Zpomaleny notebook, prosim o kontrolu.

Hutman · Příspěvekod **Hutman** » 06 bře 2012 22:25

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:24:36, on 6.3.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Jakub\Desktop\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\oberontb.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Free CENZURA DB Toolbar Toolbar\tbcore3.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\oberontb.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: MyPlayCity Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Free CENZURA DB Toolbar Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Free CENZURA DB Toolbar Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\oberontb.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Righteous%20Kill/Images/stg_drm.ocx
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... .127.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.66.2.cab
O16 - DPF: {D27BBB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files (x86)\GameTracker\GSInGameService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: SensorsVService - Unknown owner - C:\Program Files (x86)\SensorsViewPro41\svservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Unknown owner - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19202 bytes

Reklama

Příspěvekod **jaro3** » 07 bře 2012 08:58

Odinstaluj:
QuickStores-Toolbar
Ask Toolbar
ICQToolBar
XfireXO Toolbar
MyPlayCity Toolbar
Free CENZURA DB Toolbar Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: MyPlayCity Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Free CENZURA DB Toolbar Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Free CENZURA DB Toolbar Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Righteous%20Kill/Images/stg_drm.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {D27BBB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Hutman · Příspěvekod **Hutman** » 07 bře 2012 13:11

Jelikoz jsem uz test v malwarebytes delal vcera, zadnou chybu to uz nenaslo.
Vypada to ze pocitac je rychlejsi, tudiz to povazuju za vyresene! :)

Dekuju za pomoc!

Příspěvekod **Žbeky** » 07 bře 2012 13:24

Dočistíme to

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Hutman · Příspěvekod **Hutman** » 07 bře 2012 15:07

