ComboFix 12-10-04.01 - Fifler 04.10.2012 21:38:33.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2967 [GMT 2:00]
Spuštěný z: c:\users\Fifler\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Fifler\AppData\Roaming\23626629image-drole-132-jpg.jpg
c:\users\Fifler\AppData\Roaming\msconfig.ini
c:\users\Fifler\AppData\Roaming\System\msiexic.exe
c:\users\Fifler\AppData\Roaming\usft_ext.dll
c:\windows\iun6002.exe
c:\windows\s.bat
c:\windows\SysWow64\SET21F5.tmp
c:\windows\SysWow64\SET39EE.tmp
c:\windows\SysWow64\SET3B2A.tmp
c:\windows\SysWow64\SET3EC5.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-04 do 2012-10-04 )))))))))))))))))))))))))))))))
.
.
2012-12-12 19:04 . 2012-09-28 19:57 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-10-04 19:45 . 2012-10-04 19:45 -------- d-----w- c:\users\etgřt\AppData\Local\temp
2012-10-04 19:45 . 2012-10-04 19:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-04 12:09 . 2012-10-04 12:09 -------- d-----w- c:\users\Fifler\AppData\Local\ElevatedDiagnostics
2012-10-04 12:05 . 2012-10-04 19:35 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\offreg.dll
2012-10-04 04:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\mpengine.dll
2012-10-02 19:08 . 2012-10-02 19:08 -------- d-----w- c:\users\Fifler\AppData\Local\SlimWare Utilities Inc
2012-10-02 18:16 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-02 14:36 . 2012-10-02 14:36 388096 ----a-r- c:\users\Fifler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-02 14:35 . 2012-10-02 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-01 17:44 . 2012-10-02 19:16 -------- d-----w- c:\program files\WhoCrashed
2012-09-30 17:50 . 2012-09-30 17:50 -------- d-----w- c:\programdata\Web Installer
2012-09-30 08:03 . 2012-08-28 07:42 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 08:03 . 2012-09-30 08:02 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{465887FB-3555-4D31-8E95-381D538A2B3E}\gapaengine.dll
2012-09-30 07:52 . 2012-09-30 07:56 -------- d-----w- c:\program files (x86)\RapidShareManager
2012-09-29 12:37 . 2012-09-29 12:37 -------- d-----w- c:\users\Fifler\AppData\Roaming\Malwarebytes
2012-09-29 12:36 . 2012-09-29 12:36 -------- d-----w- c:\programdata\Malwarebytes
2012-09-29 12:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 12:36 . 2012-09-29 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-28 20:00 . 2012-09-28 20:00 -------- d-----w- c:\users\Fifler\AppData\Roaming\FIOejERO
2012-09-28 19:22 . 2012-09-28 19:22 -------- d-----w- c:\users\Fifler\AppData\Local\Apps
2012-09-28 19:22 . 2012-10-03 17:04 -------- d-----w- c:\users\Fifler\AppData\Local\Deployment
2012-09-28 17:02 . 2012-09-28 17:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\Ufasoft
2012-09-28 17:02 . 2010-11-05 01:57 55632 ----a-w- c:\users\Fifler\AppData\Roaming\stplpfhevfcucfammws.exe
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\Extensions
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\programdata\Browser Manager
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\users\Fifler\AppData\Roaming\ExpressFiles
2012-09-27 18:23 . 2012-10-04 19:44 -------- d-sh--r- c:\users\Fifler\AppData\Roaming\System
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\programdata\ATI
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-27 15:31 . 2012-09-27 15:31 -------- d-----w- C:\AMD
2012-09-26 14:09 . 2011-12-29 08:46 59904 ----a-w- c:\windows\system32\zlib1.dll
2012-09-25 18:01 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 17:26 . 2012-09-25 17:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-sha-w- c:\users\Public\DRM
2012-09-23 14:32 . 2012-09-23 14:32 -------- d-----w- c:\programdata\RELOADED
2012-09-23 14:22 . 2012-09-23 14:32 -------- d-----w- c:\program files (x86)\Torchlight II
2012-09-23 12:09 . 2012-09-23 12:09 -------- d-----w- c:\users\Fifler\AppData\Roaming\Babylon
2012-09-23 12:09 . 2012-09-23 12:09 -------- d-----w- c:\programdata\Babylon
2012-09-23 12:08 . 2012-10-04 12:02 -------- d-----w- c:\programdata\Premium
2012-09-23 12:08 . 2012-10-04 12:03 -------- d-----w- c:\programdata\InstallMate
2012-09-23 09:10 . 2012-09-23 09:10 -------- d-----w- c:\windows\Sun
2012-09-22 19:24 . 2008-09-04 18:17 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-09-22 19:24 . 2012-09-22 19:24 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-09-22 19:15 . 2012-09-29 18:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-09-22 19:02 . 2012-09-22 19:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\PowerISO
2012-09-22 19:01 . 2012-09-22 19:01 -------- d-----w- c:\program files (x86)\PowerISO
2012-09-22 19:01 . 2012-08-24 07:56 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-09-22 13:59 . 2012-09-22 13:59 -------- d-----w- c:\program files\BitComet
2012-09-20 05:32 . 2012-09-28 08:12 -------- d-----w- c:\program files (x86)\F1 2012
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- C:\totalcmd
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- c:\users\Fifler\AppData\Roaming\GHISLER
