Pomalý Notebook

[Cooper7371]

Dobrý den zdá se mi pomalý ntb při načítání atd....takže jsem se rozhodl že stím něco udělaám tak jsem se rozhodl že to projedu ComboFixem takže přikládám LOg s combofixu:


ComboFix 12-03-08.04 - Marek 08.03.2012 23:07:43.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2442 [GMT 1:00]
Spuštěný z: c:\users\Marek\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Marek\AppData\Local\TempDIR
c:\users\Marek\AppData\Local\TempDIR\BetterInstaller.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-08 do 2012-03-08 )))))))))))))))))))))))))))))))
.
.
2012-03-08 22:20 . 2012-03-08 22:20 0 ----a-w- c:\windows\SysWow64\sho2AC4.tmp
2012-03-08 22:18 . 2012-03-08 22:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-07 22:44 . 2012-03-07 22:44 -------- d-----w- c:\program files (x86)\Gameforge4D
2012-03-07 20:59 . 2012-03-07 20:59 -------- d-----w- c:\users\Marek\AppData\Roaming\InstallShield
2012-03-05 18:04 . 2012-03-05 18:06 -------- d-----w- c:\programdata\InstallBrainService
2012-03-05 18:04 . 2012-03-05 18:04 -------- d-----w- c:\program files (x86)\SpecialSavings
2012-03-04 19:47 . 2012-03-04 21:56 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-03-04 19:47 . 2012-03-04 19:50 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-03-04 17:04 . 2012-03-04 17:04 0 ----a-w- c:\windows\SysWow64\sho65A9.tmp
2012-03-03 17:44 . 2012-03-07 22:10 -------- d-----w- c:\users\Marek\AppData\Roaming\.minecraft
2012-03-03 11:09 . 2012-03-03 11:09 -------- d-----w- c:\program files\Paint.NET
2012-03-03 11:08 . 2012-03-04 18:19 -------- d-----w- c:\users\Marek\AppData\Local\Paint.NET
2012-03-02 21:59 . 2012-03-02 21:59 0 ----a-w- c:\windows\SysWow64\sho8954.tmp
2012-03-02 18:57 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-03-01 17:09 . 2012-03-01 17:09 0 ----a-w- c:\windows\SysWow64\shoAF36.tmp
2012-03-01 15:59 . 2012-03-01 16:10 -------- d-----w- c:\users\Marek\AppData\Roaming\Hamachi
2012-02-27 16:43 . 2012-02-27 16:43 -------- d-----w- c:\users\Marek\AppData\Roaming\QuickStoresToolbar
2012-02-27 16:43 . 2012-02-27 16:43 -------- d-----w- c:\program files (x86)\Unlocker
2012-02-25 12:21 . 2012-02-25 12:21 -------- d-----w- c:\program files (x86)\mark
2012-02-25 12:20 . 2012-02-25 12:20 -------- d---a-w- c:\program files (x86)\screenshot
2012-02-25 12:20 . 2012-02-25 12:20 -------- d---a-w- c:\program files (x86)\upload
2012-02-25 11:59 . 2012-02-25 11:59 -------- d---a-w- c:\program files (x86)\miles
2012-02-25 11:59 . 2012-02-25 11:59 -------- d---a-w- c:\program files (x86)\lib
2012-02-25 11:59 . 2012-02-25 12:20 -------- d---a-w- c:\program files (x86)\pack
2012-02-25 11:59 . 2012-02-25 11:59 -------- d-----w- c:\program files (x86)\bgm
2012-02-23 17:36 . 2012-02-23 17:36 0 ----a-w- c:\windows\SysWow64\sho1566.tmp
2012-02-22 20:26 . 2012-02-22 20:26 0 ----a-w- c:\windows\SysWow64\sho19E9.tmp
2012-02-21 19:44 . 2012-03-08 21:59 -------- d-----w- c:\program files (x86)\Google
2012-02-21 19:43 . 2012-02-21 19:44 -------- d-----w- c:\users\Marek\AppData\Local\Google
2012-02-18 09:42 . 2012-02-18 09:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-02-16 19:52 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 19:52 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-16 19:52 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 19:52 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-16 19:52 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 19:52 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 19:52 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 19:52 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-15 16:39 . 2012-02-23 18:36 -------- d-----w- c:\program files (x86)\JoWooD
2012-02-12 18:54 . 2012-02-12 18:54 0 ----a-w- c:\windows\SysWow64\shoB150.tmp
2012-02-11 21:24 . 2012-02-11 21:24 -------- d-----w- c:\program files (x86)\Codec Pack - All In 1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 19:39 . 2011-12-11 09:56 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-18 09:41 . 2011-12-10 20:38 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-03 17:48 . 2012-02-03 17:48 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-01-26 23:52 . 2011-12-03 20:19 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-24 20:58 . 2012-01-24 20:58 0 ----a-w- c:\windows\SysWow64\sho57AA.tmp
2012-01-08 10:53 . 2012-01-08 10:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-08 10:53 . 2012-01-08 10:53 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-07 22:21 . 2012-01-07 22:21 0 ----a-w- c:\windows\SysWow64\sho559D.tmp
2012-01-06 15:32 . 2012-01-06 15:32 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-06 05:15 . 2012-02-03 12:35 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12792918-B298-40EF-96F8-1BC97B552A98}\mpengine.dll
2012-01-05 16:16 . 2012-01-05 16:16 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-01-05 16:16 . 2012-01-05 16:16 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-01-05 16:16 . 2012-01-05 16:16 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-05 16:16 . 2012-01-05 16:16 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-05 16:16 . 2012-01-05 16:16 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-01-05 16:16 . 2012-01-05 16:16 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-05 16:16 . 2012-01-05 16:16 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-01-05 16:16 . 2012-01-05 16:16 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-01-05 16:16 . 2012-01-05 16:16 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-01-05 16:16 . 2012-01-05 16:16 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-01-05 16:16 . 2012-01-05 16:16 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-01-05 16:16 . 2012-01-05 16:16 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-05 16:16 . 2012-01-05 16:16 448512 ----a-w- c:\windows\system32\html.iec