ComboFix 12-03-06.01 - Jakub 07.03.2012 14:41:40.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2427 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\GamesBar\obERontb.dll
c:\programdata\FullRemove.exe
c:\programdata\xmlB8AA.tmp
c:\programdata\xmlBA03.tmp
c:\programdata\xmlBA90.tmp
c:\users\Jakub\AppData\Local\assembly\tmp
c:\users\Jakub\AppData\Local\Bron.tok-12-8
c:\users\Jakub\AppData\Local\Bron.tok.A12.em.bin
c:\users\Jakub\AppData\Local\Kosong.Bron.Tok.txt
c:\users\PC\AppData\Local\.#
c:\users\PC\AppData\Local\assembly\tmp
c:\users\PC\AppData\Local\Bron.tok-12-1
c:\users\PC\AppData\Local\Bron.tok-12-10
c:\users\PC\AppData\Local\Bron.tok-12-11
c:\users\PC\AppData\Local\Bron.tok-12-12
c:\users\PC\AppData\Local\Bron.tok-12-13
c:\users\PC\AppData\Local\Bron.tok-12-14
c:\users\PC\AppData\Local\Bron.tok-12-15
c:\users\PC\AppData\Local\Bron.tok-12-16
c:\users\PC\AppData\Local\Bron.tok-12-17
c:\users\PC\AppData\Local\Bron.tok-12-18
c:\users\PC\AppData\Local\Bron.tok-12-19
c:\users\PC\AppData\Local\Bron.tok-12-2
c:\users\PC\AppData\Local\Bron.tok-12-20
c:\users\PC\AppData\Local\Bron.tok-12-21
c:\users\PC\AppData\Local\Bron.tok-12-22
c:\users\PC\AppData\Local\Bron.tok-12-23
c:\users\PC\AppData\Local\Bron.tok-12-24
c:\users\PC\AppData\Local\Bron.tok-12-25
c:\users\PC\AppData\Local\Bron.tok-12-26
c:\users\PC\AppData\Local\Bron.tok-12-27
c:\users\PC\AppData\Local\Bron.tok-12-28
c:\users\PC\AppData\Local\Bron.tok-12-29
c:\users\PC\AppData\Local\Bron.tok-12-3
c:\users\PC\AppData\Local\Bron.tok-12-30
c:\users\PC\AppData\Local\Bron.tok-12-31
c:\users\PC\AppData\Local\Bron.tok-12-4
c:\users\PC\AppData\Local\Bron.tok-12-5
c:\users\PC\AppData\Local\Bron.tok-12-6
c:\users\PC\AppData\Local\Bron.tok-12-7
c:\users\PC\AppData\Local\Bron.tok-12-8
c:\users\PC\AppData\Local\Bron.tok-12-9
c:\users\PC\AppData\Local\Bron.tok.A12.em.bin
c:\users\PC\AppData\Local\Kosong.Bron.Tok.txt
c:\users\PC\AppData\Local\ListHost12.txt
c:\users\PC\AppData\Roaming\.#
c:\windows\Downloaded Program Files\f3initialsetup1.2.5.7.inf
c:\windows\IsUn0405.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-07 do 2012-03-07 )))))))))))))))))))))))))))))))
.
.
2012-03-07 13:52 . 2012-03-07 13:52 -------- d-----w- c:\users\PC\AppData\Local\temp
2012-03-07 13:52 . 2012-03-07 13:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-07 11:37 . 2012-03-07 11:37 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-03-07 10:45 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1B7FA632-10E8-4825-AF4A-B53D9B2C944F}\mpengine.dll
2012-03-06 20:30 . 2012-03-06 20:30 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-03-06 20:28 . 2012-03-06 21:06 -------- d-----w- c:\programdata\Malwarebytes
2012-03-06 20:28 . 2012-03-06 20:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-06 20:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 20:13 . 2012-03-06 20:13 -------- d-----w- c:\program files\CPUID
2012-03-06 20:13 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-03-06 20:10 . 2012-03-06 20:10 -------- d-----w- c:\program files (x86)\Free CENZURA
2012-03-05 17:03 . 2012-03-05 17:03 -------- d-----w- c:\program files (x86)\Logon Screen
2012-03-04 16:38 . 2012-03-04 16:38 -------- d-----w- c:\users\Jakub\AppData\Roaming\Ubisoft
2012-03-04 08:47 . 2012-03-04 09:09 -------- d-----w- c:\users\PC\AppData\Roaming\spidla
2012-03-04 08:47 . 2012-03-04 08:47 -------- d-----w- c:\program files (x86)\Proroctvi ztraceneho kralovstvi
2012-03-04 06:09 . 2012-03-04 06:09 -------- d-----w- c:\users\PC\AppData\Roaming\dll-files.com
2012-03-04 00:28 . 2012-03-04 00:28 197912 ----a-w- c:\windows\SysWow64\physxcudart_20.dll
2012-03-03 16:31 . 2012-03-03 16:31 -------- d-----w- c:\program files\Defraggler
2012-03-02 22:26 . 2012-03-07 11:36 -------- d-----w- c:\users\UpdatusUser
2012-03-02 22:24 . 2012-02-10 03:14 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-03-02 22:24 . 2012-02-10 03:07 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-03-02 22:24 . 2012-02-10 03:07 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-03-02 22:24 . 2012-02-10 03:14 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-03-02 22:24 . 2012-02-10 03:07 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-03-02 22:24 . 2012-02-10 03:07 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-03-02 22:23 . 2012-03-02 22:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-03-02 21:56 . 2012-03-02 21:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2012-02-29 20:12 . 2012-03-07 10:26 -------- d-----w- c:\program files (x86)\JDownloader
2012-02-28 10:35 . 2012-02-28 10:35 -------- d-----w- C:\found.000
2012-02-25 21:14 . 2012-02-25 21:14 -------- d-----w- c:\program files (x86)\SensorsViewPro42
2012-02-25 19:34 . 2012-02-25 19:34 -------- d-----w- c:\programdata\IObit
2012-02-25 19:34 . 2012-02-25 19:34 -------- d-----w- c:\program files (x86)\IObit
2012-02-25 17:13 . 2012-03-06 17:36 -------- d-----w- c:\program files (x86)\Heroes of Newerth
2012-02-25 14:19 . 2012-02-25 14:19 -------- d-----w- c:\programdata\EA Core
2012-02-25 14:19 . 2012-02-25 14:19 -------- d-----w- c:\programdata\EA Logs
2012-02-22 09:01 . 2012-02-22 09:01 -------- d-----w- c:\users\PC\AppData\Roaming\AVG2012
2012-02-21 15:20 . 2012-02-21 15:20 -------- d-----w- C:\$AVG
2012-02-21 14:58 . 2012-02-21 14:58 -------- d-----w- c:\users\Jakub\AppData\Roaming\AVG2012
2012-02-21 14:56 . 2012-02-21 14:56 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-02-21 14:56 . 2012-03-07 09:56 -------- d-----w- c:\windows\system32\drivers\AVG
