Prosím o kontrolu logu, pomalé spouštění systému Windows 7 Vyřešeno

[7Mara]

Žádám o kontrolu logu, měl jsem problém s druhým interním diskem, kde mám uložená data. Na tomto disku jsem provedl kontrolu a opravu disku pomocí nástroje CHKDSK (přepínač /f). Nyní se spouští systém pomaleji.
Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:07, on 13.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\SW\Kontrola PC\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: (no name) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [EPSON PX710W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSE.EXE /FU "C:\Windows\TEMP\E_S8BFA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpen Manager Service (FileOpenManagerSvc) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13705 bytes

[Reklama]

[Žbeky]

Odinstaluj Nástroje Lištičky, DAEMON Tools Toolbar, Google Toolbar

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dl
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048), dej Start, nech nejméně 2h běžet a pokud bude po 2h stále 0 errors, jsou v pořádku.

[7Mara]

Zde jsou loga z MBAM a CrystalDiskInfo:


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.13.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
IPK :: I5 [administrátor]

Ochrana: Povolena

13.8.2012 18:15:38
mbam-log-2012-08-13 (18-15-38).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213859
Uplynulý čas: 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/08/13 18:25:13

-- Controller Map ----------------------------------------------------------
+ ATA Channel 2 (2) [ATA]
- ASUS DRW-24B3ST ATA Device
- ATA Channel 3 (3) [ATA]
- ATA Channel 4 (4) [ATA]
- ATA Channel 5 (5) [ATA]
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- INTEL SSDSA2CW080G3 ATA Device
+ ATA Channel 1 (1)
- SAMSUNG HD204UI ATA Device
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C02 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)
+ ABNON4PZ IDE Controller [SCSI]
- RWTMXSH TQ74XQFKL6F SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) INTEL SSDSA2CW080G3 : 80,0 GB [0/2/0, pd1] - il

----------------------------------------------------------------------------
(1) INTEL SSDSA2CW080G3
----------------------------------------------------------------------------
Model : INTEL SSDSA2CW080G3
Firmware : 4PC10302
Serial Number : CVPR1165057P080BGN
Disk Size : 80,0 GB (8,4/80,0/80,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 2255 hod.
Power On Count : 900 krát
Host Reads : 2819 GB
Host Writes : 1461 GB
Temparature : Neznámy údaj
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 100 100 __0 000000000000 Čas na roztočení ploten
04 100 100 __0 000000000000 Počet spuštění/zastavení
05 100 100 __0 000000000000 Počet přemapovaných sektorů
09 100 100 __0 0000000008CF Zapnuto hodin
0C 100 100 __0 000000000384 Počet cyklů zapnutí zařízení
AA 100 100 _10 000000000000 Available Reserved Space
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
B8 100 100 _90 000000000000 End to End Error Detection Count
BB 100 100 __0 000000000000 Uncorrectable Error Count
C0 100 100 __0 000000000022 Unsafe Shutdown Count
E1 100 100 __0 00000000B6AB Host Writes
E2 100 100 __0 0000000001F4 Timed Workload Media Wear
E3 100 100 __0 000000000000 Timed Workload Host Read/Write Ratio
E4 100 100 __0 0000000210A8 Timed Workload Timer
E8 100 100 _10 000000000000 Dostupný vyhrazený prostor
E9 100 100 __0 000000000000 Mediální indikátor poruch
F1 100 100 __0 00000000B6AB Total LBAs Written
F2 100 100 __0 00000001606C Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4356 5052 3131 3635 3035 3038 3038 3042 474E 2020
020: 0000 0000 0000 3450 4331 3032 3032 494E 5445 4C20
030: 5353 4453 4132 4357 3038 3320 3320 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 0078 0078 4020
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01FC 0029 746B 7D01 6163 BC01 BC01 6163 207F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 4000 4000 0000 5001 5179
110: 5954 B20A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0001
130: 1770 0BB7 1770 1770 1770 0FA0 0FA0 0FA0 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8CA5

Ještě otestuji paměti.
Díky za rady

[jaro3]

Pokud nemáš připojen ten druhý HDD , tak ho připoj a zopakuj CDI.

[7Mara]

Mám ho připojený, vidím ho v průzkumníku Windows a ve správě disků.
V CDI druhý disk nevidím.

[jaro3]

To je ale divný ne?