2012-01-05 16:16 . 2012-01-05 16:16 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-01-05 16:16 . 2012-01-05 16:16 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-01-05 16:16 . 2012-01-05 16:16 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-01-05 16:16 . 2012-01-05 16:16 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-01-05 16:16 . 2012-01-05 16:16 222208 ----a-w- c:\windows\system32\msls31.dll
2012-01-05 16:16 . 2012-01-05 16:16 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-05 16:16 . 2012-01-05 16:16 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-01-05 16:16 . 2012-01-05 16:16 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-01-05 16:16 . 2012-01-05 16:16 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-01-05 16:16 . 2012-01-05 16:16 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-05 16:16 . 2012-01-05 16:16 12288 ----a-w- c:\windows\system32\mshta.exe
2012-01-05 16:16 . 2012-01-05 16:16 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-01-05 16:16 . 2012-01-05 16:16 114176 ----a-w- c:\windows\system32\admparse.dll
2012-01-05 16:16 . 2012-01-05 16:16 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-05 16:16 . 2012-01-05 16:16 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-01-05 16:16 . 2012-01-05 16:16 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-01-05 16:16 . 2012-01-05 16:16 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-01-05 16:16 . 2012-01-05 16:16 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-01-05 16:16 . 2012-01-05 16:16 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-05 16:16 . 2012-01-05 16:16 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-01-05 16:16 . 2012-01-05 16:16 160256 ----a-w- c:\windows\system32\wextract.exe
2012-01-04 18:33 . 2012-01-04 18:34 637848 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-01-03 17:26 . 2012-01-03 17:26 556773293 ----a-w- C:\BF2_Patch_1.4.exe
2012-01-02 17:11 . 2012-01-02 17:10 2067515943 ----a-w- C:\BF2_Patch_1.50.exe
2011-12-30 08:42 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-12-30 08:42 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-12-10 20:51 . 2011-12-10 20:51 158056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10139.bin
2011-12-10 17:39 . 2011-12-10 17:39 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-12-07 15:55 1312560 ----a-w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-12-07 1312560]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Akamai NetSession Interface"="c:\users\Marek\AppData\Local\Akamai\netsession_win.exe" [2012-02-02 3329824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-04-05 94264]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-02-11 76344]
"GIGABYTEMOUSE"="c:\program files (x86)\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe" [2009-11-26 1278464]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2011-12-05 114992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe" [2012-03-07 327680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2011-02-03 464480]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1305000.091\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1305000.091\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-03-02 1157240]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1305000.091\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120307.002\IDSvia64.sys [2012-03-06 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1305000.091\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1305000.091\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-02-21 8704]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 InstallBrainService;InstallBrain Updater Service;c:\programdata\InstallBrainService\ibsvc.exe [2012-03-05 334264]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe [2011-11-29 138248]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-19 138360]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 19:43]
.
2012-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 19:43]
.
2012-03-02 c:\windows\Tasks\HPCeeScheduleForMAREK-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-03-04 c:\windows\Tasks\HPCeeScheduleForMarek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"combofix"="c:\combofix\CF18592.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bigseekpro.com/driveridentifier/{BE5522CE-3FF7-456C-895C-365358746DC4}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files (x86)\SpecialSavings\SpecialSavingsSinged.dll
TCP: DhcpNameServer = 10.10.10.10 10.10.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.5.0.145\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4177562388-4207584805-3473762189-1002\Software\SecuROM\License information*]
"datasecu"=hex:9b,61,a3,2d,62,1d,1a,16,3d,46,b0,73,22,08,43,8f,a4,57,56,fe,db,
10,c0,f7,bb,99,e9,ed,81,fa,3b,51,88,58,db,98,a2,3a,4f,9f,e1,f7,b7,9f,cf,d1,\
"rkeysecu"=hex:81,0a,36,cb,6a,64,23,54,29,5f,cb,d0,90,d3,b5,83
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
.
**************************************************************************
.
Celkový čas: 2012-03-08 23:36:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-08 22:36
.
Před spuštěním: Volných bajtů: 531 042 598 912
Po spuštění: Volných bajtů: 531 596 906 496
.
- - End Of File - - AFC51EF0418283135958ADAC20B2B375

[Reklama]

[jaro3]

Kdo Ti radil hned Combofix????

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Cooper7371]

nidko jen vím že je to na viry tak jsem to skusil :)

[Žbeky]

Pokud jsi takový odborník, že si spouštíš a ordinuješ sám combofix, pak si to jistě dokážeš i sám zkontrolovat ne?

[Cooper7371]

hmm.. to bohužel ne mám sice základy ale neumím to zkontrolovat proto jsem to sem dal ne?.............

[memphisto]

A pak na nás budeš svádět, že se ti sesypal počítač...

Udělej co píše jaro3

[Cooper7371]

Hele tak jsm to vyřešil vymazal jsem google toolbar a Skype a běží to jako švýcarský hodinky :)

[Žbeky]

Bordel tam ale máš tak jako tak, dodej ty logy

[Cooper7371]

Z HiJackThis?

[Žbeky]

Kdo Ti radil hned Combofix????

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Cooper7371]

A nevíš jak dlouho ten Log z HiJackThis trvá nemám zrovna moc času

[jaro3]

Pár sekund..