Prosím o preventivní kontrolu logu, díky

[gazebo]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:05, on 23.10.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kalendar\kalendar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\NetMeter\NetMeter.exe
C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
C:\Program Files (x86)\Seznam.cz\postak.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\JetAudio\JetAudio.exe
D:\Staženo\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ConvertionOneIE - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O2 - BHO: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O3 - Toolbar: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~2\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [ASUS AI Direct Link Command Execute] C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Kalendar] C:\Program Files (x86)\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] C:\Program Files (x86)\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [StrmServer.exe] C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
O4 - HKCU\..\Run: [Flock Update] "C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" /c
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe" delay 20000 -m
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\postak.exe" -s
O4 - Global Startup: EasySetPackage.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Vyhledat aktualizace.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D41D8438-AEE6-435D-91BA-3F7623063028}: NameServer = 95.173.194.1,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14426 bytes

[Reklama]

[Žbeky]

Nějaké problémy?

Odinstaluj:
CENZURA toolbar
Spigot
Spybot S&D

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O2 - BHO: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O3 - Toolbar: CENZURA Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\CENZURA Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Flock Update] "C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" /c
O4 - Global Startup: Vyhledat aktualizace.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[gazebo]

Tady je novej log z HJT , nektery veci po odinstalovani Youtube down toolbar od Spigotu a Spybot uz nebyly v registrech, takze nebylo co fixnout ale jinak udelano dle rady.
ATF cleaner mi z uvedeneho odkazu stahnout nejde a MBAM udelam a pak sem vlozim log. Jdu pohledat ten ATF jinam.
Zatim diky.
Sem tam PC zamrzne a nechce se mu delat, je to sice jen obcas ale i tak me to vadi, proto jsem tady .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:12:21, on 23.10.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kalendar\kalendar.exe
C:\Program Files (x86)\NetMeter\NetMeter.exe
C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
C:\Program Files (x86)\Seznam.cz\postak.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
D:\Staženo\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.aom/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ConvertionOneIE - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~2\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [ASUS AI Direct Link Command Execute] C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Kalendar] C:\Program Files (x86)\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] C:\Program Files (x86)\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [StrmServer.exe] C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
O4 - HKCU\..\Run: [Flock Update] "C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" /c
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe" delay 20000 -m
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\postak.exe" -s
O4 - Global Startup: EasySetPackage.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Vyhledat aktualizace.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D41D8438-AEE6-435D-91BA-3F7623063028}: NameServer = 95.173.194.1,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12523 bytes

[gazebo]

Tak, ATF cleanerem jsem to projel.
MBAM mi na konci skenu vyhodil rovnou log (udelal jsem rychlej a pak i uplnej neb jsem mel cas), na nic se me neptal.
Tady je :

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Verze databáze: 8007

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

23.10.2011 23:54:54
mbam-log-2011-10-23 (23-54-54).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 363269
Uplynulý čas: 55 minut, 35 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[gazebo]

A jeste , ten pctv co se tam tvari tak divne je usb tv od pinnaclu, tuten http://www.alza.cz/pinnacle-pctv-nano-s ... 238673.htm

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

[gazebo]

