro
2012-05-09 08:32:15 ----D---- C:\rsit
2012-05-09 08:22:40 ----D---- C:\Program Files\Microsoft Security Client
2012-05-09 07:46:22 ----D---- C:\Windows\temp
2012-05-09 07:46:19 ----A---- C:\ComboFix.txt
2012-05-09 07:41:06 ----SHD---- C:\$RECYCLE.BIN
2012-05-09 07:19:05 ----D---- C:\ComboFix
2012-05-07 08:00:04 ----D---- C:\Program Files\ConvertHelper
2012-05-03 18:28:41 ----D---- C:\Program Files\pdfforge Toolbar
2012-05-03 18:28:41 ----D---- C:\Program Files\Common Files\Spigot
2012-05-03 18:28:41 ----D---- C:\Program Files\Application Updater
2012-04-29 12:19:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\jscript9.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\jscript.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\iertutil.dll
2012-04-29 12:19:22 ----A---- C:\Windows\system32\wininet.dll
2012-04-29 12:19:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-29 12:19:21 ----A---- C:\Windows\system32\url.dll
2012-04-29 12:19:21 ----A---- C:\Windows\system32\ieui.dll
2012-04-29 12:19:20 ----A---- C:\Windows\system32\urlmon.dll
2012-04-29 12:19:19 ----A---- C:\Windows\system32\ieframe.dll
2012-04-29 12:19:18 ----A---- C:\Windows\system32\mshtml.dll
2012-04-29 12:19:10 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-29 12:19:09 ----A---- C:\Windows\system32\wmi.dll
2012-04-29 12:19:09 ----A---- C:\Windows\system32\wintrust.dll
2012-04-29 12:19:09 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-29 12:18:47 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-04-29 12:18:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-28 17:41:54 ----D---- C:\~$PVRTmp0$
2012-04-27 10:54:44 ----D---- C:\ProgramData\Mozilla
2012-04-27 10:54:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-04-26 20:15:48 ----D---- C:\Users\Tibor\AppData\Roaming\HDRsoft
2012-04-26 20:13:11 ----A---- C:\Windows\system32\drivers\netio.sys
2012-04-22 12:10:01 ----D---- C:\Program Files\Mozilla Firefox
2012-04-21 06:01:37 ----D---- C:\Program Files\Common Files\Symbian
2012-04-19 12:39:46 ----D---- C:\sh4ldr
2012-04-19 12:39:46 ----D---- C:\Program Files\Enigma Software Group
2012-04-19 12:37:55 ----D---- C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-19 12:37:49 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-16 07:30:07 ----D---- C:\Users\Tibor\AppData\Roaming\onOne Software
2012-04-15 19:27:19 ----D---- C:\Users\Tibor\AppData\Roaming\tiger-k
2012-04-15 19:27:16 ----D---- C:\Users\Tibor\AppData\Roaming\Leawo
2012-04-15 19:25:21 ----A---- C:\Windows\system32\unrar.dll
2012-04-15 19:25:13 ----D---- C:\Program Files\K-Lite Codec Pack
2012-04-15 19:25:01 ----A---- C:\Windows\system32\xvidcore.dll