2012-02-21 14:56 . 2012-02-21 18:05 -------- d-----w- c:\programdata\AVG2012
2012-02-21 12:14 . 2012-02-21 12:14 -------- d-----w- c:\users\Jakub\AppData\Local\TeknoGods
2012-02-21 09:37 . 2012-02-21 09:37 -------- d-----w- c:\windows\SysWow64\Adobe
2012-02-17 21:35 . 2012-02-17 21:37 -------- d-----w- c:\users\Jakub\AppData\Local\Ubisoft Game Launcher
2012-02-15 14:08 . 2012-01-04 09:58 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 14:08 . 2012-01-04 09:03 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 14:08 . 2012-01-03 06:24 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 14:08 . 2012-01-03 05:44 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 14:07 . 2012-01-14 04:02 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 14:07 . 2011-12-28 03:59 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 14:07 . 2011-12-16 08:42 634368 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 14:07 . 2011-12-16 07:59 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-10 07:57 . 2012-02-10 07:57 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{784AEE28-4E33-4ECC-AD2D-136E03C42BD5}\gapaengine.dll
2012-02-09 19:05 . 2012-02-09 19:05 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-04 08:10 . 2010-02-16 03:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-13 16:02 . 2010-08-21 15:55 81005 ----a-w- c:\windows\Uninstall Jade Empire.exe
2012-02-08 07:13 . 2010-10-10 06:56 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2010-03-24 15:01 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 20:08 . 2010-02-26 19:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-01-05 20:08 . 2010-02-26 19:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-12-14 11:47 . 2010-05-24 18:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-14 11:46 . 2011-12-18 12:10 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-14 11:46 . 2011-12-18 12:10 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-14 11:46 . 2011-12-09 23:14 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-12-14 11:46 . 2011-11-05 14:41 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-12-13 16:52 . 2010-02-26 19:14 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-10-01 00:11 . 2011-03-15 21:03 462112 ----a-w- c:\program files (x86)\Common Files\ZugoInstaller.exe
2005-07-26 15:23 . 2005-07-26 15:23 482000 ----a-w- c:\program files\DXSETUP.exe
2005-07-26 15:23 . 2005-07-26 15:23 75472 ----a-w- c:\program files\DSETUP.dll
2005-07-26 15:23 . 2005-07-26 15:23 2245840 ----a-w- c:\program files\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-02-22 11:05 2353176 ----a-w- c:\program files (x86)\XfireXO\tbXfir.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\tbXfir.dll" [2010-02-22 2353176]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-12-21 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R1 nujfagsv;nujfagsv;c:\windows\system32\drivers\nujfagsv.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 136176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro42\drv\sensorsview32_64.sys [2008-07-26 14544]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe [2011-10-20 1447576]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]
S2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-13 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 14:40]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 14:40]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1000Core.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 14:40]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1000UA.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 14:40]
.
2012-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1003Core.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-06 06:57]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1003UA.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-06 06:57]
.
2012-03-01 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\progra~2\NORTON~2\Engine\360~1.31\Nss.exe [2011-11-09 22:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\oj998b3z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FF_5&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
WebBrowser-{648ADDE1-369B-4868-A419-0B67EBFD8F73} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36D244FC-5C6C-7873-513B-B0B681DC0DFA}*]
"hankagcakhooljjp"=hex:6a,61,6c,66,68,66,64,64,70,64,67,62,66,65,67,61,61,62,
65,68,00,01
"iahkpgoficimoobgoc"=hex:6a,61,6b,66,6d,68,68,6e,6e,6a,6e,66,6e,64,6a,61,63,61,
70,68,00,fe
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:3d,5b,06,0a,4d,a0,98,c9,97,8e,72,dc,ca,b4,29,1e,e3,39,55,39,b3,c3,cd,
62,cf,7f,79,46,d3,3b,7e,88,c9,ee,78,01,d9,e3,e6,ee,b2,6f,29,e4,d1,0d,72,4c,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\SecuROM\License information*]
"datasecu"=hex:ad,3f,e7,98,e7,3a,2c,83,62,3f,12,67,d7,39,f7,17,9d,b1,d2,a7,98,
24,d0,db,01,35,44,70,aa,65,d8,72,42,d3,a8,c7,c7,a3,bb,25,70,ee,ae,93,ab,98,\
"rkeysecu"=hex:e9,7e,56,7b,b4,fe,73,8b,8d,92,8f,e5,af,e1,cb,fa
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\IObit\Game Booster 3\gbtray.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Celkový čas: 2012-03-07 15:03:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-07 14:03
.
Před spuštěním: Volných bajtů: 34 703 454 208
Po spuštění: Volných bajtů: 35 549 536 256
.
- - End Of File - - 325E42116F7BCBBAB573C7AD9002ED96

