Prosím o kontrolu logů Vyřešeno

[Žbeky]

Zkus to v nouzáku

[Reklama]

[Clorky]

ComboFix 11-04-30.01 - Peta 30.04.2011 22:29:48.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3582.1980 [GMT 2:00]
Spuštěný z: C:\Users\Peta\Desktop\Download\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Peta\Desktop\CFScript.txt
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"C:\Windows\SysWOW64\h4x0r.dll"


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Users\Peta\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Peta\AppData\Local\Temp\sfareca00001.dll
C:\Windows\SysWOW64\h4x0r.dll

---- Předchozí spuštění -------

C:\DUMP74a2.tmp
C:\DUMP79ef.tmp
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.dat
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.exe
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.msi
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.par
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.res
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\instance.dat
C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\mia.lib
C:\Users\Peta\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Peta\AppData\Local\Temp\sfareca00001.dll
C:\Windows\IFinst27.exe
C:\Windows\iun6002.exe
C:\Windows\system32\DRIVERS\ehdrv.sys
C:\Windows\system32\DRIVERS\epfwwfpr.sys
C:\Windows\system32\PerfStringBackup.TMP
C:\Windows\Tasks\RegCure Program Check.job
C:\Windows\Tasks\RegCure.job


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CPUZ130
-------\Legacy_EHDRV
-------\Legacy_EPFWWFPR
-------\Service_cpuz130
-------\Service_ehdrv
-------\Service_epfwwfpr


((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-30 )))))))))))))))))))))))))))))))