Log z ComboFixu je zde

ComboFix 11-10-24.05 - Petr 25.10.2011 15:04:13.3.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2226 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-25 do 2011-10-25 )))))))))))))))))))))))))))))))
.
.
2011-10-25 13:08 . 2011-10-25 13:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-10-25 13:08 . 2011-10-25 13:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-24 20:28 . 2011-10-24 20:28 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2011-10-23 20:15 . 2011-10-23 20:15 -------- d-----w- c:\users\Petr\AppData\Local\Apps
2011-10-21 06:20 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD23816A-2605-4562-ADFF-AA3F427A1D72}\mpengine.dll
2011-10-18 10:56 . 2011-10-18 10:56 -------- d-----w- c:\users\Petr\AppData\Roaming\Avira
2011-10-18 10:56 . 2011-10-11 13:00 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-18 10:56 . 2011-10-11 13:00 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-18 10:56 . 2011-10-11 13:00 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-18 10:55 . 2011-10-18 10:55 -------- d-----w- c:\programdata\Avira
2011-10-18 10:55 . 2011-10-18 10:55 -------- d-----w- c:\program files (x86)\Avira
2011-10-14 21:19 . 2011-10-22 03:08 -------- d-----w- c:\program files (x86)\CENZURA
2011-10-12 07:53 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 07:53 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 07:53 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 07:53 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 07:53 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 07:53 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 07:53 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 07:53 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-12 07:53 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-11 13:55 . 2011-10-11 13:55 -------- d-----w- c:\users\Petr\AppData\Local\uTorrent
2011-10-06 21:18 . 2011-10-06 21:18 -------- d-----w- c:\programdata\McAfee
2011-10-05 08:36 . 2011-10-05 08:37 -------- d-----w- c:\program files (x86)\Calibre2
2011-10-05 08:09 . 2011-10-05 08:09 -------- d-----w- c:\users\Petr\AppData\Roaming\Softplicity
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- c:\windows\SysWow64\Nexus Radio
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- c:\program files (x86)\Nexus Radio
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Plugins
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Saved Files
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Recorded Files
2011-10-04 21:54 . 2011-10-04 21:54 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-10-04 21:54 . 2011-10-04 21:54 -------- d-----w- c:\programdata\ICQ
2011-10-04 21:54 . 2011-10-11 12:56 -------- d-----w- c:\program files (x86)\ICQ7.6
2011-10-03 07:51 . 2011-09-20 18:13 25048 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll
2011-10-03 07:51 . 2011-09-20 18:13 140248 ----a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll
2011-10-03 07:51 . 2011-09-20 18:13 66520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npnul32.dll
2011-10-03 07:51 . 2011-09-20 18:13 505816 ----a-w- c:\program files (x86)\Mozilla Firefox\sqlite3.dll
2011-10-03 07:51 . 2011-09-20 18:13 1015256 ----a-w- c:\program files (x86)\Mozilla Firefox\js3250.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-06 21:18 . 2011-05-15 05:34 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-31 15:00 . 2011-08-24 05:58 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-19 19:32 . 2011-08-19 19:32 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-19 19:32 . 2011-08-19 19:32 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-08-19 19:32 . 2011-08-19 19:32 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-19 19:32 . 2011-08-19 19:32 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-08-03 11:50 . 2011-09-09 20:52 7254632 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:50 . 2011-09-09 20:52 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:50 . 2011-09-09 20:52 6613096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-08-03 11:50 . 2011-09-09 20:52 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-03 11:50 . 2011-09-09 20:52 5404776 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-08-03 11:50 . 2011-09-09 20:52 2532456 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:50 . 2011-09-09 20:52 24692840 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:50 . 2011-09-09 20:52 2391656 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-08-03 11:50 . 2011-09-09 20:52 22470248 ----a-w- c:\windows\system32\nvoglv64.dll
2011-08-03 11:50 . 2011-09-09 20:52 2222184 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:50 . 2011-09-09 20:52 2090088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-08-03 11:50 . 2011-09-09 20:52 17193576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-08-03 11:50 . 2011-09-09 20:52 16595560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-08-03 11:50 . 2011-09-09 20:52 1519720 ----a-w- c:\windows\system32\nvdispco64.dll
2011-08-03 11:50 . 2011-09-09 20:52 15064168 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-08-03 11:50 . 2011-09-09 20:52 1453160 ----a-w- c:\windows\system32\nvgenco64.dll
2011-08-03 11:50 . 2011-09-09 20:52 12909672 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-08-03 11:50 . 2011-05-21 04:01 2758760 ----a-w- c:\windows\system32\nvapi64.dll
2011-08-03 11:50 . 2011-05-21 04:01 2412136 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-08-03 11:50 . 2011-05-21 04:01 12636776 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-08-03 11:50 . 2011-02-22 23:39 836200 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-08-03 11:50 . 2011-02-22 23:39 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-02-22 23:39 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-08-03 11:50 . 2011-02-22 23:38 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-02-22 23:38 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2010-07-09 22:38 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2010-07-09 15:17 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2010-07-09 15:17 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 01:31 . 2011-08-03 01:31 311912 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-07-29 04:34 . 2011-07-29 04:34 689664 ----a-w- c:\windows\yowindow.scr
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-25_12.18.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-06 11:57 . 2011-10-25 13:02 69644 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-10-25 11:55 35998 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-10-25 13:02 35998 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-06 11:27 . 2011-10-25 13:02 13970 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2423634793-1885066234-3914865528-1000_UserData.bin
- 2011-10-25 12:17 . 2011-10-25 12:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-25 13:09 . 2011-10-25 13:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-10-25 12:17 393244 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-25 13:08 393244 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-02 05:32 . 2011-10-25 13:08 5902192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-12288.dat
- 2011-05-02 05:32 . 2011-10-25 08:09 5902192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-12288.dat
+ 2010-12-09 01:05 . 2011-10-25 13:08 11044212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-8192.dat
- 2010-12-09 01:05 . 2011-10-25 12:17 11044212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}]