Příspěvekod **jaro3** » 07 bře 2012 19:21

Zkus odinstalovat MSE (Microsoft Security Essentials) , máš tam AVG 2012.

Pak dej znovu sken , log z Combofixu sem zase vlož.

Hutman · Příspěvekod **Hutman** » 08 bře 2012 14:01

ComboFix 12-03-06.01 - Jakub 08.03.2012 13:31:44.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2649 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-08 do 2012-03-08 )))))))))))))))))))))))))))))))
.
.
2012-03-08 12:42 . 2012-03-08 12:42 -------- d-----w- c:\users\PC\AppData\Local\temp
2012-03-08 12:42 . 2012-03-08 12:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-08 12:29 . 2012-03-01 12:21 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DAD1A0A1-A45B-4CD6-A8C3-540D580870DB}\mpengine.dll
2012-03-07 11:37 . 2012-03-07 11:37 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-03-06 20:30 . 2012-03-06 20:30 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-03-06 20:28 . 2012-03-06 21:06 -------- d-----w- c:\programdata\Malwarebytes
2012-03-06 20:28 . 2012-03-06 20:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-06 20:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 20:13 . 2012-03-06 20:13 -------- d-----w- c:\program files\CPUID
2012-03-06 20:13 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-03-06 20:10 . 2012-03-06 20:10 -------- d-----w- c:\program files (x86)\Free CENZURA
2012-03-05 17:03 . 2012-03-05 17:03 -------- d-----w- c:\program files (x86)\Logon Screen
2012-03-04 16:38 . 2012-03-04 16:38 -------- d-----w- c:\users\Jakub\AppData\Roaming\Ubisoft
2012-03-04 08:47 . 2012-03-04 09:09 -------- d-----w- c:\users\PC\AppData\Roaming\spidla
2012-03-04 08:47 . 2012-03-04 08:47 -------- d-----w- c:\program files (x86)\Proroctvi ztraceneho kralovstvi
2012-03-04 06:09 . 2012-03-04 06:09 -------- d-----w- c:\users\PC\AppData\Roaming\dll-files.com
2012-03-04 00:28 . 2012-03-04 00:28 197912 ----a-w- c:\windows\SysWow64\physxcudart_20.dll
2012-03-03 16:31 . 2012-03-03 16:31 -------- d-----w- c:\program files\Defraggler
2012-03-02 22:26 . 2012-03-08 12:47 -------- d-----w- c:\users\UpdatusUser
2012-03-02 22:24 . 2012-02-10 03:14 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-03-02 22:24 . 2012-02-10 03:07 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-03-02 22:24 . 2012-02-10 03:07 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-03-02 22:24 . 2012-02-10 03:14 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-03-02 22:24 . 2012-02-10 03:07 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-03-02 22:24 . 2012-02-10 03:07 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-03-02 22:23 . 2012-03-02 22:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-03-02 21:56 . 2012-03-02 21:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2012-02-29 20:12 . 2012-03-07 10:26 -------- d-----w- c:\program files (x86)\JDownloader
2012-02-28 10:35 . 2012-02-28 10:35 -------- d-----w- C:\found.000
2012-02-25 21:14 . 2012-02-25 21:14 -------- d-----w- c:\program files (x86)\SensorsViewPro42
2012-02-25 19:34 . 2012-02-25 19:34 -------- d-----w- c:\programdata\IObit
2012-02-25 19:34 . 2012-02-25 19:34 -------- d-----w- c:\program files (x86)\IObit
2012-02-25 17:13 . 2012-03-06 17:36 -------- d-----w- c:\program files (x86)\Heroes of Newerth
2012-02-25 14:19 . 2012-02-25 14:19 -------- d-----w- c:\programdata\EA Core
2012-02-25 14:19 . 2012-02-25 14:19 -------- d-----w- c:\programdata\EA Logs
2012-02-22 09:01 . 2012-02-22 09:01 -------- d-----w- c:\users\PC\AppData\Roaming\AVG2012
2012-02-21 15:20 . 2012-02-21 15:20 -------- d-----w- C:\$AVG
2012-02-21 14:58 . 2012-02-21 14:58 -------- d-----w- c:\users\Jakub\AppData\Roaming\AVG2012
2012-02-21 14:56 . 2012-02-21 14:56 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-02-21 14:56 . 2012-03-08 12:10 -------- d-----w- c:\windows\system32\drivers\AVG
2012-02-21 14:56 . 2012-02-21 18:05 -------- d-----w- c:\programdata\AVG2012
2012-02-21 12:14 . 2012-02-21 12:14 -------- d-----w- c:\users\Jakub\AppData\Local\TeknoGods
2012-02-21 09:37 . 2012-02-21 09:37 -------- d-----w- c:\windows\SysWow64\Adobe
2012-02-17 21:35 . 2012-02-17 21:37 -------- d-----w- c:\users\Jakub\AppData\Local\Ubisoft Game Launcher
2012-02-15 14:08 . 2012-01-04 09:58 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 14:08 . 2012-01-04 09:03 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 14:08 . 2012-01-03 06:24 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 14:08 . 2012-01-03 05:44 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 14:07 . 2012-01-14 04:02 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 14:07 . 2011-12-28 03:59 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 14:07 . 2011-12-16 08:42 634368 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 14:07 . 2011-12-16 07:59 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-09 19:05 . 2012-02-09 19:05 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-04 08:10 . 2010-02-16 03:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-02-23 08:18 . 2010-03-24 15:01 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-05 20:08 . 2010-02-26 19:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-01-05 20:08 . 2010-02-26 19:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-12-14 11:47 . 2010-05-24 18:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-14 11:46 . 2011-12-18 12:10 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-14 11:46 . 2011-12-18 12:10 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-14 11:46 . 2011-12-09 23:14 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-12-14 11:46 . 2011-11-05 14:41 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-12-13 16:52 . 2010-02-26 19:14 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-10-01 00:11 . 2011-03-15 21:03 462112 ----a-w- c:\program files (x86)\Common Files\ZugoInstaller.exe
2005-07-26 15:23 . 2005-07-26 15:23 482000 ----a-w- c:\program files\DXSETUP.exe