2011-04-30 20:37:29 . 2011-04-30 20:37:29 -------- d-----w- C:\Users\Administrator\AppData\Local\temp
2011-04-30 18:32:15 . 2011-04-30 20:31:27 6802 ----a-w- C:\Windows\system32\PerfStringBackup.TMP
2011-04-30 15:56:26 . 2011-04-30 15:56:26 -------- d-----w- C:\Users\Peta\AppData\Local\2K Games
2011-04-30 15:06:19 . 2011-04-30 15:06:19 -------- d-----w- C:\ProgramData\ATI
2011-04-30 15:03:15 . 2011-04-30 15:03:15 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-04-27 19:02:48 . 2011-04-27 19:02:48 612352 ----a-w- C:\Windows\system32\vbscript.dll
2011-04-27 19:02:48 . 2011-04-27 19:02:48 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-04-27 18:58:07 . 2011-04-27 18:58:07 976896 ----a-w- C:\Windows\system32\inetcomm.dll
2011-04-27 18:58:07 . 2011-04-27 18:58:07 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-04-27 18:58:04 . 2011-04-27 18:58:04 90624 ----a-w- C:\Windows\system32\drivers\bowser.sys
2011-04-27 18:58:04 . 2011-04-27 18:58:04 286720 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-27 18:58:04 . 2011-04-27 18:58:04 157696 ----a-w- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-27 18:58:04 . 2011-04-27 18:58:04 126464 ----a-w- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-27 18:58:00 . 2011-04-27 18:58:00 1395712 ----a-w- C:\Windows\system32\mfc42.dll
2011-04-27 18:58:00 . 2011-04-27 18:58:00 1359872 ----a-w- C:\Windows\system32\mfc42u.dll
2011-04-27 18:58:00 . 2011-04-27 18:58:00 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-04-27 18:58:00 . 2011-04-27 18:58:00 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-04-27 18:25:04 . 2011-04-27 18:25:04 461312 ----a-w- C:\Windows\system32\drivers\srv.sys
2011-04-27 18:25:04 . 2011-04-27 18:25:04 401920 ----a-w- C:\Windows\system32\drivers\srv2.sys
2011-04-27 18:25:04 . 2011-04-27 18:25:04 161792 ----a-w- C:\Windows\system32\drivers\srvnet.sys
2011-04-24 12:27:47 . 2011-04-24 15:21:22 -------- d-----w- C:\Users\Peta\AppData\Roaming\YoWindow
2011-04-24 12:27:47 . 2011-04-24 12:27:47 -------- d-----w- C:\ProgramData\YoWindow
2011-04-24 12:27:25 . 2011-04-24 12:27:47 -------- d-----w- C:\Program Files (x86)\YoWindow
2011-04-24 11:43:13 . 2011-04-24 11:43:13 -------- d-----w- C:\Users\Peta\AppData\Roaming\Ashampoo
2011-04-24 11:43:05 . 2011-04-24 11:43:05 -------- d-----w- C:\Users\Peta\AppData\Local\ashampoo
2011-04-24 11:43:05 . 2011-04-24 11:43:05 -------- d-----w- C:\ProgramData\ashampoo
2011-04-24 11:43:02 . 2011-04-30 16:11:40 -------- d-----w- C:\Program Files (x86)\Ashampoo
2011-04-23 22:03:38 . 2011-04-23 22:03:38 -------- d-----w- C:\Users\Peta\AppData\Local\Stardock
2011-04-23 22:03:01 . 2011-04-23 22:03:01 -------- d-----w- C:\Program Files (x86)\Stardock
2011-04-23 21:41:53 . 2011-04-24 12:10:49 -------- d-----w- C:\Program Files (x86)\RocketDock
2011-04-23 21:36:28 . 2011-04-23 21:36:28 -------- d-----w- C:\Program Files (x86)\Shock Utility
2011-04-21 16:25:35 . 2011-04-21 16:28:32 -------- d-----w- C:\Users\Peta\AppData\Local\Diagnostics
2011-04-16 12:32:17 . 2011-04-16 12:35:05 -------- d-----w- C:\Program Files (x86)\SpeedBit Video Accelerator
2011-04-16 12:25:25 . 2011-04-16 12:38:02 -------- d-----w- C:\ProgramData\SpeedBit
2011-04-16 12:25:23 . 2011-04-16 12:25:22 84480 ----a-w- C:\Windows\SysWow64\EasyHook32.dll
2011-04-16 12:25:21 . 2011-04-16 12:25:21 172032 ----a-w- C:\Windows\SysWow64\AniGIF.ocx
2011-04-16 12:12:22 . 2011-04-18 17:18:01 287064 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2011-04-16 12:12:22 . 2011-04-18 17:13:01 22360 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2011-04-16 12:12:19 . 2011-04-18 17:18:51 127832 ----a-w- C:\Windows\system32\drivers\aswFW.sys
2011-04-16 12:12:09 . 2011-04-18 17:17:59 600920 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2011-04-16 12:12:09 . 2011-04-18 17:16:23 53592 ----a-w- C:\Windows\system32\drivers\aswTdi.sys
2011-04-16 12:12:09 . 2011-04-18 17:13:24 31064 ----a-w- C:\Windows\system32\drivers\aswRdr.sys
2011-04-16 12:12:08 . 2011-04-18 17:13:13 64344 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2011-04-16 12:11:49 . 2011-04-18 17:25:12 40112 ----a-w- C:\Windows\avastSS.scr
2011-04-16 12:11:49 . 2011-04-18 17:25:10 199304 ----a-w- C:\Windows\SysWow64\aswBoot.exe