2011-06-22 03:02 252832 ----a-w- c:\program files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kalendar"="c:\program files (x86)\Kalendar\kalendar.exe" [2005-11-09 580608]
"c:\program files (x86)\NetMeter\NetMeter.exe"="c:\program files (x86)\NetMeter\NetMeter.exe" [2009-08-09 293888]
"StrmServer.exe"="c:\program files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe" [2010-12-21 746768]
"Flock Update"="c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" [2011-02-08 136312]
"RemoTerm.exe"="c:\program files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [2010-06-10 226576]
"PowerSuite"="c:\program files (x86)\Uniblue\PowerSuite\launcher.exe" [2010-08-30 67448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Seznam Postak"="c:\program files (x86)\Seznam.cz\postak.exe" [2010-10-07 488728]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"MediaKey"="c:\progra~2\MediaKey\MMKeybd.EXE" [2003-01-17 172032]
"ASUS AI Direct Link Command Execute"="c:\program files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe" [2010-05-18 383104]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-07-19 234792]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
EasySetPackage.lnk - c:\program files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2010-11-12 159744]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-8-1 1207312]
Vyhledat aktualizace.lnk - c:\program files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176]
R3 LGDDCDevice;LGDDCDevice; [x]
R3 LGII2CDevice;LGII2CDevice; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/08/20 21:35];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-07-19 18:34 148976]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-07-19 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-07-06 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-07-06 312616]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-07-19 75248]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-08-11 40960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [x]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 MODRC;PCTV Dib Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-24 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000Core.job
- c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe [2011-02-08 21:01]
.
2011-10-25 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000UA.job
- c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe [2011-02-08 21:01]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 10:32]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 10:32]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000Core.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 06:50]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000UA.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 06:50]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}]
2011-06-22 03:02 296352 ----a-w- c:\program files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ocs_SM"="c:\users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-08-11 106496]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&u ... um=generic
uLocal Page = c:\windows\SYSTEM32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: Interfaces\{D41D8438-AEE6-435D-91BA-3F7623063028}: NameServer = 95.173.194.1,8.8.8.8
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\4kn1o64j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.3.4&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\6.0\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Noia 2.0 eXtreme OPT: noia2_option@kk.noia - %profile%\extensions\noia2_option@kk.noia
FF - Ext: Platinum Hide IP: support@platinumhideip.com - %profile%\extensions\support@platinumhideip.com
FF - Ext: Google Translator for Firefox: translator@zoli.bod - %profile%\extensions\translator@zoli.bod
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF - Ext: Forecastfox: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Rapidlibrary Search ToolBar: {2832ABCD-4444-1012-2D45-132D5447C445} - %profile%\extensions\{2832ABCD-4444-1012-2D45-132D5447C445}
FF - Ext: Qute: {36C13C8F-54F1-412e-8177-2E411719162D} - %profile%\extensions\{36C13C8F-54F1-412e-8177-2E411719162D}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: Walnut for Firefox: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} - %profile%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Nautipolis for Firefox: {6C4BAFB6-2AC2-4405-A98D-546B55B3AE92} - %profile%\extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Noia Fox: {7b90e860-5d61-11e0-80e3-0800200c9a66} - %profile%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: mediaplayerconnectivity: {84b24861-62f6-364b-eba5-2e5e2061d7e6} - %profile%\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
FF - Ext: Noia 2.0 (eXtreme): {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} - %profile%\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: myFireFox: {e213bb8f-8ebd-11db-96b7-005056c00008} - %profile%\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-connections-per-server - 8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="4253F4DF71C76A02202BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933FEBC9E127BECC74C5D575E7D6A3B980801B5B911C30E9C27A25BF8B54D3554F077BA68BD18E36EC5699A2B6C63C51A63CDC75400898A1CA1BAADBB3678F284409FE9265EF8013D3E3E83B47BC826684763232CF5848F8CAB7D660960DA798D6B783B65489916FE5171CDAA980486B99EB68A960EFE5D4EC2162A14B684B73FA880525708ED640D0DF6BDDA7B8D1914EFCF0420C918B63608C1E1C22559245A5149985F10BFB2B825D4DE47C034947567CADB850EC2638D40513832F7113616E379BC17B8AB4AC36FA77EA56598B4CCD4D620B921C43091D3A99E3160386B1B81CB2FC9BA237764E69CAF5E4EB2377FACB92564B0B96B734FC5C744F32EC408708DA4F935E98DC72C7948904349DEE2854B02DE4E10E85765B02DA12CA5456E9A22965BA919618B7F93E18CED7CF2C59DF790B7EC8B0157E88C8B356628F5D50EFDC1D47F1DCB434A575BD7DFBBBDE752BF713264C10E7FD48FE09EE31065B6FD2E28058037ACF415C2D52D0BCF0CFB28B68644721D71514302F1324A0EA17F3D4E0FBB5CFCE39C11EAB878C65034AAC8057718B7DE0EC278C0487623A44292C792FD7CA3D557A810752D5CCF2C0A8F7DE7B08D36964B3BD6BD2FA6DBAD5C463C404302CC7FF0FC089FA12E44A469BBB82F5F36592D9598E87E36B345D28F635B32EF37B4891EEF95364977284F30310C3F77D7EBDBDA2C599C334095167B298956D9BC96D9524CF61D19F4E217C16B318F30ED9EB31139FA443DA3E449C349D3AE98E716A800D20FCDCB983FB784D2832E85A70615AEFBC237AFE9321492E866518A403B83A23364D05E09EC44E2C90339B4661A382F9EC84B2B525DF394A312E951826EC9B89722C7949E00A24B23D1E5C14137A791434BE89450AD3779864FB5CFA0FD32C29A97647367EE0DB1A7BA7DF5039F42DAFE290E140C4B83F693B687B13D1E4345C938EDC52416100C13A7D95929F4BA135A684B1560C3CEC3C08544E2B163DBCC2998BF1ACA340E5415A96DBBE6C017445331C548DC87E41F781F68940BC9AB642F754A4186EB3D09D1F3BCB12370B2FED952B8A045EDE548980800BB872EB61FC72E8F51B1C6262F625FDE9077523C56533AEE58102FC683F3EBAE929FD3D71251C32726DF2EA7C951E5FE75B21D37E21A00CAE9EBE84D99CE962A15F7E03A561FDEBC5D57F272679FA8603ED8E6F940F8DA4216349D96D7647A3D84EFDFDE0CF7498FD70FC78E93406BD58E1EAE2E0D32295CE17FB0920F632FC56616BE9BD11772F13DB64353621C97C64D6ED255EDFA69B993146C8413EBEB3685AFD118CE2BED4DF7AEE26FE9103630256798BE0A"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\GPU Boost\GpuBoostServer.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\progra~2\ASUS\AISUIT~1\Sensor\HMSERV~1\aaHM.exe
.
**************************************************************************
.
Celkový čas: 2011-10-25 15:22:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-25 13:22
ComboFix2.txt 2011-10-25 12:31
.
Před spuštěním: Volných bajtů: 184 610 414 592
Po spuštění: Volných bajtů: 184 505 085 952
.
- - End Of File - - 81AC0FF647F0948BDF1415DB264AC6B9