Stáhni si rkill
a spusť ho . Spustí se sken .Po skenu se program sám ukončí.
Pozn.: NERESTARTUJ PC !

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[7Mara]

Nemám nejdříve zkusit odpojit druhý disk a znovu ho připojit?
Rovněž nemohu mít špatné nastavení v BIOSU?

Mně se "semtam" sekne (stále načítá) otevření složky na tom druhém disku?

Jinak MEMTEST proběhl bez chyb.
Díky

[jaro3]

Nech připojen druhý disk a udělej rkill a Combofix..

[7Mara]

Zde je obsah logu z Combofixu:

ComboFix 12-08-13.01 - IPK 14.08.2012 12:26:35.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8169.6245 [GMT 2:00]
Spuštěný z: c:\users\IPK\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\TNod User & Password Finder\TNODUP.exe
c:\programdata\Amazon.ico
c:\programdata\BeRuby.ico
c:\programdata\MercadoLivre.ico
c:\users\IPK\AppData\Local\Temp\{BBC8B054-E4C4-41CD-8102-52A009D43C84}\fpb.tmp
c:\users\IPK\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-14 do 2012-08-14 )))))))))))))))))))))))))))))))
.
.
2012-08-14 10:16 . 2012-08-14 10:21 -------- d-----w- C:\Kontrola PC
2012-08-14 05:52 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CE9D7FA-FB74-4435-83A7-177CD9EEC7D1}\mpengine.dll
2012-08-13 17:21 . 2012-08-13 17:21 -------- d-----w- c:\users\IPK\AppData\Local\BMExplorer
2012-08-13 16:19 . 2012-08-13 16:19 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-08-13 16:19 . 2012-08-13 16:19 -------- d-----w- c:\users\IPK\AppData\Roaming\OpenCandy
2012-08-13 09:12 . 2012-08-13 09:25 -------- d-----w- c:\program files (x86)\PC Tools Security
2012-08-13 09:11 . 2012-08-13 09:12 -------- d-----w- c:\users\IPK\AppData\Roaming\GetRightToGo
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\users\IPK\AppData\Roaming\Malwarebytes
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\programdata\Malwarebytes
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-12 17:38 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-12 15:35 . 2011-05-23 05:33 1743360 ----a-w- c:\windows\system32\sysmain.dll
2012-08-12 15:35 . 2011-05-23 05:32 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2012-08-08 14:02 . 2012-08-08 14:02 -------- d-----w- c:\programdata\CrypKey
2012-08-08 14:02 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe
2012-08-08 14:02 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys
2012-08-08 14:02 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2012-08-08 14:02 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2012-08-08 14:02 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2012-08-08 14:02 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2012-08-08 14:02 . 2012-08-08 14:04 -------- d-----w- c:\program files (x86)\Stellar Phoenix SQL Recovery
2012-08-08 13:50 . 2012-08-08 17:05 -------- d-----w- c:\users\IPK\AppData\Local\Recovery Toolbox for Access
2012-08-08 13:49 . 2012-08-08 14:03 -------- d-----w- c:\program files (x86)\Recovery Toolbox for Access
2012-08-07 19:53 . 2012-08-08 05:02 -------- d-----w- c:\program files\Recuva
2012-08-06 21:32 . 2010-09-16 10:26 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-08-06 21:32 . 2008-04-02 14:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-08-06 21:32 . 2008-04-02 14:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-08-06 21:32 . 2008-04-02 14:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-08-06 21:32 . 2004-08-04 06:00 506368 ----a-w- c:\windows\SysWow64\msxml.dll
2012-08-06 21:32 . 2012-08-13 09:25 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-08-06 21:32 . 2012-08-06 21:32 -------- d-----w- c:\program files\Registry Mechanic
2012-08-03 07:10 . 2012-08-08 15:10 -------- d-----w- c:\program files\CCleaner
2012-08-01 17:45 . 2012-06-04 07:59 99384 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-08-01 17:45 . 2012-06-04 07:59 203320 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-20 10:45 . 2012-07-20 10:45 -------- d-----w- c:\users\IPK\AppData\Local\Unity
2012-07-20 10:21 . 2012-08-06 11:11 -------- d-----w- c:\program files (x86)\HDD Regenerator
2012-07-20 09:22 . 2012-07-20 09:27 -------- d-----w- c:\program files (x86)\DiskInternals
2012-07-20 09:09 . 2012-07-20 09:16 -------- d-----w- c:\program files (x86)\NTFS Undelete
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 22:14 . 2012-03-30 05:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-06 22:14 . 2011-06-11 05:57 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-15 08:03 . 2011-03-24 12:30 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-28 10:13 . 2012-06-28 10:13 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-28 10:13 . 2011-06-11 05:50 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-26 07:02 . 2011-07-26 15:26 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 07:02 . 2011-07-26 15:26 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-12 03:08 . 2012-07-15 08:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-15 07:01 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-15 07:01 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-15 07:01 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-15 07:01 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-15 07:01 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-15 07:01 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-15 07:01 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 05:37 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:37 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 05:37 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:37 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:37 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 05:37 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 05:37 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 05:37 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 05:37 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-15 08:03 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-15 08:03 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-15 08:03 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-15 08:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-15 08:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-15 08:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-15 08:03 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-15 08:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-15 08:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-15 08:03 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-15 08:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-15 08:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-15 08:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-15 08:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-15 08:03 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-15 08:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-15 08:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-15 08:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-15 08:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-15 07:01 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-15 07:01 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-15 07:01 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-15 07:01 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-15 07:01 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-15 07:01 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-15 07:01 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-15 07:01 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-15 07:01 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2011-03-24 08:53 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-24 08:47 . 2011-12-04 08:26 24448 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2010-02-10 02:18 . 2011-07-05 07:53 2131336 ----a-w- c:\program files (x86)\Common Files\AskToolbarInstaller.exe
2010-01-26 09:11 . 2011-07-05 07:59 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
2009-09-07 11:18 1570648 --sha-r- c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\advcheck.dll
2009-01-26 13:31 5365592 --sha-r- c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SpybotSD.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"OM2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2010-01-25 1561232]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-16 21432]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-16 975800]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"OM2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-6-11 67128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-11 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 250056]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; [x]
R3 ALSysIO;ALSysIO; [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 55336]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-11 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-22 33184]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-22 21328]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-24 1255736]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/06/13 16:38];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
S2 CDMA Device Service;CDMA Device Service;c:\program files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-09 334720]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 22:14]
.
2012-08-13 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-11 07:29]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-11 07:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-16 3524536]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker64.exe" [2011-12-09 900992]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
"combofix"="c:\combofix\CF14711.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\IPK\AppData\Roaming\Mozilla\Firefox\Profiles\hlb8jj4w.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=a ... pSR00U3&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
BHO-{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
AddRemove-Kies Air Discovery Service - c:\windows\system32\javaws.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\IObit\Game Booster\gbtray.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\windows\system32\crypserv.exe
.
**************************************************************************
.
Celkový čas: 2012-08-14 12:33:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-14 10:33
.
Před spuštěním: Volných bajtů: 16 111 955 968
Po spuštění: Volných bajtů: 15 503 773 696
.
- - End Of File - - F331CAC4F8640709ED22BCEABF5AA556