2005-07-26 15:23 . 2005-07-26 15:23 75472 ----a-w- c:\program files\DSETUP.dll
2005-07-26 15:23 . 2005-07-26 15:23 2245840 ----a-w- c:\program files\dsetup32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-07_13.56.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-07 20:13 . 2012-03-07 20:13 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\8dd565cc0b374e1eec73cf7eaba91e92\UIAutomationProvider.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\31c9ef760d04c92e17106dae1a9091f4\System.Xaml.Hosting.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\077e75015456f75a0495f65cfcf140cb\System.Windows.Presentation.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\205067fe0e5c75891b489719b799c79d\System.Web.Routing.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\d1525e7fd8ba4234de86defa5b38e677\System.Web.DynamicData.Design.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\22a9aa847a8e4e651a35b63270ce8999\System.Web.ApplicationServices.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\931f8d259c4bde5078375e82897db92f\System.Web.Abstractions.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fdeb5ca04943da59f732d3001d6a0df0\System.ServiceModel.Channels.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5ab20ea5fd89e0e8ba9e93e297cea012\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-03-07 20:15 . 2012-03-07 20:15 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\9688786618bf6390637c283b5bd1c9b3\System.AddIn.Contract.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\974157f629303efea6fc23e6578901ba\Microsoft.Workflow.Compiler.ni.exe
+ 2012-03-07 20:12 . 2012-03-07 20:12 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\6ffc3ac04451b4978519218fd266403e\Microsoft.VisualC.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\8cbc15b63aa3f06453f1aaa8659cf809\Accessibility.ni.dll
- 2012-03-07 13:55 . 2012-03-07 13:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-08 12:44 . 2012-03-08 12:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-07 13:55 . 2012-03-07 13:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-08 12:44 . 2012-03-08 12:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-08 12:51 . 2012-03-08 12:51 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\6bafe185b3d23de57ec689035642fe43\System.Xml.Serialization.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\592252ee904bd41f99cd1d19909b548c\dfsvc.ni.exe
+ 2009-07-14 02:36 . 2012-03-08 12:25 652360 c:\windows\system32\perfh009.dat
+ 2009-08-03 20:00 . 2012-03-08 12:25 666656 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-03-08 12:25 121292 c:\windows\system32\perfc009.dat
+ 2009-08-03 20:00 . 2012-03-08 12:25 140320 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-03-07 13:53 475084 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-08 12:43 475084 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-07 14:22 . 2012-03-07 14:22 215888 c:\windows\Installer\{C580908C-B3BA-4C19-BD60-16F02F272201}\Bootstrapper.exe
+ 2012-03-08 12:51 . 2012-03-08 12:51 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\fd0c917972edf6f2a05c090627030608\XamlBuildTask.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\5f644edb4fd9228b50499b597b20f8d6\WsatConfig.ni.exe
+ 2012-03-08 12:51 . 2012-03-08 12:51 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\d5a18f2355101b19f23ff2f31d1d1e17\WindowsFormsIntegration.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\9562374f940f41cdc64d88268d543f0b\UIAutomationTypes.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\641eec5b274fe3972d02892607f9b650\UIAutomationClient.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\295b3156b838ca161a64a5456522438b\System.Xml.Linq.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\0b68854406b775365c6d91e87813c2dc\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\01defe5a0bf7227f37645625367393ab\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\0613bd8bf52bb05610bc85ae9b950e9f\System.Web.RegularExpressions.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\6e30f0637c198b8ddac89379ae0cc3b4\System.Web.Extensions.Design.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\f2a8d54def527c06078b2ea3ca364e21\System.Web.Entity.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\66538729163731ccf2afebcfa705931a\System.Web.Entity.Design.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\934f6270b71946989b09dabf37692d9d\System.Web.DynamicData.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\e0738a758f95ad36a1ca4ea4fe014383\System.Web.DataVisualization.Design.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5e3cf00b80c0aecd8392f1702d2d0f28\System.Transactions.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\bf0b3689dd5e261097f2feb2ed0103e8\System.ServiceProcess.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 432640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\eed602a6dac854f70fa1bb181b2179de\System.ServiceModel.Activation.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d3d9c582c7cd77f17fd93167dc462242\System.ServiceModel.Routing.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7b17528dffe47d9b17be6086a575a516\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 771584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e86e6094904541b5f9cf7df0709349d2\System.Runtime.Remoting.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 244736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\a89c27bacba019eeed438f67b8544b78\System.Runtime.Caching.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\965e2749489298cc85387f44f76a40f2\System.Net.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\f5333e6e06a2d476f93b0880c5e7fd14\System.Messaging.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\1bff2d3e952c2160ba0c790d2342a601\System.Management.Instrumentation.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e6cb98078120266f5310adf0f45aa7df\System.IO.Log.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\22dadf930ad449894633480562d6c913\System.IdentityModel.Selectors.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.Wrapper.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e25cc7918b583b3beffcad52920eae29\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\a3be39ae9813098aa81430dd507d22ca\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4975f93d2055b33bd7a91d6f05628e2a\System.Device.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 508928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\35a9933c9a009b623b4332a4e1daf245\System.Data.Services.Design.ni.dll