[gazebo]

Crystal Disk Info je zde

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2011/10/25 15:27:44

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- TSSTcorp CDDVDW SH-S223C ATA Device
- WDC WD1002FAEX-00Z3A0 ATA Device
+ ATA Channel 1 (1)
- WDC WD1502FAEX-007BA0 ATA Device
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD1002FAEX-00Z3A0 : 1000.2 GB [0-0-0, pd1]
(2) WDC WD1502FAEX-007BA0 : 1500.3 GB [1-1-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD1002FAEX-00Z3A0
----------------------------------------------------------------------------
Model : WDC WD1002FAEX-00Z3A0
Firmware : 05.01D05
Serial Number : WD-WCATR3897032
Disk Size : 1000.2 GB (8.4/137.4/1000.2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 2042 hod.
Power On Count : 831 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 169 168 _21 0000000011C6 Čas na roztočení ploten
04 100 100 __0 000000000344 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000007FA Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000033F Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000012 Počet vypnutí disku
C1 200 200 __0 000000000331 Počet cyklů načítání/vymazání
C2 112 105 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000003 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 54
020: 52 33 38 39 37 30 33 32 00 00 00 00 00 32 30 35
030: 2E 30 31 44 30 35 57 44 43 20 57 44 31 30 30 32
040: 46 41 45 58 2D 30 30 5A 33 41 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 0E 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 55 00 55 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 6D B0 74 70 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E2 05 18 F5 5B
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 E2 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68 A5