[jaro3]

Nemáš málo místa na disku?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

File::
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\advcheck.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SpybotSD.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\combofix\CF14711.3XE

Folder::
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy
c:\program files (x86)\Google\Update
c:\program files (x86)\Skype\Updater

Driver::
gupdate
gupdatem
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"=-

Firefox::
FF - ProfilePath - c:\users\IPK\AppData\Roaming\Mozilla\Firefox\Profiles\hlb8jj4w.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://search.toolbars.alexa.com/?ver=a ... pSR00U3&q=

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[7Mara]

Nejdříve vkládám obsah loga z ComboFix:

ComboFix 12-08-14.05 - IPK 15.08.2012 8:32.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8169.6120 [GMT 2:00]
Spuštěný z: c:\users\IPK\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\IPK\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\combofix\CF14711.3XE"
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\advcheck.dll"
"c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SpybotSD.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.115\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.115\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.115\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\21.0.1180.77\21.0.1180.77_21.0.1180.75_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{9B25A8B2-8EE7-4224-B0FF-5FDFD4EE0071}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3203.136\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\IPK\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\advcheck.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\aports.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\blindman.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Default configuration.ini
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\DelZip179.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\AdvWhite.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Adware.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Domains.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\HintOfTheDay.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\iPhone.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Logs.uts
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\LSP.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Malware.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\RegDFLinks.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Revision.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Revision.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Security.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Services.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Targets.nfo
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Tracks.uti
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Includes\X509White.sbs
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Languages\English.sbl
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\messages.zres
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\OptOut.ini
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SDFiles.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SDMain.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SDUpdate.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SDWinSec.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\SpybotSD.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\sqlite3.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Tools.dll
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Update.exe
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Updates\downloaded.ini
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Updates\online.ini
c:\windows\ConfigSetRoot\!SOFTWARE\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\windows\SysWow64\~.inf
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-15 do 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-15 06:35 . 2012-08-15 06:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-08-15 06:35 . 2012-08-15 06:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-15 06:31 . 2012-08-15 06:31 -------- d-----w- c:\users\IPK\AppData\Local\Apple
2012-08-14 12:19 . 2012-08-14 12:19 -------- d-----w- c:\users\IPK\AppData\Local\Adobe
2012-08-14 12:16 . 2012-08-14 12:18 617534 ----a-w- c:\windows\SysWow64\~.tmp
2012-08-14 10:16 . 2012-08-14 10:21 -------- d-----w- C:\Kontrola PC
2012-08-14 05:52 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CE9D7FA-FB74-4435-83A7-177CD9EEC7D1}\mpengine.dll
2012-08-13 17:21 . 2012-08-13 17:21 -------- d-----w- c:\users\IPK\AppData\Local\BMExplorer
2012-08-13 16:19 . 2012-08-13 16:19 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-08-13 16:19 . 2012-08-13 16:19 -------- d-----w- c:\users\IPK\AppData\Roaming\OpenCandy
2012-08-13 09:12 . 2012-08-13 09:25 -------- d-----w- c:\program files (x86)\PC Tools Security
2012-08-13 09:11 . 2012-08-13 09:12 -------- d-----w- c:\users\IPK\AppData\Roaming\GetRightToGo
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\users\IPK\AppData\Roaming\Malwarebytes
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\programdata\Malwarebytes
2012-08-12 17:38 . 2012-08-12 17:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-12 17:38 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-12 15:35 . 2011-05-23 05:33 1743360 ----a-w- c:\windows\system32\sysmain.dll
2012-08-12 15:35 . 2011-05-23 05:32 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2012-08-08 14:02 . 2012-08-08 14:02 -------- d-----w- c:\programdata\CrypKey
2012-08-08 14:02 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe
2012-08-08 14:02 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys
2012-08-08 14:02 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2012-08-08 14:02 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2012-08-08 14:02 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2012-08-08 14:02 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2012-08-08 14:02 . 2012-08-08 14:04 -------- d-----w- c:\program files (x86)\Stellar Phoenix SQL Recovery
2012-08-08 13:50 . 2012-08-08 17:05 -------- d-----w- c:\users\IPK\AppData\Local\Recovery Toolbox for Access
2012-08-08 13:49 . 2012-08-08 14:03 -------- d-----w- c:\program files (x86)\Recovery Toolbox for Access
2012-08-07 19:53 . 2012-08-08 05:02 -------- d-----w- c:\program files\Recuva