======List of files/folders modified in the last 1 month======

2012-05-09 08:38:59 ----D---- C:\Windows\system32\config
2012-05-09 08:32:16 ----RD---- C:\Program Files
2012-05-09 08:27:08 ----SHD---- C:\System Volume Information
2012-05-09 08:22:56 ----SHD---- C:\Windows\Installer
2012-05-09 08:22:55 ----D---- C:\Config.Msi
2012-05-09 08:22:48 ----D---- C:\Windows\System32
2012-05-09 08:22:48 ----D---- C:\Windows\inf
2012-05-09 08:22:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-09 08:22:47 ----D---- C:\Windows\system32\catroot
2012-05-09 08:22:47 ----AD---- C:\Windows\system32\drivers
2012-05-09 07:46:24 ----D---- C:\Qoobox
2012-05-09 07:46:22 ----AD---- C:\Windows
2012-05-09 07:40:56 ----D---- C:\ProgramData
2012-05-09 07:40:46 ----A---- C:\Windows\system.ini
2012-05-09 07:40:39 ----D---- C:\Windows\system32\drivers\etc
2012-05-09 07:38:50 ----D---- C:\Windows\ERDNT
2012-05-09 07:34:24 ----D---- C:\Windows\AppPatch
2012-05-09 07:34:23 ----D---- C:\Program Files\Common Files
2012-05-08 11:53:39 ----D---- C:\Users\Tibor\AppData\Roaming\vlc
2012-05-07 15:12:30 ----D---- C:\e
2012-05-07 12:17:51 ----D---- C:\Windows\SoftwareDistribution
2012-05-07 06:38:35 ----D---- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
2012-05-07 06:38:34 ----D---- C:\Windows\debug
2012-05-06 19:29:42 ----D---- C:\Windows\winsxs
2012-05-06 19:19:22 ----D---- C:\Program Files\Nokia
2012-05-06 18:35:16 ----D---- C:\Users\Tibor\AppData\Roaming\PC Suite
2012-05-06 18:19:41 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-06 17:30:32 ----D---- C:\b
2012-05-05 08:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-05-02 18:28:16 ----D---- C:\Windows\system32\catroot2
2012-05-01 15:59:11 ----A---- C:\Windows\system32\MRT.exe
2012-04-30 14:52:24 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-04-29 12:45:52 ----D---- C:\Windows\system32\migration
2012-04-29 12:45:52 ----D---- C:\Program Files\Internet Explorer
2012-04-27 13:53:37 ----D---- C:\Users\Tibor\AppData\Roaming\Zoner
2012-04-27 13:52:33 ----D---- C:\Users\Tibor\AppData\Roaming\Vso
2012-04-27 13:52:23 ----D---- C:\Windows\Minidump
2012-04-27 13:50:06 ----D---- C:\Program Files\CCleaner
2012-04-26 20:13:46 ----SD---- C:\ProgramData\Microsoft
2012-04-26 17:39:29 ----D---- C:\ProgramData\AVAST Software
2012-04-26 11:35:28 ----D---- C:\Windows\system32\Tasks
2012-04-24 18:25:10 ----D---- C:\Windows\Prefetch
2012-04-21 06:01:36 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-21 06:00:02 ----D---- C:\Program Files\Common Files\InstallShield
2012-04-19 15:41:43 ----D---- C:\Program Files\Bluetooth Suite
2012-04-16 11:52:11 ----D---- C:\ProgramData\Installations
2012-04-16 11:52:02 ----D---- C:\Windows\system32\DriverStore
2012-04-16 11:44:32 ----D---- C:\Program Files\Common Files\Nokia
2012-04-16 11:41:33 ----D---- C:\Users\Tibor\AppData\Roaming\Nokia
2012-04-16 07:30:14 ----D---- C:\ProgramData\onOne Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 14392]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-01 443448]
R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251); C:\Windows\system32\DRIVERS\tdrpm251.sys [2010-12-25 902432]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-02 232512]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 24680]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-12-21 237104]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-12-13 3764800]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 28200]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys []
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
S2 AODDriver4.01;AODDriver4.01; C:\Windows\system32\drivers\AODDriver4.01.sys []
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-07-28 513408]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 257064]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 48168]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 141992]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2008-06-27 11648]
S3 catchme;catchme; \??\C:\Users\Tibor\AppData\Local\Temp\catchme.sys []
S3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-10-02 94336]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PTLIBUSB0;PRUFTECHNIK-USB-WIN-KERNEL DRIVER 02/25/2008, 1.12.0.1; C:\Windows\system32\DRIVERS\PTLIBUSB0.SYS [2008-03-07 22144]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 193640]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-04-23 785304]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\system32\nlssrv32.exe [2011-11-15 66560]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
S3 WO_LiveService;Ashampoo LiveTuner Service; D:\Programy\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
Děkuji.

Zdravím.

Vydž minutku, na logu se intenzivně pracuje.

Jako první odinstaluj Astroburn Toolbar a jestli tam najdeš cokoliv s názvem Spigot - obojí je bordel.

Doporučuji svižně odinstalovat Smart Defrag 2 a následně i vše od IObit. Jsou to čínské šmejdy, které hledají nesmyslné a neexistující problémy. Tvůrci software ukradli databázi havěti jiné renomované společnosti a účinek na PC je spíše nulový až negativní.

Doinstaluj si Windows 7 Service Pack 1 a všechny dostupné aktualizace!

Ten ComboFix Ti poradil kdo, prosím Tě?! Viz pravidla fóra, bod 3.: http://www.viry.cz/forum/viewtopic.php?f=12&t=5601

Nebezpečí CFka:

• Tento program je určen primárně pro rádce - jeho svévolným použitím ztrácíš nárok na podporu!
• Maže stopy po havěti, takže v logu ze RSITu není potom nic vidět!
• Jeho log je třeba doluštit, jelikož neumí smazat vše - to ovšem těžko zvládneš, pokud k tomu nejsi vyškolen!
• CF může mít bug - sundá Ti systém a pokud nevíš, kam co ukládá a jak co obnovit, máš systém v kytkách a čeká Tě reinstall!
• CF taky bohužel prozatím nekontroluje některé důležité knihovny (např. hal.dll) - ty mažou kupříkladu některé typy havěti (Angela a další) - smaže Ti po restartu hal.dll = nenajede Ti systém a jsi o řádek výše = reinstall!