2011-04-16 11:57:31 . 2011-04-18 17:17:26 253784 ----a-w- C:\Windows\system32\drivers\aswNdis2.sys
2011-04-16 11:57:05 . 2011-02-23 12:34:54 12368 ----a-w- C:\Windows\system32\drivers\aswNdis.sys
2011-04-15 19:51:32 . 2011-04-15 19:51:32 -------- d-----w- C:\Users\Administrator\AppData\Local\ESS
2011-04-15 19:50:54 . 2011-04-15 19:51:24 -------- d-----w- C:\Program Files (x86)\Easy Subtitles Synchronizer
2011-04-15 19:44:01 . 2011-04-15 19:44:01 -------- d-----w- C:\Program Files (x86)\URUSoft
2011-04-15 19:42:15 . 1999-12-17 08:13:04 86016 ----a-w- C:\Windows\unvise32.exe
2011-04-15 19:42:14 . 2011-04-15 19:42:14 -------- d-----w- C:\Program Files (x86)\DivXLand
2011-04-15 18:31:45 . 2011-04-16 10:57:26 -------- d-----w- C:\Users\Administrator\AppData\Roaming\uTorrent
2011-04-15 17:24:30 . 2011-04-15 19:39:47 -------- d-----w- C:\Users\Administrator\AppData\Roaming\AVI ReComp
2011-04-15 15:19:39 . 2011-04-15 15:19:39 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Subversion
2011-04-15 14:16:33 . 2011-04-15 14:16:33 -------- d-----w- C:\Users\Administrator\AppData\Local\Mozilla
2011-04-15 07:05:30 . 2011-04-15 07:05:30 -------- d-----w- C:\Users\Administrator\kbpki
2011-04-15 06:50:37 . 2011-04-16 10:47:23 -------- d-----w- C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2011-04-13 19:59:14 . 2011-04-13 19:59:14 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-04-13 19:59:02 . 2011-04-13 19:59:02 51712 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-04-13 19:58:46 . 2011-04-13 19:58:46 12385280 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-04-06 11:48:36 . 2011-04-24 09:55:27 -------- d-----w- C:\Users\Peta\AppData\Roaming\Media Player Classic
2011-04-06 10:40:34 . 2011-04-06 10:40:34 -------- d-----w- C:\Users\Peta\AppData\Local\CrashRpt
2011-04-06 04:11:44 . 2011-04-06 04:11:44 9323520 ----a-w- C:\Windows\system32\drivers\atikmdag.sys
2011-04-06 02:29:18 . 2011-04-06 02:29:18 22623232 ----a-w- C:\Windows\system32\atio6axx.dll
2011-04-06 02:07:18 . 2011-04-06 02:07:18 17469952 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-04-06 02:03:24 . 2011-04-06 02:03:24 147456 ----a-w- C:\Windows\system32\atiapfxx.exe
2011-04-06 01:59:24 . 2011-04-06 01:59:24 480256 ----a-w- C:\Windows\system32\atieclxx.exe
2011-04-06 01:58:48 . 2011-04-06 01:58:48 203776 ----a-w- C:\Windows\system32\atiesrxx.exe
2011-04-06 01:57:36 . 2011-04-06 01:57:36 120320 ----a-w- C:\Windows\system32\atitmm64.dll
2011-04-06 01:57:14 . 2011-04-06 01:57:14 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-04-06 01:57:02 . 2011-04-06 01:57:02 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-04-06 01:56:56 . 2011-04-06 01:56:56 16384 ----a-w- C:\Windows\system32\atimuixx.dll
2011-04-06 01:56:52 . 2011-04-06 01:56:52 59392 ----a-w- C:\Windows\system32\atiedu64.dll
2011-04-06 01:56:48 . 2011-04-06 01:56:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-04-06 01:44:52 . 2011-04-06 01:44:52 5086208 ----a-w- C:\Windows\system32\atidxx64.dll
2011-04-06 01:42:14 . 2011-04-06 01:42:14 51200 ----a-w- C:\Windows\system32\aticalrt64.dll
2011-04-06 01:42:12 . 2011-04-06 01:42:12 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-04-06 01:42:04 . 2011-04-06 01:42:04 44544 ----a-w- C:\Windows\system32\aticalcl64.dll
2011-04-06 01:42:02 . 2011-04-06 01:42:02 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-04-06 01:41:50 . 2011-04-06 01:41:50 7467008 ----a-w- C:\Windows\system32\aticaldd64.dll
2011-04-06 01:38:50 . 2011-04-06 01:38:50 6098432 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-04-06 01:35:00 . 2011-04-06 01:35:00 4256768 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-04-06 01:34:38 . 2011-04-06 01:34:38 1208320 ----a-w- C:\Windows\system32\atiumd6v.dll
2011-04-06 01:34:16 . 2011-04-06 01:34:16 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-04-06 01:26:40 . 2011-04-06 01:26:40 3631616 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-04-06 01:22:04 . 2011-04-06 01:22:04 14848 ----a-w- C:\Windows\system32\atig6pxx.dll
2011-04-06 01:22:00 . 2011-04-06 01:22:00 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-04-06 01:22:00 . 2011-04-06 01:22:00 12800 ----a-w- C:\Windows\system32\atiglpxx.dll