2012-08-06 21:32 . 2010-09-16 10:26 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-08-06 21:32 . 2008-04-02 14:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-08-06 21:32 . 2008-04-02 14:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-08-06 21:32 . 2008-04-02 14:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-08-06 21:32 . 2004-08-04 06:00 506368 ----a-w- c:\windows\SysWow64\msxml.dll
2012-08-06 21:32 . 2012-08-13 09:25 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-08-06 21:32 . 2012-08-06 21:32 -------- d-----w- c:\program files\Registry Mechanic
2012-08-03 07:10 . 2012-08-08 15:10 -------- d-----w- c:\program files\CCleaner
2012-08-01 17:45 . 2012-06-04 07:59 99384 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-08-01 17:45 . 2012-06-04 07:59 203320 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-20 10:45 . 2012-07-20 10:45 -------- d-----w- c:\users\IPK\AppData\Local\Unity
2012-07-20 10:21 . 2012-08-06 11:11 -------- d-----w- c:\program files (x86)\HDD Regenerator
2012-07-20 09:22 . 2012-07-20 09:27 -------- d-----w- c:\program files (x86)\DiskInternals
2012-07-20 09:09 . 2012-07-20 09:16 -------- d-----w- c:\program files (x86)\NTFS Undelete
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 22:14 . 2012-03-30 05:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-06 22:14 . 2011-06-11 05:57 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-15 08:03 . 2011-03-24 12:30 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-28 10:13 . 2012-06-28 10:13 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-28 10:13 . 2011-06-11 05:50 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-26 07:02 . 2011-07-26 15:26 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 07:02 . 2011-07-26 15:26 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-12 03:08 . 2012-07-15 08:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-15 07:01 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-15 07:01 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-15 07:01 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-15 07:01 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-15 07:01 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-15 07:01 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-15 07:01 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 05:37 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:37 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 05:37 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:37 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:37 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 05:37 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 05:37 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 05:37 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 05:37 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-15 08:03 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-15 08:03 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-15 08:03 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-15 08:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-15 08:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-15 08:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-15 08:03 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-15 08:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-15 08:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-15 08:03 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-15 08:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-15 08:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-15 08:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-15 08:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-15 08:03 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-15 08:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-15 08:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-15 08:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-15 08:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-15 07:01 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-15 07:01 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-15 07:01 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-15 07:01 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-15 07:01 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-15 07:01 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-15 07:01 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-15 07:01 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-15 07:01 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2011-03-24 08:53 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-24 08:47 . 2011-12-04 08:26 24448 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2010-02-10 02:18 . 2011-07-05 07:53 2131336 ----a-w- c:\program files (x86)\Common Files\AskToolbarInstaller.exe
2010-01-26 09:11 . 2011-07-05 07:59 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"OM2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2010-01-25 1561232]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-16 21432]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-16 975800]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"OM2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-6-11 67128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 250056]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; [x]
R3 ALSysIO;ALSysIO; [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-10-27 55336]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-22 33184]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-22 21328]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-24 1255736]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/06/13 16:38];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-04 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
S2 CDMA Device Service;CDMA Device Service;c:\program files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-09 334720]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 22:14]
.
2012-08-15 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-16 3524536]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker64.exe" [2011-12-09 900992]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
"combofix"="c:\combofix\CF21361.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\IPK\AppData\Roaming\Mozilla\Firefox\Profiles\hlb8jj4w.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\IObit\Game Booster\gbtray.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\windows\system32\crypserv.exe
.
**************************************************************************
.
Celkový čas: 2012-08-15 08:38:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-15 06:38
ComboFix2.txt 2012-08-14 10:33
.
Před spuštěním: Volných bajtů: 15 510 810 624
Po spuštění: Volných bajtů: 15 452 315 648
.
- - End Of File - - CAB8A9324845FBB26D46B148DD5114A1