----------------------------------------------------------------------------
(2) WDC WD1502FAEX-007BA0
----------------------------------------------------------------------------
Model : WDC WD1502FAEX-007BA0
Firmware : 05.01D05
Serial Number : WD-WMAY02425735
Disk Size : 1500.3 GB (8.4/137.4/1500.3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 2930277168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 689 hod.
Power On Count : 243 krát
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 253 253 _21 0000000020BF Čas na roztočení ploten
04 100 100 __0 000000000149 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 100 100 __0 0000000002B1 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 0000000000F3 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000000F Počet vypnutí disku
C1 200 200 __0 000000000139 Počet cyklů načítání/vymazání
C2 114 106 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 59
020: 30 32 34 32 35 37 33 35 00 00 00 00 00 32 30 35
030: 2E 30 31 44 30 35 57 44 43 20 57 44 31 35 30 32
040: 46 41 45 58 2D 30 30 37 42 41 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 0E 00 04 00 44 00 40
0A0: 01 FE 00 00 74 6B 7D 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 72 00 72 00 00 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 7B 30 AE A8 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E6 56 9F E8 1D
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 FE 01 0E 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C A5

[gazebo]

Memtest dopadl take dobre, byl spusten cca 2 hodiny a vysledkem je 0 chyb

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000UA.job

Folder::
c:\programdata\McAfee
c:\program files (x86)\ICQ6Toolbar

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\DRIVERS\avkmgr.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[gazebo]

Omlouvam se za mensi pauzicku.