Až vše toto provedeš, napiš a budeme pokračovat.

Ahoj, tak jsem vše provedl. Ohledně CF jednou dávno jsem si tady nechal kontrolovat pc a chtělo to log z CF proto jsem ho udělal s tím, že ho sem dám. Bohužel se teď používá log z jiného programu. No to bude asi pár let zpět.

Mno, nevím, jestli jsem to náhodou špatně nepochopil, nebo tomu tolik nerozumíš a nebo mě taháš za nos, protože ComboFix byl v Tvém počítači spuštěn naposledy dnes ráno v 07:46:19, takže rozhodně nikoliv asi pár let zpět.

Hoď mi sem aktuální log ze RSITu, ať se podívám, cos udělal a co ne.

Spíš jsem to napsal špatně, CF jsem spustil nechal jsem udělat log s tím, že ho dám do fóra na kontrolu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tibor at 2012-05-09 20:50:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 13 GB (33%) free of 40 GB
Total RAM: 3579 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:50:23, on 9.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe
D:\Programy\Automatické vypnutí počítače\avp.exe
C:\Windows\system32\wuauclt.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Tibor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Automatické vypnutí počítače.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - D:\Programy\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe

--
End of file - 5518 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default

prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, linkfilter@kaspersky.ru:9.0.0.736, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, pdfforge@mybrowserbar.com:4.3, wtxpcom@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =642886&p="

"bkmrksync@nokia.com"=D:\Programy\Nokia\Nokia PC Suite 7\bkmrksync\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=d:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\extensions\
centrumpomocnik@centrum.cz
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\searchplugins\
absearch-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2009-12-24 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files\Bluetooth Suite\AthBtTray.exe [2010-04-01 285784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files\Bluetooth Suite\BtvStack.exe [2010-04-01 445528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Programy\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-06-09 206208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Automatické vypnutí počítače.lnk - D:\Programy\Automatické vypnutí počítače\avp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-10 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.dvsd"=pdvcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-05-09 19:06:46 ----D---- C:\Windows\system32\SPReview
2012-05-09 15:48:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-09 15:47:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-05-09 15:47:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-09 15:47:46 ----A---- C:\Windows\system32\win32k.sys
2012-05-09 15:47:13 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-09 15:45:42 ----A---- C:\Windows\system32\DWrite.dll
2012-05-09 08:32:16 ----D---- C:\Program Files\trend micro
2012-05-09 08:32:15 ----D---- C:\rsit
2012-05-09 08:22:40 ----D---- C:\Program Files\Microsoft Security Client
2012-05-09 07:46:22 ----D---- C:\Windows\temp
2012-05-09 07:46:19 ----A---- C:\ComboFix.txt
2012-05-09 07:41:06 ----SHD---- C:\$RECYCLE.BIN
2012-05-09 07:19:05 ----D---- C:\ComboFix
2012-05-07 08:00:04 ----D---- C:\Program Files\ConvertHelper
2012-04-29 12:19:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\jscript9.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\jscript.dll
2012-04-29 12:19:23 ----A---- C:\Windows\system32\iertutil.dll
2012-04-29 12:19:22 ----A---- C:\Windows\system32\wininet.dll
2012-04-29 12:19:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-29 12:19:21 ----A---- C:\Windows\system32\url.dll
2012-04-29 12:19:21 ----A---- C:\Windows\system32\ieui.dll
2012-04-29 12:19:20 ----A---- C:\Windows\system32\urlmon.dll
2012-04-29 12:19:19 ----A---- C:\Windows\system32\ieframe.dll
2012-04-29 12:19:18 ----A---- C:\Windows\system32\mshtml.dll
2012-04-29 12:19:10 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-29 12:19:09 ----A---- C:\Windows\system32\wmi.dll
2012-04-29 12:19:09 ----A---- C:\Windows\system32\wintrust.dll
2012-04-29 12:19:09 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-28 17:41:54 ----D---- C:\~$PVRTmp0$
2012-04-27 10:54:44 ----D---- C:\ProgramData\Mozilla
2012-04-26 20:15:48 ----D---- C:\Users\Tibor\AppData\Roaming\HDRsoft
2012-04-22 12:10:01 ----D---- C:\Program Files\Mozilla Firefox
2012-04-19 12:39:46 ----D---- C:\sh4ldr
2012-04-19 12:39:46 ----D---- C:\Program Files\Enigma Software Group
2012-04-19 12:37:55 ----D---- C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-19 12:37:49 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-16 07:30:07 ----D---- C:\Users\Tibor\AppData\Roaming\onOne Software
2012-04-15 19:27:19 ----D---- C:\Users\Tibor\AppData\Roaming\tiger-k
2012-04-15 19:27:16 ----D---- C:\Users\Tibor\AppData\Roaming\Leawo
2012-04-15 19:25:21 ----A---- C:\Windows\system32\unrar.dll
2012-04-15 19:25:13 ----D---- C:\Program Files\K-Lite Codec Pack
2012-04-15 19:25:01 ----A---- C:\Windows\system32\xvidcore.dll