+ 2012-03-07 20:15 . 2012-03-07 20:15 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\42d3d301d2adef24edeb3b775fbe3a4b\System.Data.DataSetExtensions.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\e844f0d4cf703c2e97515ed020331b76\System.Configuration.Install.ni.dll
+ 2012-03-07 20:15 . 2012-03-07 20:15 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\9b418b211d6207feafcdc27027d26036\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\a4cfba8e3500f8387fe5924b940983be\System.AddIn.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\520d0ed9f48c121fbe79bda6fc176b74\System.Activities.DurableInstancing.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\98ec8a39382e6eee39845bd4759ecf04\SMSvcHost.ni.exe
+ 2012-03-07 20:12 . 2012-03-07 20:12 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\265875f162e9c2ffefca67188cee8faa\MSBuild.ni.exe
+ 2012-03-07 20:14 . 2012-03-07 20:14 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cdd04b14b9dd6ced2e2572a044c3c57e\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5958d9610eb58adb2b62153492a7c27e\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 631296 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\861156abd2fbeb15a72e479fb140c9b9\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\03c15533eddd91753b86895c6bfd59aa\Microsoft.Build.Framework.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 136192 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\dda5a6b2ff35b701c4585b7845101391\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 128000 c:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.Wpf.Taskb#\bf5f1dbba2b0570a227379f1c3f74c37\Hardcodet.Wpf.TaskbarNotification.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e3e1fd8ccf76e9eb0147484fb8dd773a\CustomMarshalers.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 278016 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomControls\a3f6d1b31b372079e90d730bec0e69b3\CustomControls.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 475136 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\e9dee8646a22abf1626514f0f14fcdd9\ComSvcConfig.ni.exe
+ 2012-03-07 20:12 . 2012-03-07 20:12 851968 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\cd00df3ad31231170f909bd387c2164e\AspNetMMCExt.ni.dll
+ 2012-01-24 15:13 . 2012-01-24 15:13 3960832 c:\windows\Installer\1960b9.msi
+ 2012-03-08 12:51 . 2012-03-08 12:51 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0f5df23e9f268e9ff4c8033f9865a12a\UIAutomationClientsideProviders.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 1223168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\4dca8783493d21bc2cbbdd5ad65819a1\System.WorkflowServices.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 1971712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\7a4b5fe58999d11fd532120d6f75f6da\System.Workflow.Runtime.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 4462080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\257e00af8ec6389753a9f66ef1711eea\System.Workflow.ComponentModel.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 2871808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\bf2865f9411bf7887ec8377c5642d307\System.Workflow.Activities.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\d6c84e888c7f465844a8ae0e6470e05c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1925632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b6139cfbdbdc57c3ff421204292f4041\System.Web.Services.ni.dll
+ 2012-03-08 12:51 . 2012-03-08 12:51 2334208 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\cd802595d26f321d11da210aeedd35cc\System.Web.Mobile.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 3127296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\4cefa390fdd82b25aab99c33cc49e3c0\System.Web.Extensions.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 4535808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\b18af03d37654b9593c660d0ba6968c6\System.Web.DataVisualization.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\90de8ba8101001c8845439cd5f9a76eb\System.Speech.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8c12f469cbd6b8d9718c64a4b2c96d47\System.ServiceModel.Activities.ni.dll
+ 2012-03-08 12:43 . 2012-03-08 12:43 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\746651ce870c2f9cd43bc7246154f81a\System.ServiceModel.Discovery.ni.dll
+ 2012-03-07 20:17 . 2012-03-07 20:17 1086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\60ada6691ab37a75d25670eab4e32c5f\System.ServiceModel.Web.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\1141220aff69c63f638ab64e5b0186bc\System.Printing.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6bd4a77663c0e708e0827be849906fdc\System.DirectoryServices.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\84d9ec8b14f9731797c51d31cae12d87\System.Deployment.ni.dll
+ 2012-03-07 20:16 . 2012-03-07 20:16 2025984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\546dc84f7a98dd07602ebe6dca6fda7f\System.Data.Services.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 1344000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\4b28434c73ac4229c7ae7c4f0598e25f\System.Data.Services.Client.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\c8b5d26c88a0f00cfb079bf421298076\System.Data.OracleClient.ni.dll