[7Mara]

Log z TDSSKiller:

- z důvodu velikosti, uložen zde: http://www.uloz.to/xBLCp3G/tdsskiller-2 ... 48-log-txt

Log z aswMBR:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-15 08:50:55
-----------------------------
08:50:55.533 OS Version: Windows x64 6.1.7601 Service Pack 1
08:50:55.533 Number of processors: 4 586 0x2A07
08:50:55.533 ComputerName: I5 UserName:
08:50:55.673 Initialize success
08:51:06.147 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
08:51:06.147 Disk 0 Vendor: INTEL_SSDSA2CW080G3 4PC10302 Size: 76319MB BusType: 11
08:51:06.147 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
08:51:06.147 Disk 1 Vendor: SAMSUNG_HD204UI 1AQ10001 Size: 1907729MB BusType: 11
08:51:06.147 Disk 0 MBR read successfully
08:51:06.163 Disk 0 MBR scan
08:51:06.163 Disk 0 Windows 7 default MBR code
08:51:06.163 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 63
08:51:06.163 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76214 MB offset 208845
08:51:06.163 Disk 0 scanning C:\Windows\system32\drivers
08:51:07.333 Service scanning
08:51:08.971 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
08:51:09.907 Modules scanning
08:51:09.907 Disk 0 trace - called modules:
08:51:09.922 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80068182c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
08:51:09.922 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f96060]
08:51:09.922 3 CLASSPNP.SYS[fffff88001bcf43f] -> nt!IofCallDriver -> [0xfffffa80069c0520]
08:51:09.922 5 ACPI.sys[fffff88000f887a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80069c2060]
08:51:09.922 \Driver\atapi[0xfffffa8006914060] -> IRP_MJ_CREATE -> 0xfffffa80068182c0
08:51:09.922 Scan finished successfully
08:51:21.419 Disk 0 MBR has been saved successfully to "C:\Users\IPK\Desktop\MBR.dat"
08:51:21.419 The log file has been saved successfully to "C:\Users\IPK\Desktop\aswMBR.txt"