2011-04-06 01:21:56 . 2011-04-06 01:21:56 39936 ----a-w- C:\Windows\system32\atig6txx.dll
2011-04-06 01:21:50 . 2011-04-06 01:21:50 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-04-06 01:21:42 . 2011-04-06 01:21:42 304128 ----a-w- C:\Windows\system32\drivers\atikmpag.sys
2011-04-06 01:20:58 . 2011-04-06 01:20:58 40448 ----a-w- C:\Windows\system32\atiuxp64.dll
2011-04-06 01:20:04 . 2011-04-06 01:20:04 53248 ----a-w- C:\Windows\system32\drivers\ati2erec.dll
2011-04-06 01:13:22 . 2011-04-06 01:13:22 53760 ----a-w- C:\Windows\system32\atimpc64.dll
2011-04-06 01:13:22 . 2011-04-06 01:13:22 53760 ----a-w- C:\Windows\system32\amdpcom64.dll
2011-04-06 01:13:16 . 2011-04-06 01:13:16 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-04-06 01:13:16 . 2011-04-06 01:13:16 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-04-05 20:09:50 . 2011-04-05 20:09:50 61952 ----a-w- C:\Windows\system32\OVDecode64.dll
2011-04-05 20:09:34 . 2011-04-05 20:09:34 53760 ----a-w- C:\Windows\system32\OpenCL.dll
2011-04-05 20:09:22 . 2011-04-05 20:09:22 16116224 ----a-w- C:\Windows\system32\amdocl64.dll
2011-04-05 12:04:06 . 2011-04-05 12:07:30 -------- d-----w- C:\Users\Peta\AppData\Local\Expert
2011-04-05 08:30:50 . 2011-04-05 08:30:50 -------- d-----w- C:\ProgramData\Ubisoft
2011-04-05 05:19:23 . 2011-04-05 05:19:23 -------- d-----w- C:\Users\Peta\AppData\Roaming\PunkBuster
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-04-18 17:25:00 . 2011-03-29 13:42:24 253888 ----a-w- C:\Windows\system32\aswBoot.exe
2011-04-06 02:03:14 . 2010-08-26 02:01:04 671744 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-04-06 02:02:00 . 2010-07-07 01:53:20 788480 ----a-w- C:\Windows\system32\aticfx64.dll
2011-04-06 01:59:32 . 2011-01-26 22:56:30 462848 ----a-w- C:\Windows\system32\ATIDEMGX.dll
2011-04-06 01:57:20 . 2011-01-26 22:54:00 423424 ----a-w- C:\Windows\system32\atipdl64.dll
2011-04-06 01:53:34 . 2010-08-26 01:52:22 4307968 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-04-06 01:34:04 . 2011-01-26 22:32:00 3421184 ----a-w- C:\Windows\system32\atiumd6a.dll
2011-04-06 01:29:00 . 2011-01-26 22:21:58 5408256 ----a-w- C:\Windows\system32\atiumd64.dll
2011-04-06 01:28:02 . 2010-03-03 03:23:52 58880 ----a-w- C:\Windows\system32\coinst.dll
2011-04-06 01:22:20 . 2009-12-18 16:23:22 361984 ----a-w- C:\Windows\system32\atiadlxx.dll
2011-04-06 01:22:12 . 2010-11-26 02:17:20 258048 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-04-06 01:20:52 . 2010-08-26 01:20:08 31232 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-04-06 01:20:46 . 2011-01-26 22:12:32 38912 ----a-w- C:\Windows\system32\atiu9p64.dll
2011-04-06 01:20:38 . 2010-04-07 01:22:30 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-04-05 05:19:29 . 2010-03-16 15:57:05 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-04-05 05:19:23 . 2010-03-16 15:57:03 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-03-28 12:22:06 . 2011-03-28 12:22:06 14544 ----a-w- C:\Windows\SysWow64\drivers\hmonitor45.sys
2011-03-18 11:44:47 . 2011-03-18 11:44:43 2048 ----a-w- C:\Windows\SysWow64\winver.exe
2011-03-18 11:44:46 . 2011-03-18 11:44:43 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2011-03-18 11:44:45 . 2011-03-18 11:44:43 410624 ----a-w- C:\Windows\SysWow64\systemcpl.dll
2011-03-18 11:44:44 . 2011-03-18 11:44:43 1536 ----a-w- C:\Windows\SysWow64\sppcomapi.dll
2011-03-18 11:44:43 . 2011-03-18 11:44:43 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
2011-03-11 13:48:08 . 2011-03-11 13:48:08 687104 ----a-w- C:\Windows\yowindow.scr
2011-03-05 08:09:35 . 2011-03-05 08:09:35 33344 ----a-w- C:\Windows\system32\drivers\hamachi.sys
2011-03-02 17:59:09 . 2009-08-18 11:49:26 564632 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
2011-03-02 17:59:06 . 2009-08-18 10:24:10 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-05 20:42:26 . 2010-03-14 18:07:14 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll
2011-02-02 20:40:23 . 2011-03-23 18:11:58 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-10-01 00:11:56 . 2011-03-09 20:53:56 462112 ----a-w- C:\Program Files (x86)\Common Files\ZugoInstaller.exe