Tady je log z CF

ComboFix 11-11-01.01 - Petr 01.11.2011 9:40.5.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2229 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.TXT
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-01 do 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-11-01 08:44 . 2011-11-01 08:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-01 08:44 . 2011-11-01 08:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-29 07:13 . 2011-10-29 07:13 -------- d-----w- c:\users\Petr\AppData\Local\Apple
2011-10-28 19:24 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF39A1B1-DA3D-46A5-8145-87A907E7A7A1}\mpengine.dll
2011-10-24 20:28 . 2011-10-24 20:28 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2011-10-23 20:15 . 2011-10-23 20:15 -------- d-----w- c:\users\Petr\AppData\Local\Apps
2011-10-18 10:56 . 2011-10-18 10:56 -------- d-----w- c:\users\Petr\AppData\Roaming\Avira
2011-10-18 10:56 . 2011-10-11 13:00 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-18 10:56 . 2011-10-11 13:00 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-18 10:56 . 2011-10-11 13:00 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-18 10:55 . 2011-10-18 10:55 -------- d-----w- c:\programdata\Avira
2011-10-18 10:55 . 2011-10-18 10:55 -------- d-----w- c:\program files (x86)\Avira
2011-10-14 21:19 . 2011-10-22 03:08 -------- d-----w- c:\program files (x86)\CENZURA
2011-10-12 07:53 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 07:53 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 07:53 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 07:53 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 07:53 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 07:53 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 07:53 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 07:53 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-12 07:53 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-11 13:55 . 2011-10-11 13:55 -------- d-----w- c:\users\Petr\AppData\Local\uTorrent
2011-10-05 08:36 . 2011-10-05 08:37 -------- d-----w- c:\program files (x86)\Calibre2
2011-10-05 08:09 . 2011-10-05 08:09 -------- d-----w- c:\users\Petr\AppData\Roaming\Softplicity
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- c:\windows\SysWow64\Nexus Radio
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- c:\program files (x86)\Nexus Radio
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Plugins
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Saved Files
2011-10-05 06:09 . 2011-10-05 06:09 -------- d-----w- C:\My Recorded Files
2011-10-04 21:54 . 2011-10-04 21:54 -------- d-----w- c:\programdata\ICQ
2011-10-04 21:54 . 2011-10-11 12:56 -------- d-----w- c:\program files (x86)\ICQ7.6
2011-10-03 07:51 . 2011-09-20 18:13 25048 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll
2011-10-03 07:51 . 2011-09-20 18:13 140248 ----a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll
2011-10-03 07:51 . 2011-09-20 18:13 66520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npnul32.dll
2011-10-03 07:51 . 2011-09-20 18:13 505816 ----a-w- c:\program files (x86)\Mozilla Firefox\sqlite3.dll
2011-10-03 07:51 . 2011-09-20 18:13 1015256 ----a-w- c:\program files (x86)\Mozilla Firefox\js3250.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-06 21:18 . 2011-05-15 05:34 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-31 15:00 . 2011-08-24 05:58 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-19 19:32 . 2011-08-19 19:32 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-19 19:32 . 2011-08-19 19:32 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-08-19 19:32 . 2011-08-19 19:32 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-19 19:32 . 2011-08-19 19:32 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-08-03 11:50 . 2011-09-09 20:52 7254632 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:50 . 2011-09-09 20:52 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:50 . 2011-09-09 20:52 6613096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-08-03 11:50 . 2011-09-09 20:52 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-03 11:50 . 2011-09-09 20:52 5404776 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-08-03 11:50 . 2011-09-09 20:52 2532456 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:50 . 2011-09-09 20:52 24692840 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:50 . 2011-09-09 20:52 2391656 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-08-03 11:50 . 2011-09-09 20:52 22470248 ----a-w- c:\windows\system32\nvoglv64.dll
2011-08-03 11:50 . 2011-09-09 20:52 2222184 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:50 . 2011-09-09 20:52 2090088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-08-03 11:50 . 2011-09-09 20:52 17193576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-08-03 11:50 . 2011-09-09 20:52 16595560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-08-03 11:50 . 2011-09-09 20:52 1519720 ----a-w- c:\windows\system32\nvdispco64.dll
2011-08-03 11:50 . 2011-09-09 20:52 15064168 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-08-03 11:50 . 2011-09-09 20:52 1453160 ----a-w- c:\windows\system32\nvgenco64.dll
2011-08-03 11:50 . 2011-09-09 20:52 12909672 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-08-03 11:50 . 2011-05-21 04:01 2758760 ----a-w- c:\windows\system32\nvapi64.dll
2011-08-03 11:50 . 2011-05-21 04:01 2412136 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-08-03 11:50 . 2011-05-21 04:01 12636776 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-08-03 11:50 . 2011-02-22 23:39 836200 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-08-03 11:50 . 2011-02-22 23:39 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-02-22 23:39 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-08-03 11:50 . 2011-02-22 23:38 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-02-22 23:38 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2010-07-09 22:38 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2010-07-09 15:17 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2010-07-09 15:17 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-25_12.18.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-22 20:51 . 2011-07-22 20:51 94208 c:\windows\SysWOW64\dpl100.dll
- 2010-11-12 00:44 . 2010-11-12 00:44 94208 c:\windows\SysWOW64\dpl100.dll