======List of files/folders modified in the last 1 month======

2012-05-09 20:41:31 ----D---- C:\Program Files\Common Files\InstallShield
2012-05-09 20:40:35 ----D---- C:\Program Files\Common Files
2012-05-09 20:40:30 ----SHD---- C:\System Volume Information
2012-05-09 20:39:50 ----RD---- C:\Program Files
2012-05-09 20:29:03 ----D---- C:\Windows\Microsoft.NET
2012-05-09 20:28:34 ----RSD---- C:\Windows\assembly
2012-05-09 20:18:16 ----SHD---- C:\Windows\Installer
2012-05-09 20:18:15 ----D---- C:\Config.Msi
2012-05-09 20:16:06 ----D---- C:\Windows\system32\config
2012-05-09 20:15:59 ----D---- C:\Windows\winsxs
2012-05-09 20:11:03 ----D---- C:\ProgramData\Corel
2012-05-09 20:05:35 ----D---- C:\Windows\System32
2012-05-09 19:30:15 ----D---- C:\Windows\inf
2012-05-09 19:30:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-09 19:24:14 ----D---- C:\ProgramData
2012-05-09 19:19:41 ----AD---- C:\Windows
2012-05-09 19:18:55 ----D---- C:\Windows\system32\DriverStore
2012-05-09 19:14:55 ----D---- C:\Program Files\Windows Sidebar
2012-05-09 19:14:55 ----D---- C:\Program Files\Windows Mail
2012-05-09 19:14:53 ----D---- C:\Program Files\DVD Maker
2012-05-09 19:14:52 ----D---- C:\Program Files\Windows Portable Devices
2012-05-09 19:14:52 ----D---- C:\Program Files\Windows Photo Viewer
2012-05-09 19:14:52 ----D---- C:\Program Files\Windows Media Player
2012-05-09 19:14:52 ----D---- C:\Program Files\Windows Journal
2012-05-09 19:14:52 ----D---- C:\Program Files\Internet Explorer
2012-05-09 19:14:51 ----D---- C:\Program Files\Common Files\System
2012-05-09 19:14:49 ----D---- C:\Windows\servicing
2012-05-09 19:14:49 ----D---- C:\Windows\ehome
2012-05-09 19:14:49 ----D---- C:\Program Files\Windows Defender
2012-05-09 19:14:40 ----D---- C:\Windows\system32\oobe
2012-05-09 19:14:40 ----D---- C:\Windows\system32\en-US
2012-05-09 19:14:40 ----D---- C:\Windows\system32\da-DK
2012-05-09 19:14:40 ----D---- C:\Windows\PolicyDefinitions
2012-05-09 19:14:39 ----D---- C:\Windows\system32\sysprep
2012-05-09 19:14:39 ----D---- C:\Windows\system32\migration
2012-05-09 19:14:38 ----D---- C:\Windows\system32\Setup
2012-05-09 19:14:38 ----D---- C:\Windows\system32\cs
2012-05-09 19:14:38 ----D---- C:\Windows\system32\AdvancedInstallers
2012-05-09 19:14:35 ----D---- C:\Windows\system32\cs-CZ
2012-05-09 19:14:33 ----D---- C:\Windows\system32\sppui
2012-05-09 19:14:33 ----D---- C:\Windows\system32\manifeststore
2012-05-09 19:14:33 ----D---- C:\Windows\system32\es-ES
2012-05-09 19:14:31 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-09 19:14:31 ----AD---- C:\Windows\system32\drivers
2012-05-09 19:14:30 ----D---- C:\Windows\system32\wbem
2012-05-09 19:14:29 ----D---- C:\Windows\system32\migwiz
2012-05-09 19:14:29 ----D---- C:\Windows\system32\Dism
2012-05-09 19:13:52 ----RSD---- C:\Windows\Fonts
2012-05-09 19:13:51 ----D---- C:\Windows\AppPatch
2012-05-09 19:13:45 ----D---- C:\Windows\system32\Boot
2012-05-09 19:09:13 ----D---- C:\Windows\system32\drivers\UMDF
2012-05-09 18:59:02 ----A---- C:\Windows\system32\msclmd.dll
2012-05-09 16:01:46 ----D---- C:\Windows\debug
2012-05-09 16:01:45 ----A---- C:\Windows\system32\MRT.exe
2012-05-09 15:49:28 ----D---- C:\Windows\system32\catroot
2012-05-09 15:47:21 ----D---- C:\Windows\system32\catroot2
2012-05-09 15:25:06 ----D---- C:\Program Files\Astroburn Toolbar