2012-09-15 09:20 . 2012-09-15 09:23 -------- d-----w- c:\program files (x86)\Unrar
2012-09-12 12:45 . 2012-09-12 12:45 -------- d-----w- c:\users\Fifler\AppData\Local\AMD
2012-09-12 12:40 . 2012-09-27 15:35 -------- d-----w- c:\programdata\AMD
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-09-12 12:39 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-09-12 12:39 . 2012-09-12 12:39 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-09-12 12:37 . 2012-09-27 15:36 -------- d-----w- c:\program files\ATI Technologies
2012-09-12 12:35 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-12 12:35 . 2012-09-12 12:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-09-12 12:35 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-12 12:35 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-12 12:35 . 2012-09-12 12:35 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-09-12 12:35 . 2012-09-12 12:35 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-09-12 12:35 . 2012-09-12 12:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-09-12 12:35 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-12 12:35 . 2012-09-12 12:35 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-09-12 11:04 . 2012-09-12 11:05 -------- d-----w- c:\program files\Opera x64
2012-09-12 05:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 05:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 05:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:54 . 2012-09-12 04:54 -------- d-----w- c:\programdata\Codemasters
2012-09-11 17:58 . 2012-09-11 17:57 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-11 17:57 . 2012-09-11 17:57 -------- d-----w- c:\program files (x86)\Java
2012-09-11 16:36 . 2012-09-12 11:07 -------- d-----w- c:\program files (x86)\Opera Next
2012-09-11 16:33 . 2012-09-11 16:33 -------- d-----w- c:\users\Fifler\AppData\Local\Socusoft_Co.,_Ltd
2012-09-11 08:37 . 2012-09-11 08:37 -------- d-sh--w- c:\programdata\DSS
2012-09-11 08:36 . 2012-09-11 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-11 08:22 . 2012-09-11 08:22 -------- d-----w- c:\users\Fifler\AppData\Local\Origin
2012-09-11 08:20 . 2012-09-11 08:20 -------- d-----w- c:\programdata\Electronic Arts
2012-09-11 08:20 . 2012-09-22 16:32 -------- d-----w- c:\program files (x86)\Origin
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\Livestation
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Mchid
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Livestation
2012-09-10 10:15 . 2012-09-10 10:18 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:18 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-10 10:12 . 2012-09-10 10:14 -------- d-----w- c:\program files (x86)\JLC's Software
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-09-09 11:23 . 2012-09-09 11:51 -------- d-----w- c:\programdata\FarmFrenzy3_Arctica
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\users\Fifler\AppData\Local\Microsoft Help
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\programdata\Microsoft Help
2012-09-05 09:45 . 2012-10-01 15:01 -------- d-----w- c:\users\Fifler\AppData\Roaming\Origin
2012-09-05 09:44 . 2012-10-01 15:01 -------- d-----w- c:\programdata\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 09:33 . 2012-06-27 13:19 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 09:33 . 2012-06-27 13:19 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-13 04:50 . 2012-06-27 11:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-12 12:35 . 2010-08-27 19:13 1067520 ----a-w- c:\windows\system32\SET41A9.tmp
2012-09-12 12:35 . 2010-08-27 19:13 7479296 ----a-w- c:\windows\system32\SET1DF9.tmp
2012-09-12 12:35 . 2010-08-27 19:13 54784 ----a-w- c:\windows\system32\SET1B55.tmp
2012-09-11 17:57 . 2012-07-25 07:43 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-25 20:10 . 2012-08-25 20:10 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 15:56 . 2012-08-12 12:04 195296 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-08-01 22:58 . 2012-08-28 07:39 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{312DAB3D-6AF6-4CD0-B403-FE6F52DBBA2A}\mpengine.dll
2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2010-08-27 19:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2010-08-27 19:13 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2010-08-27 19:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-07-24 16:01 . 2012-07-24 16:01 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 16:01 . 2012-07-24 12:40 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:40 . 2012-07-24 12:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 13:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-23 13:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-22 11:30 . 2012-07-22 11:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-18 18:15 . 2012-08-15 15:55 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 20:07 . 2012-08-16 08:49 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-08-27 3122528]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SYSTEM32\Userinit.exe,c:\users\Fifler\AppData\Roaming\System\msiexic.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-09-28 1701400]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 116648]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