- 2009-07-14 04:54 . 2011-10-23 19:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 19:49 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 19:49 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-23 19:43 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-31 19:49 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-23 19:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-06 11:57 . 2011-11-01 06:23 70048 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-01 06:23 36014 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-06 11:27 . 2011-11-01 06:23 14086 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2423634793-1885066234-3914865528-1000_UserData.bin
- 2009-07-14 05:30 . 2011-10-18 10:56 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-10-31 19:49 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 04:46 . 2011-10-28 19:28 88528 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-06-16 19:25 . 2011-10-25 13:22 3032 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-10-25 12:17 . 2011-10-25 12:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-01 08:45 . 2011-11-01 08:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-11-25 05:32 . 2011-10-31 19:49 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-11-25 05:32 . 2011-10-18 03:04 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 02:36 . 2011-11-01 06:25 616032 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-10-23 07:35 616032 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2011-10-23 07:35 631276 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2011-11-01 06:25 631276 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-10-23 07:35 106412 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-11-01 06:25 106412 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-11-01 06:25 121930 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-10-23 07:35 121930 c:\windows\system32\perfc005.dat
- 2009-07-14 05:30 . 2011-10-18 10:56 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-10-31 19:49 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-10-18 10:56 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-10-31 19:49 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-09-02 19:34 . 2009-09-02 19:34 708168 c:\windows\system32\DriverStore\FileRepository\sa0102adb.inf_amd64_neutral_cdd95df2ee8e8592\amd64\WinUSBCoInstaller.dll
+ 2011-06-20 10:20 . 2011-06-20 10:20 708168 c:\windows\system32\DriverStore\FileRepository\sa0102adb.inf_amd64_neutral_ac427f334844232e\amd64\WinUSBCoInstaller.dll
+ 2009-07-14 05:01 . 2011-11-01 08:44 393244 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-25 12:17 393244 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-09-02 19:34 . 2009-09-02 19:34 1490656 c:\windows\system32\DriverStore\FileRepository\sa0102adb.inf_amd64_neutral_cdd95df2ee8e8592\amd64\WdfCoInstaller01007.dll
+ 2011-06-20 10:20 . 2011-06-20 10:20 1490656 c:\windows\system32\DriverStore\FileRepository\sa0102adb.inf_amd64_neutral_ac427f334844232e\amd64\WdfCoInstaller01007.dll
- 2009-07-14 04:45 . 2011-10-24 04:12 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-10-26 11:48 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-11-08 11:01 . 2011-11-01 08:44 3391272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-05-02 05:32 . 2011-11-01 08:44 6003116 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-12288.dat
+ 2011-07-26 18:36 . 2011-07-26 18:36 1629696 c:\windows\Installer\ffcd1.msi
+ 2010-12-09 01:05 . 2011-11-01 08:44 11048428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2423634793-1885066234-3914865528-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}]
2011-06-22 03:02 252832 ----a-w- c:\program files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kalendar"="c:\program files (x86)\Kalendar\kalendar.exe" [2005-11-09 580608]
"c:\program files (x86)\NetMeter\NetMeter.exe"="c:\program files (x86)\NetMeter\NetMeter.exe" [2009-08-09 293888]
"StrmServer.exe"="c:\program files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe" [2010-12-21 746768]
"Flock Update"="c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" [2011-02-08 136312]
"RemoTerm.exe"="c:\program files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [2010-06-10 226576]
"PowerSuite"="c:\program files (x86)\Uniblue\PowerSuite\launcher.exe" [2010-08-30 67448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Seznam Postak"="c:\program files (x86)\Seznam.cz\postak.exe" [2010-10-07 488728]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"MediaKey"="c:\progra~2\MediaKey\MMKeybd.EXE" [2003-01-17 172032]
"ASUS AI Direct Link Command Execute"="c:\program files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe" [2010-05-18 383104]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-07-19 234792]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
EasySetPackage.lnk - c:\program files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2010-11-12 159744]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-8-1 1207312]
Vyhledat aktualizace.lnk - c:\program files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176]
R3 LGDDCDevice;LGDDCDevice; [x]
R3 LGII2CDevice;LGII2CDevice; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/08/20 21:35];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-07-19 18:34 148976]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-07-19 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-07-06 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-07-06 312616]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-07-19 75248]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-08-11 40960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [x]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 MODRC;PCTV Dib Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-31 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000Core.job
- c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe [2011-02-08 21:01]
.
2011-11-01 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-2423634793-1885066234-3914865528-1000UA.job
- c:\users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe [2011-02-08 21:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}]
2011-06-22 03:02 296352 ----a-w- c:\program files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ocs_SM"="c:\users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-08-11 106496]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&u ... um=generic