2012-05-09 14:25:46 ----D---- C:\e
2012-05-09 07:46:24 ----D---- C:\Qoobox
2012-05-09 07:40:46 ----A---- C:\Windows\system.ini
2012-05-09 07:40:39 ----D---- C:\Windows\system32\drivers\etc
2012-05-09 07:38:50 ----D---- C:\Windows\ERDNT
2012-05-08 11:53:39 ----D---- C:\Users\Tibor\AppData\Roaming\vlc
2012-05-07 12:17:51 ----D---- C:\Windows\SoftwareDistribution
2012-05-07 06:38:35 ----D---- C:\Users\Tibor\AppData\Roaming\DAEMON Tools Lite
2012-05-06 19:19:22 ----D---- C:\Program Files\Nokia
2012-05-06 18:35:16 ----D---- C:\Users\Tibor\AppData\Roaming\PC Suite
2012-05-06 17:30:32 ----D---- C:\b
2012-05-05 08:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-04-30 14:52:24 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-04-27 13:53:37 ----D---- C:\Users\Tibor\AppData\Roaming\Zoner
2012-04-27 13:52:33 ----D---- C:\Users\Tibor\AppData\Roaming\Vso
2012-04-27 13:52:23 ----D---- C:\Windows\Minidump
2012-04-27 13:50:06 ----D---- C:\Program Files\CCleaner
2012-04-26 20:13:46 ----SD---- C:\ProgramData\Microsoft
2012-04-26 17:39:29 ----D---- C:\ProgramData\AVAST Software
2012-04-26 11:35:28 ----D---- C:\Windows\system32\Tasks
2012-04-24 18:25:10 ----D---- C:\Windows\Prefetch
2012-04-21 06:01:36 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-19 15:41:43 ----D---- C:\Program Files\Bluetooth Suite
2012-04-16 11:52:11 ----D---- C:\ProgramData\Installations
2012-04-16 11:44:32 ----D---- C:\Program Files\Common Files\Nokia
2012-04-16 11:41:33 ----D---- C:\Users\Tibor\AppData\Roaming\Nokia
2012-04-16 07:30:14 ----D---- C:\ProgramData\onOne Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 14392]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-01 443448]
R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251); C:\Windows\system32\DRIVERS\tdrpm251.sys [2010-12-25 902432]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-02 232512]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 24680]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-12-21 237104]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-12-13 3764800]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-05-20 28200]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys []
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
S2 AODDriver4.01;AODDriver4.01; C:\Windows\system32\drivers\AODDriver4.01.sys []
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-07-28 513408]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 257064]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 48168]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 141992]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2008-06-27 11648]
S3 catchme;catchme; \??\C:\Users\Tibor\AppData\Local\Temp\catchme.sys []
S3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-10-02 94336]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PTLIBUSB0;PRUFTECHNIK-USB-WIN-KERNEL DRIVER 02/25/2008, 1.12.0.1; C:\Windows\system32\DRIVERS\PTLIBUSB0.SYS [2008-03-07 22144]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-17 193640]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\system32\nlssrv32.exe [2011-11-15 66560]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
S3 WO_LiveService;Ashampoo LiveTuner Service; D:\Programy\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