R3 ALSysIO;ALSysIO;c:\users\Fifler\AppData\Local\Temp\ALSysIO64.sys [x]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 116648]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2009-11-09 207232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-03-27 162304]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 09:33]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 17:07]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28 17:07]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job
- c:\users\Fifler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 17:07]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job
- c:\users\Fifler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 17:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-08-27 20:07 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Secure - c:\users\Fifler\AppData\Roaming\System\msiexic.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} - c:\program files (x86)\InstallShield Installation Information\{B2164CCB-C002-4B80-8550-7535D80DF237}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{0CE226F3-EB27-4ECD-BBF5-F088716779FD} - c:\program files (x86)\InstallShield Installation Information\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}\setup.exe
AddRemove-{17542DBF-E17C-4562-BC4D-FA3EF3076C45} - c:\program files (x86)\InstallShield Installation Information\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe
AddRemove-{8991E763-21F5-4DEA-A938-5D9D77DCB488} - c:\program files (x86)\InstallShield Installation Information\{8991E763-21F5-4DEA-A938-5D9D77DCB488}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} - c:\program files (x86)\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}\setup.exe
AddRemove-{DFB19121-0609-49C1-92B1-546E5A940FE8} - c:\program files (x86)\InstallShield Installation Information\{DFB19121-0609-49C1-92B1-546E5A940FE8}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2783363877-66151871-397091110-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,c2,b3,bd,be,96,1b,db,5f,e5,e0,72,d3,63,ad,cf,ea,2e,a3,e4,30,
3c,aa,87,18,fc,a9,0c,f5,e6,29,ae,26,fa,72,b8,57,e4,86,e4,f4,15,0a,52,ed,22,\
"rkeysecu"=hex:f9,ec,cb,f9,3e,79,59,f4,a0,94,80,54,40,ae,7f,ab
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-10-04 21:47:57
ComboFix-quarantined-files.txt 2012-10-04 19:47
.
Před spuštěním: Volných bajtů: 216 769 191 936
Po spuštění: Volných bajtů: 216 446 668 800
.
- - End Of File - - 71B212C27BE90D20A0DBD698F3AD9C69
Zpomaleny ntb Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomaleny ntb
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\SYSTEM32\Userinit.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
Collect::
c:\users\Fifler\AppData\Roaming\FIOejERO
c:\users\Fifler\AppData\Roaming\stplpfhevfcucfammws.exe
File::
c:\windows\system32\SET41A9.tmp
c:\windows\system32\SET1DF9.tmp
c:\windows\system32\SET1B55.tmp
c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job
Folder::
c:\users\Fifler\AppData\Roaming\Babylon
c:\programdata\Babylon
c:\program files (x86)\Google\Update
c:\program files (x86)\Skype\Updater
c:\users\Fifler\AppData\Local\Google\Update
DirLook::
c:\program files (x86)\Unrar
Driver::
gupdate
SkypeUpdate
gupdatem
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\SYSTEM32\Userinit.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomaleny ntb
ComboFix 12-10-04.01 - Fifler 05.10.2012 11:47:47.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2677 [GMT 2:00]
Spuštěný z: c:\users\Fifler\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Fifler\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll"
"c:\windows\system32\SET1B55.tmp"
"c:\windows\system32\SET1DF9.tmp"
"c:\windows\system32\SET41A9.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.123\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.123\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.123\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{DD5A779F-5642-40EB-8129-8F633E05DEAD}\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\Babylon
c:\users\Fifler\AppData\Local\Google\Update
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\Fifler\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\Fifler\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\22.0.1229.79\22.0.1229.79_21.0.1180.89_chrome_updater.exe
c:\users\Fifler\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\Fifler\AppData\Roaming\Babylon
c:\users\Fifler\AppData\Roaming\Babylon\log_file.txt
c:\users\Fifler\AppData\Roaming\stplpfhevfcucfammws.exe
c:\windows\system32\SET1B55.tmp
c:\windows\system32\SET1DF9.tmp
c:\windows\system32\SET41A9.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-05 do 2012-10-05 )))))))))))))))))))))))))))))))
.
.