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: Interfaces\{D41D8438-AEE6-435D-91BA-3F7623063028}: NameServer = 95.173.194.1,8.8.8.8
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\4kn1o64j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.3.4&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\6.0\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Noia 2.0 eXtreme OPT: noia2_option@kk.noia - %profile%\extensions\noia2_option@kk.noia
FF - Ext: Platinum Hide IP: support@platinumhideip.com - %profile%\extensions\support@platinumhideip.com
FF - Ext: Google Translator for Firefox: translator@zoli.bod - %profile%\extensions\translator@zoli.bod
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF - Ext: Forecastfox: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Rapidlibrary Search ToolBar: {2832ABCD-4444-1012-2D45-132D5447C445} - %profile%\extensions\{2832ABCD-4444-1012-2D45-132D5447C445}
FF - Ext: Qute: {36C13C8F-54F1-412e-8177-2E411719162D} - %profile%\extensions\{36C13C8F-54F1-412e-8177-2E411719162D}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: Walnut for Firefox: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF} - %profile%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Nautipolis for Firefox: {6C4BAFB6-2AC2-4405-A98D-546B55B3AE92} - %profile%\extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Noia Fox: {7b90e860-5d61-11e0-80e3-0800200c9a66} - %profile%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: mediaplayerconnectivity: {84b24861-62f6-364b-eba5-2e5e2061d7e6} - %profile%\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
FF - Ext: Noia 2.0 (eXtreme): {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} - %profile%\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: myFireFox: {e213bb8f-8ebd-11db-96b7-005056c00008} - %profile%\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-connections-per-server - 8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="4253F4DF71C76A02202BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933FEBC9E127BECC74C5D575E7D6A3B980801B5B911C30E9C27A25BF8B54D3554F077BA68BD18E36EC5699A2B6C63C51A63CDC75400898A1CA1BAADBB3678F284409FE9265EF8013D3E3E83B47BC826684763232CF5848F8CAB7D660960DA798D6B783B65489916FE5171CDAA980486B99EB68A960EFE5D4EC2162A14B684B73FA880525708ED640D0DF6BDDA7B8D1914EFCF0420C918B63608C1E1C22559245A5149985F10BFB2B825D4DE47C034947567CADB850EC2638D40513832F7113616E379BC17B8AB4AC36FA77EA56598B4CCD4D620B921C43091D3A99E3160386B1B81CB2FC9BA237764E69CAF5E4EB2377FACB92564B0B96B734FC5C744F32EC408708DA4F935E98DC72C7948904349DEE2854B02DE4E10E85765B02DA12CA5456E9A22965BA919618B7F93E18CED7CF2C59DF790B7EC8B0157E88C8B356628F5D50EFDC1D47F1DCB434A575BD7DFBBBDE752BF713264C10E7FD48FE09EE31065B6FD2E28058037ACF415C2D52D0BCF0CFB28B68644721D71514302F1324A0EA17F3D4E0FBB5CFCE39C11EAB878C65034AAC8057718B7DE0EC278C0487623A44292C792FD7CA3D557A810752D5CCF2C0A8F7DE7B08D36964B3BD6BD2FA6DBAD5C463C404302CC7FF0FC089FA12E44A469BBB82F5F36592D9598E87E36B345D28F635B32EF37B4891EEF95364977284F30310C3F77D7EBDBDA2C599C334095167B298956D9BC96D9524CF61D19F4E217C16B318F30ED9EB31139FA443DA3E449C349D3AE98E716A800D20FCDCB983FB784D2832E85A70615AEFBC237AFE9321492E866518A403B83A23364D05E09EC44E2C90339B4661A382F9EC84B2B525DF394A312E951826EC9B89722C7949E00A24B23D1E5C14137A791434BE89450AD3779864FB5CFA0FD32C29A97647367EE0DB1A7BA7DF5039F42DAFE290E140C4B83F693B687B13D1E4345C938EDC52416100C13A7D95929F4BA135A684B1560C3CEC3C08544E2B163DBCC2998BF1ACA340E5415A96DBBE6C017445331C548DC87E41F781F68940BC9AB642F754A4186EB3D09D1F3BCB12370B2FED952B8A045EDE548980800BB872EB61FC72E8F51B1C6262F625FDE9077523C56533AEE58102FC683F3EBAE929FD3D71251C32726DF2EA7C951E5FE75B21D37E21A00CAE9EBE84D99CE962A15F7E03A561FDEBC5D57F272679FA8603ED8E6F940F8DA4216349D96D7647A3D84EFDFDE0CF7498FD70FC78E93406BD58E1EAE2E0D32295CE17FB0920F632FC56616BE9BD11772F13DB64353621C97C64D6ED255EDFA69B993146C8413EBEB3685AFD118CE2BED4DF7AEE26FE9103630256798BE0A"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\GPU Boost\GpuBoostServer.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\progra~2\ASUS\AISUIT~1\Sensor\HMSERV~1\aaHM.exe
.
**************************************************************************
.
Celkový čas: 2011-11-01 09:58:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-01 08:58
ComboFix2.txt 2011-10-26 04:08
ComboFix3.txt 2011-10-25 13:22
ComboFix4.txt 2011-10-25 12:31
.
Před spuštěním: Volných bajtů: 190 139 375 616
Po spuštění: Volných bajtů: 189 916 332 032
.
- - End Of File - - C0301578E55E2ABF093D176F9661E745

[gazebo]

Tady je odkaz na stranku virustotal, kde jsem nechal proverit vami uvedeny soubor

http://www.virustotal.com/file-scan/rep ... 1320136288

Tady je log z HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:34, on 1.11.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kalendar\kalendar.exe
C:\Program Files (x86)\NetMeter\NetMeter.exe
C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
C:\Program Files (x86)\Seznam.cz\postak.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\JetAudio\JetAudio.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\Staženo\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ConvertionOneIE - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~2\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [ASUS AI Direct Link Command Execute] C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Kalendar] C:\Program Files (x86)\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [C:\Program Files (x86)\NetMeter\NetMeter.exe] C:\Program Files (x86)\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [StrmServer.exe] C:\Program Files (x86)\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
O4 - HKCU\..\Run: [Flock Update] "C:\Users\Petr\AppData\Local\Flock\Update\FlockUpdate.exe" /c
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKCU\..\Run: [PowerSuite] "C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe" delay 20000 -m
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - Global Startup: EasySetPackage.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Vyhledat aktualizace.lnk = C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D41D8438-AEE6-435D-91BA-3F7623063028}: NameServer = 95.173.194.1,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Petr\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13004 bytes