No a ještě log toho prokletého ComboFixu:



ComboFix 12-05-08.02 - Tibor 09.05.2012 7:20.7.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3579.2400 [GMT 2:00]
Spuštěný z: c:\users\Tibor\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\a
c:\a\CD LabelPrint 141 + cz\Čeština pro CD-LabelPrint v1.4.1.exe
c:\a\CD LabelPrint 141 + cz\CD-LabelPrint141 čeština.rar
c:\a\CD LabelPrint 141 + cz\cdlpwin141en.exe
c:\a\kis9.0.0.736cs.exe
c:\program files\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\users\Tibor\AppData\Roaming\vso_ts_preview.xml
c:\windows\system32\win.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RelevantKnowledge
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-09 do 2012-05-09 )))))))))))))))))))))))))))))))
.
.
2012-05-09 05:38 . 2012-05-09 05:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-09 05:38 . 2012-05-09 05:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-07 06:00 . 2012-05-07 06:00 -------- d-----w- c:\program files\ConvertHelper
2012-05-03 16:28 . 2012-05-03 16:28 -------- d-----w- c:\program files\Application Updater
2012-05-03 16:28 . 2012-05-03 16:28 -------- d-----w- c:\program files\pdfforge Toolbar
2012-05-03 16:28 . 2012-05-03 16:28 -------- d-----w- c:\program files\Common Files\Spigot
2012-04-29 10:18 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-29 10:18 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-28 15:41 . 2012-04-28 15:41 -------- d-----w- C:\~$PVRTmp0$
2012-04-27 08:54 . 2012-04-27 08:54 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-26 18:15 . 2012-04-26 18:15 -------- d-----w- c:\users\Tibor\AppData\Roaming\HDRsoft
2012-04-26 18:13 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2012-04-21 04:01 . 2012-04-21 04:01 -------- d-----w- c:\program files\Common Files\Symbian
2012-04-21 04:00 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-04-21 04:00 . 2005-04-03 20:57 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2012-04-21 04:00 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-04-21 04:00 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-04-21 04:00 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-04-21 04:00 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-04-21 04:00 . 2012-04-21 04:00 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-04-21 04:00 . 2012-04-21 04:00 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconCF33A0CE.exe
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconF7A21AF7.exe
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconD7F16134.exe
2012-04-19 10:39 . 2012-04-19 10:43 -------- d-----w- C:\sh4ldr
2012-04-19 10:39 . 2012-04-19 10:39 -------- d-----w- c:\program files\Enigma Software Group
2012-04-19 10:37 . 2012-04-19 10:41 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-19 10:37 . 2012-04-19 10:37 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-04-16 09:44 . 2012-04-16 09:44 49152 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2012-04-16 09:44 . 2012-04-16 09:44 73728 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2012-04-16 09:44 . 2012-04-16 09:44 73728 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2012-04-16 09:44 . 2012-04-16 09:44 53248 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2012-04-16 09:44 . 2012-04-16 09:44 49152 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2012-04-16 05:30 . 2012-04-16 05:30 -------- d-----w- c:\users\Tibor\AppData\Roaming\onOne Software
2012-04-15 17:27 . 2012-04-15 17:31 -------- d-----w- c:\users\Tibor\AppData\Roaming\tiger-k
2012-04-15 17:27 . 2012-04-15 17:27 -------- d-----w- c:\users\Tibor\AppData\Roaming\Leawo
2012-04-15 17:25 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2012-04-15 17:25 . 2012-04-15 17:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2012-04-15 17:25 . 2012-01-09 09:34 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-04-15 17:25 . 2012-01-09 09:34 139264 ----a-w- c:\windows\system32\xvid.ax
2012-04-09 10:55 . 2012-04-26 15:39 -------- d-----w- c:\programdata\AVAST Software
2012-04-09 10:55 . 2012-04-09 10:55 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 05:22 . 2012-05-09 05:22 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59533F6B-C5D8-4933-A09E-D6C8896B6229}\offreg.dll
2012-05-05 06:21 . 2012-03-30 03:36 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 06:21 . 2011-05-24 03:06 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-09 06:20 . 2011-09-19 05:31 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-14 02:15 . 2012-04-08 15:17 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59533F6B-C5D8-4933-A09E-D6C8896B6229}\mpengine.dll