+ 2012-03-07 20:16 . 2012-03-07 20:16 1424384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\f58605285e9bf14f17c39f28d5621628\System.Data.Entity.Design.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\7bbd2b637fbe2a5b17a16cd4fcc3c3ca\System.Activities.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a479b22107e8fe08689d840a3a1a77e9\System.Activities.Presentation.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\819fccf9934ef29a6078d4accbf9ea0c\System.Activities.Core.Presentation.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\7194eb8e3da784ae30566a64569314a4\PresentationUI.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1479168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\f021e82fdaaf18ca99ff997f6552f947\PresentationBuildTasks.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\c971d1782b4893d60666d91509ee0398\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9150a80d10ec86440aa59f6fe4b73f9d\Microsoft.VisualBasic.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1ae1a98af2c7d3e68c7525bf1395fa61\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\fb09c8733a8ef9292079399b25d5d973\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\8b1e797d9c7f5ef773c150e15b07a087\Microsoft.JScript.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 4248064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\faa09803e406df761fee15f3cb4390bb\Microsoft.Build.ni.dll
+ 2012-03-07 20:13 . 2012-03-07 20:13 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\f54f6b0d404f8063e75770dd0f138827\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-03-07 20:14 . 2012-03-07 20:14 1931264 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\4bfe4b4fa5d4fccdcbfc10ff609e6a28\Microsoft.Build.Engine.ni.dll
+ 2012-03-07 20:12 . 2012-03-07 20:12 3296256 c:\windows\assembly\NativeImages_v4.0.30319_32\EvolveClient\6b6db48a87103e27ba93983cab70f835\EvolveClient.ni.exe
+ 2012-03-07 20:13 . 2012-03-07 20:13 2756608 c:\windows\assembly\NativeImages_v4.0.30319_32\EvoClr\1e003809c80525fc11a367596e03ade2\EvoClr.ni.dll
+ 2009-07-14 02:34 . 2012-03-08 12:39 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-03-07 13:46 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2010-10-13 22:24 . 2012-03-08 12:43 17271232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4224338070-3928157854-228781409-1003-8192.dat
+ 2012-03-07 20:13 . 2012-03-07 20:13 12079104 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\3c5ebc7acef28749f02bbc1f1c24f51f\System.Web.ni.dll
+ 2012-03-08 12:42 . 2012-03-08 12:42 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
+ 2012-03-07 20:16 . 2012-03-07 20:16 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\b642a4ad94ff1e027a128b9796878372\System.Data.Entity.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-02-22 11:05 2353176 ----a-w- c:\program files (x86)\XfireXO\tbXfir.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\tbXfir.dll" [2010-02-22 2353176]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-12-21 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R1 nujfagsv;nujfagsv;c:\windows\system32\drivers\nujfagsv.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 136176]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2009-08-17 93848]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro42\drv\sensorsview32_64.sys [2008-07-26 14544]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe [2011-10-20 1447576]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]
S2 SensorsVService;SensorsVService;c:\program files (x86)\SensorsViewPro41\svservice.exe [2010-06-17 923648]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-13 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 14:40]
.
2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-17 14:40]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1000Core.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 14:40]
.
2012-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1000UA.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 14:40]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1003Core.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-06 06:57]
.
2012-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4224338070-3928157854-228781409-1003UA.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-06 06:57]
.
2012-03-01 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\progra~2\NORTON~2\Engine\360~1.31\Nss.exe [2011-11-09 22:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\oj998b3z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FF_5&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
WebBrowser-{648ADDE1-369B-4868-A419-0B67EBFD8F73} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36D244FC-5C6C-7873-513B-B0B681DC0DFA}*]
"hankagcakhooljjp"=hex:6a,61,6c,66,68,66,64,64,70,64,67,62,66,65,67,61,61,62,
65,68,00,01
"iahkpgoficimoobgoc"=hex:6a,61,6b,66,6d,68,68,6e,6e,6a,6e,66,6e,64,6a,61,63,61,
70,68,00,fe
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:3d,5b,06,0a,4d,a0,98,c9,97,8e,72,dc,ca,b4,29,1e,e3,39,55,39,b3,c3,cd,
62,cf,7f,79,46,d3,3b,7e,88,c9,ee,78,01,d9,e3,e6,ee,b2,6f,29,e4,d1,0d,72,4c,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\SecuROM\License information*]
"datasecu"=hex:ad,3f,e7,98,e7,3a,2c,83,62,3f,12,67,d7,39,f7,17,9d,b1,d2,a7,98,
24,d0,db,01,35,44,70,aa,65,d8,72,42,d3,a8,c7,c7,a3,bb,25,70,ee,ae,93,ab,98,\
"rkeysecu"=hex:e9,7e,56,7b,b4,fe,73,8b,8d,92,8f,e5,af,e1,cb,fa
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\IObit\Game Booster 3\gbtray.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Celkový čas: 2012-03-08 14:00:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-08 13:00
ComboFix2.txt 2012-03-07 14:03
.
Před spuštěním: Volných bajtů: 34 811 367 424
Po spuštění: Volných bajtů: 36 226 695 168
.
- - End Of File - - BBAD36753228CD95F1E31CED933AEFF0