------- Sigcheck -------

[7] 2009-07-14 01:41:56 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 01:41:56 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\system32\user32.dll

[-] 2011-03-18 11:44:46 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\SysWOW64\user32.dll
[7] 2009-07-14 01:11:24 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

((((((((((((((((((((((((((((( SnapShot@2011-04-30_17.20.58 )))))))))))))))))))))))))))))))))))))))))

- 2009-07-14 04:54:17 . 2011-04-30 17:20:16 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2011-04-30 20:39:47 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2011-04-30 17:20:16 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2011-04-30 20:39:47 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2011-04-30 17:20:16 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54:17 . 2011-04-30 20:39:47 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 05:10:35 . 2011-04-30 13:05:15 44736 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2011-04-30 20:27:44 44736 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-18 16:29:11 . 2011-04-30 20:27:44 24704 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3772232233-1002815925-119122930-1000_UserData.bin
+ 2011-04-30 20:38:46 . 2011-04-30 20:38:46 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-04-30 17:19:09 . 2011-04-30 17:19:09 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-04-30 17:19:09 . 2011-04-30 17:19:09 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-04-30 20:38:46 . 2011-04-30 20:38:46 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-18 16:44:32 . 2011-04-30 20:27:44 118908 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:01:48 . 2011-04-30 17:16:21 622948 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01:48 . 2011-04-30 20:37:39 622948 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34:08 . 2011-04-30 13:19:58 10485760 C:\Windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34:08 . 2011-04-30 20:36:25 10485760 C:\Windows\system32\SMI\Store\Machine\schema.dat
+ 2011-03-05 10:58:19 . 2011-04-30 20:37:40 25633105 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3772232233-1002815925-119122930-1000-8192.dat

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-06-05 17:01:26 85712 ----a-w- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe" [2011-04-15 18:32:30 399736]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 09:16:20 357696]
"CursorFX"="C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe" [2010-03-23 14:17:43 417280]
"Advanced SystemCare 4"="D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe" [2011-04-22 13:08:52 402832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QFan Help"="C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-08-19 15:44:56 603136]
"T Probe"="C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" [2009-10-20 14:52:32 4010496]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 10:32:34 2472048]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-04-18 17:25:12 3460784]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-05 20:10:36 336384]

C:\Users\Peta\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\StartUp\
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe [2010-11-3 4360896]
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe [2011-3-11 742912]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster^32*Registry: HKLM:RUN