2012-02-15 05:44 . 2012-04-08 15:14 826368 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 04:22 . 2012-04-08 15:14 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:22 . 2012-04-08 15:14 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:41 . 2012-04-08 15:13 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:41 . 2012-04-08 15:13 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 05:41 . 2012-04-08 15:13 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 05:41 . 2012-04-08 15:13 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-04-08 15:13 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-04-27 08:54 . 2012-04-22 10:10 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"= "c:\program files\Astroburn Toolbar\ABToolbar.dll" [2011-05-23 1000768]
.
[HKEY_CLASSES_ROOT\clsid\{efeed92a-a33d-4873-ba8f-32baa631e54d}]
[HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{142EECD7-B6CA-4e29-AE5D-A4798EF4FD7F}]
[HKEY_CLASSES_ROOT\ABToolbar.ToolBandObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-04-23 983904]
.
c:\users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Automatické vypnutí počítače.lnk - d:\programy\Automatické vypnutí počítače\avp.exe [2004-12-28 443392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-10-2 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-09-23 13:59 391144 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2009-12-24 03:41 233472 ----a-w- c:\program files\Apoint2K\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
2010-04-01 08:27 285784 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
2010-04-01 08:26 445528 ----a-w- c:\program files\Bluetooth Suite\BtvStack.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- d:\programy\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
2012-02-28 13:53 190768 ----a-w- c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2010-06-09 17:54 206208 ----a-w- c:\windows\PLFSetI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
2010-09-02 14:49 2536752 ----a-w- c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
2010-09-23 13:59 391144 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-11-09 21:45 343168 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R2 AODDriver4.01;AODDriver4.01; [x]
R2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\Drivers\Ca1528av.sys [2008-07-28 513408]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-03-30 257064]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 177704]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 48168]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 141992]
R3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\Drivers\Bulk1528.sys [2008-06-27 11648]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [2011-10-02 94336]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
R3 PTLIBUSB0;PRUFTECHNIK-USB-WIN-KERNEL DRIVER 02/25/2008, 1.12.0.1;c:\windows\system32\DRIVERS\PTLIBUSB0.SYS [2008-03-07 22144]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 193640]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
R3 WO_LiveService;Ashampoo LiveTuner Service;d:\programy\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-09-28 885160]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2010-12-25 902432]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-02 232512]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
S1 VD_FileDisk;VD_FileDisk; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2012-04-23 785304]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2011-11-15 66560]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-05-20 28200]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 06:21]
.
2012-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000Core.job
- c:\users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-13 17:45]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000UA.job
- c:\users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-13 17:45]
.
.
------- Doplňkový sken -------
.
uStart Page = astroburn-search.com
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=642886&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-AdobeBridge - (no file)
SafeBoot-SolutoService
MSConfigStartUp-TrueImageMonitor - (no file)
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2768)
d:\programy\Altap Salamander 2.5\plugins\salamext.dll
c:\program files\Bluetooth Suite\AthCopyHook.dll
d:\programy\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
d:\programy\Nokia\Nokia PC Suite 7\NGSCM.DLL
d:\programy\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
d:\programy\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
d:\programy\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
d:\programy\Automatické vypnutí poc:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-05-09 07:46:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-09 05:46
.
Před spuštěním: Volných bajtů: 14 038 249 472
Po spuštění: Volných bajtů: 13 624 340 480
.
- - End Of File - - 68993FD08CD8BDC05AC51BFC29C38060