Příspěvekod **jaro3** » 08 bře 2012 15:45

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Collect::
c:\windows\system32\drivers\nujfagsv.sys

File::
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\GameMon.des

Driver::
nujfagsv
npggsvc

Folder::
C:\found.000
c:\program files (x86)\XfireXO

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
[-HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
Firefox::
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\oj998b3z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)


RegNull::
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36D244FC-5C6C-7873-513B-B0B681DC0DFA}*]
"hankagcakhooljjp"=hex:6a,61,6c,66,68,66,64,64,70,64,67,62,66,65,67,61,61,62,
 65,68,00,01
"iahkpgoficimoobgoc"=hex:6a,61,6b,66,6d,68,68,6e,6e,6a,6e,66,6e,64,6a,61,63,61,
 70,68,00,fe

RegLock::
[HKEY_USERS\S-1-5-21-4224338070-3928157854-228781409-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36D244FC-5C6C-7873-513B-B0B681DC0DFA}*]
"hankagcakhooljjp"=hex:6a,61,6c,66,68,66,64,64,70,64,67,62,66,65,67,61,61,62,
 65,68,00,01
"iahkpgoficimoobgoc"=hex:6a,61,6b,66,6d,68,68,6e,6e,6a,6e,66,6e,64,6a,61,63,61,
 70,68,00,fe
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR

na svojí plochu.Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu , vlož sem celý obsak toho logu.

Zpomaleny notebook, prosim o kontrolu.

Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Re: Zpomaleny notebook, prosim o kontrolu.

Kdo je online