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaMessenger^Registry: HKCU:RUN]
2010-12-15 13:35:18 3328344 ----a-w- C:\Program Files (x86)\Garena Messanger\GarenaMessenger.exe

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"ATICustomerCare"="C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

R0 acs6ntm;acs6ntm;C:\Windows\system32\DRIVERS\acs6ntm.sys [x]
R1 ntiomin;ntiomin; [x]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-04-18 17:25:09 121000]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\lgandadb.sys [x]
R3 cglptnt;cglptnt;C:\totalcmd\cglptnt.sys [2009-09-24 06:50:10 7888]
R3 ENTECH64;ENTECH64;C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12:14:00 12744]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 10:10:02 3276800]
R3 kvnet;Kerio Virtual Network Adapter;C:\Windows\system32\DRIVERS\kvnet.sys [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 20:20:56 174440]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:34:24 4925184]
R3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-03-12 14:41:31 19952]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);C:\Windows\system32\DRIVERS\RtVlan60.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 15:33:02 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 15:33:06 369688]
S0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ElRawDisk;ElRawDisk;C:\Windows\system32\drivers\ElRawDsk.sys [x]
S1 Hmonitor45;Hmonitor45;C:\Windows\SysWOW64\drivers\hmonitor45.sys [2011-03-28 12:22:06 14544]
S2 AdvancedSystemCareService;Advanced SystemCare Service;D:\Optimalizace\Advanced SystemCare 4\ASCService.exe [2011-04-22 13:08:52 352656]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 11:56:38 90112]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz133;cpuz133;C:\Windows\system32\drivers\cpuz133_x64.sys [x]
S2 CrossLoopService;CrossLoop Service;C:\Users\Peta\AppData\Local\CrossLoop\CrossLoopService.exe [2010-03-15 11:24:06 560792]
S2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 14:25:02 319488]
S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 16:09:10 1253376]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 13:41:12 2111368]
S2 IOCBIOS;IOCBIOS;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS [2009-07-09 09:53:00 27096]
S2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-10-12 10:08:06 724152]
S2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-10-12 10:08:06 724152]
S2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 15:51:05 2253688]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;C:\Windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;C:\Windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;C:\Windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys [x]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);C:\Windows\system32\DRIVERS\RtTeam60.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28:20 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe


--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25:00 134384 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12:56 98056 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12:56 98056 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12:56 98056 ----a-w- C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="C:\ComboFix\CF4777.cfxxe" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

------- Doplňkový sken -------

uLocal Page = C:\Windows\SYSTEM32\blank.htm
mLocal Page = C:\Windows\SYSTEM32\blank.htm
IE: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
LSP: C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll
FF - ProfilePath - C:\Users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\kiqze7em.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.buzqo.com/?cfg=2-401-0-...
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - user.js: browser.blink_allowed - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autoFill - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.urlbar.hideGoButton - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

HIJACK:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:45:28, on 30.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Game Booster\GameBox.exe
D:\Optimalizace\Advanced SystemCare 4\PMonitor.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files (x86)\uTorrent\utorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
C:\Users\Peta\Desktop\Download\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [T Probe] "C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] "D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\speedbit video accelerator\sblsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - D:\Optimalizace\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Peta\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - (no file)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: uvnc_service - UltraVNC - C:\Users\Peta\AppData\Local\CrossLoop\winvnc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoAcceleratorService - SpeedBit Ltd. - C:\PROGRA~2\SpeedBit Video Accelerator\VideoAcceleratorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility (XTUService) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe

--
End of file - 9943 bytes

[Žbeky]

Spusť services.msc a najdi a zastav/zakaž tyto služby:
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - (no file)

Aktualizuj Avast na nejnovější verzi

Jak se chová PC?

[Clorky]

Hotovo, PC je zase trocha čistější, ještě něco? Mám to projet T-cleanerem a CCleanerem?

[Žbeky]

JJ, jako vždy

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Pokud nebudou už problémy, tak potom dej vyřešeno

[Clorky]

Ok, ještě naposledy Ti mnohokrát děkuji za pomoc.