TG007 píše:Spíš jsem to napsal špatně, CF jsem spustil nechal jsem udělat log s tím, že ho dám do fóra na kontrolu.

OK, tak to potom jo. Každopádně si nepamatuji, že by zde byl někdy ComboFix požadován jako vstupní log. Co si pamatuji, tak to byl vždy HJT a teď poslední roky je to detailnější log ze RSIT.
Takže na ComboFix raději honem rychle zapomeň - viz varování, která jsem Ti napsal.

A BTW, ComboFix není proklatý, ale požehnaný software - akorát se to s ním musí umět. Je to dobrý sluha, ale špatný pán. Žádná hračka v rukou nezkušeného uživatele.


Takže fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\Tibor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =


Stáhni si aktuální verzi CF z této lokace http://download.bleepingcomputer.com/sUBs/ComboFix.exe a nahraď jej za tu, co máš - ať mám jistotu, že máš poslední verzi.

Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.

• Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
• Zkopíruj do něj tento script:

• Ulož vytvořený TXT jako CFScript.txt
• Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
  
• Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.

Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.

ComboFix 12-05-10.02 - Tibor 10.05.2012 15:50:41.8.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3579.2614 [GMT 2:00]
Spuštěný z: c:\users\Tibor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tibor\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\searchplugins\absearch-search.xml"
"c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$RECYCLE.BIN
C:\~$PVRTmp0$
c:\~$pvrtmp0$\~$PVRTmp0$\04_28_2012_17_41_54.mpg
c:\program files\Astroburn Toolbar
c:\program files\Astroburn Toolbar\_AstroburnLite.xml
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-10 do 2012-05-10 )))))))))))))))))))))))))))))))
.
.
2012-05-10 13:57 . 2012-05-10 13:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-10 13:57 . 2012-05-10 13:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-09 17:06 . 2012-05-09 17:06 -------- d-----w- c:\windows\system32\SPReview
2012-05-09 13:48 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 13:47 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-09 13:47 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 13:47 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 13:47 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 13:47 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 13:47 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 13:47 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 13:47 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 13:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 06:32 . 2012-05-10 13:45 -------- d-----w- c:\program files\trend micro
2012-05-09 06:32 . 2012-05-09 06:33 -------- d-----w- C:\rsit
2012-05-07 06:00 . 2012-05-07 06:00 -------- d-----w- c:\program files\ConvertHelper
2012-04-26 18:15 . 2012-04-26 18:15 -------- d-----w- c:\users\Tibor\AppData\Roaming\HDRsoft
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconCF33A0CE.exe
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconF7A21AF7.exe
2012-04-19 10:39 . 2012-04-19 10:39 110080 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconD7F16134.exe
2012-04-19 10:39 . 2012-04-19 10:43 -------- d-----w- C:\sh4ldr
2012-04-19 10:39 . 2012-04-19 10:39 -------- d-----w- c:\program files\Enigma Software Group
2012-04-19 10:37 . 2012-04-19 10:41 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-04-19 10:37 . 2012-04-19 10:37 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-04-16 09:44 . 2012-04-16 09:44 49152 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2012-04-16 09:44 . 2012-04-16 09:44 73728 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2012-04-16 09:44 . 2012-04-16 09:44 73728 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2012-04-16 09:44 . 2012-04-16 09:44 53248 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2012-04-16 09:44 . 2012-04-16 09:44 49152 ----a-r- c:\users\Tibor\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2012-04-16 05:30 . 2012-04-16 05:30 -------- d-----w- c:\users\Tibor\AppData\Roaming\onOne Software
2012-04-15 17:27 . 2012-04-15 17:31 -------- d-----w- c:\users\Tibor\AppData\Roaming\tiger-k
2012-04-15 17:27 . 2012-04-15 17:27 -------- d-----w- c:\users\Tibor\AppData\Roaming\Leawo
2012-04-15 17:25 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2012-04-15 17:25 . 2012-04-15 17:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2012-04-15 17:25 . 2012-01-09 09:34 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-04-15 17:25 . 2012-01-09 09:34 139264 ----a-w- c:\windows\system32\xvid.ax
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 16:59 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-05-05 06:21 . 2012-03-30 03:36 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 06:21 . 2011-05-24 03:06 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-09 06:20 . 2011-09-19 05:31 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-14 02:15 . 2012-04-08 15:17 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59533F6B-C5D8-4933-A09E-D6C8896B6229}\mpengine.dll
2012-02-17 05:34 . 2012-04-08 15:14 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-04-08 15:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-04-08 15:14 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-04-27 08:54 . 2012-04-22 10:10 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
.
c:\users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Automatické vypnutí počítače.lnk - d:\programy\Automatické vypnutí počítače\avp.exe [2004-12-28 443392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\programy\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-10-2 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R2 AODDriver4.01;AODDriver4.01; [x]
R2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\Drivers\Ca1528av.sys [2008-07-28 513408]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-03-30 257064]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-05-20 177704]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 48168]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 141992]
R3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\Drivers\Bulk1528.sys [2008-06-27 11648]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-05-06 13904]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [2011-10-02 94336]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
R3 PTLIBUSB0;PRUFTECHNIK-USB-WIN-KERNEL DRIVER 02/25/2008, 1.12.0.1;c:\windows\system32\DRIVERS\PTLIBUSB0.SYS [2008-03-07 22144]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 193640]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1343400]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2010-12-25 902432]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-02 232512]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
S1 VD_FileDisk;VD_FileDisk; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2011-11-15 66560]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-05-20 28200]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 06:21]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000Core.job
- c:\users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-13 17:45]
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293342361-3049962748-1719793292-1000UA.job
- c:\users\Tibor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-13 17:45]
.
.
------- Doplňkový sken -------
.
uStart Page = astroburn-search.com
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\tgg01b3o.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1700)
d:\programy\Altap Salamander 2.5\plugins\salamext.dll
c:\program files\Bluetooth Suite\AthCopyHook.dll
d:\programy\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
d:\programy\Nokia\Nokia PC Suite 7\NGSCM.DLL
d:\programy\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
d:\programy\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
d:\programy\Automatické vypnutí poc:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\windows\ehome\mcupdate.EXE
.
**************************************************************************
.
Celkový čas: 2012-05-10 16:05:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-10 14:05
ComboFix2.txt 2012-05-09 05:46

.
Před spuštěním: Volných bajtů: 13 252 694 016
Po spuštění: Volných bajtů: 13 196 214 272
.
- - End Of File - - D44CC2A317AB7F24FA8475724A609602

Jak se chová počítač?

bez problémů, restartoval a naběhl. Žádné podezřelé chování jsem nepozoroval.

OK, tak dočistíme a máme hotovo.
Nezapomeň na upozornění ohledně CF!


Odinstalujeme ComboFix.

• Přejmenuj ComboFix na Uninstall.
• Spusť jej.

Spusť znovu OTM a klikni na tlačítko [CleanUp!] - tím po sobě program uklidí.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stáhni a spusť.
• Pro potvrzení volby mačkej A, Enter.
• Po použití utilitu smaž.
• Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

Děkuji mnohokrát za tvé rady a čas, který jsi mi věnoval.

Není vůbec zač a rádo se stalo. Přeji pěkný den.