2012-12-12 19:04 . 2012-09-28 19:57 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-10-05 09:57 . 2012-10-05 09:57 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\offreg.dll
2012-10-05 09:55 . 2012-10-05 09:55 -------- d-----w- c:\users\etgřt\AppData\Local\temp
2012-10-05 09:55 . 2012-10-05 09:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-04 12:09 . 2012-10-04 12:09 -------- d-----w- c:\users\Fifler\AppData\Local\ElevatedDiagnostics
2012-10-04 04:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\mpengine.dll
2012-10-02 19:08 . 2012-10-02 19:08 -------- d-----w- c:\users\Fifler\AppData\Local\SlimWare Utilities Inc
2012-10-02 18:16 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-02 14:36 . 2012-10-02 14:36 388096 ----a-r- c:\users\Fifler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-02 14:35 . 2012-10-02 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-01 17:44 . 2012-10-02 19:16 -------- d-----w- c:\program files\WhoCrashed
2012-09-30 17:50 . 2012-09-30 17:50 -------- d-----w- c:\programdata\Web Installer
2012-09-30 08:03 . 2012-08-28 07:42 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 08:03 . 2012-09-30 08:02 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{465887FB-3555-4D31-8E95-381D538A2B3E}\gapaengine.dll
2012-09-30 07:52 . 2012-09-30 07:56 -------- d-----w- c:\program files (x86)\RapidShareManager
2012-09-29 12:37 . 2012-09-29 12:37 -------- d-----w- c:\users\Fifler\AppData\Roaming\Malwarebytes
2012-09-29 12:36 . 2012-09-29 12:36 -------- d-----w- c:\programdata\Malwarebytes
2012-09-29 12:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 12:36 . 2012-09-29 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-28 20:00 . 2012-09-28 20:00 -------- d-----w- c:\users\Fifler\AppData\Roaming\FIOejERO
2012-09-28 19:22 . 2012-09-28 19:22 -------- d-----w- c:\users\Fifler\AppData\Local\Apps
2012-09-28 19:22 . 2012-10-03 17:04 -------- d-----w- c:\users\Fifler\AppData\Local\Deployment
2012-09-28 17:02 . 2012-09-28 17:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\Ufasoft
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\Extensions
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\programdata\Browser Manager
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\users\Fifler\AppData\Roaming\ExpressFiles
2012-09-27 18:23 . 2012-10-04 19:44 -------- d-sh--r- c:\users\Fifler\AppData\Roaming\System
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\programdata\ATI
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-27 15:31 . 2012-09-27 15:31 -------- d-----w- C:\AMD
2012-09-26 14:09 . 2011-12-29 08:46 59904 ----a-w- c:\windows\system32\zlib1.dll
2012-09-25 18:01 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 17:26 . 2012-09-25 17:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-sha-w- c:\users\Public\DRM
2012-09-23 14:32 . 2012-09-23 14:32 -------- d-----w- c:\programdata\RELOADED
2012-09-23 14:22 . 2012-09-23 14:32 -------- d-----w- c:\program files (x86)\Torchlight II
2012-09-23 12:08 . 2012-10-04 12:02 -------- d-----w- c:\programdata\Premium
2012-09-23 12:08 . 2012-10-04 12:03 -------- d-----w- c:\programdata\InstallMate
2012-09-23 09:10 . 2012-09-23 09:10 -------- d-----w- c:\windows\Sun
2012-09-22 19:24 . 2008-09-04 18:17 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-09-22 19:24 . 2012-09-22 19:24 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-09-22 19:15 . 2012-09-29 18:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-09-22 19:02 . 2012-09-22 19:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\PowerISO
2012-09-22 19:01 . 2012-09-22 19:01 -------- d-----w- c:\program files (x86)\PowerISO
2012-09-22 19:01 . 2012-08-24 07:56 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-09-22 13:59 . 2012-09-22 13:59 -------- d-----w- c:\program files\BitComet
2012-09-20 05:32 . 2012-09-28 08:12 -------- d-----w- c:\program files (x86)\F1 2012
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- C:\totalcmd
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- c:\users\Fifler\AppData\Roaming\GHISLER
2012-09-15 09:20 . 2012-09-15 09:23 -------- d-----w- c:\program files (x86)\Unrar
2012-09-12 12:45 . 2012-09-12 12:45 -------- d-----w- c:\users\Fifler\AppData\Local\AMD
2012-09-12 12:40 . 2012-09-27 15:35 -------- d-----w- c:\programdata\AMD
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-09-12 12:39 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-09-12 12:39 . 2012-09-12 12:39 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-09-12 12:37 . 2012-09-27 15:36 -------- d-----w- c:\program files\ATI Technologies
2012-09-12 12:35 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-12 12:35 . 2012-09-12 12:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-09-12 12:35 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-12 12:35 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-12 12:35 . 2012-09-12 12:35 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-09-12 12:35 . 2012-09-12 12:35 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-09-12 12:35 . 2012-09-12 12:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-09-12 12:35 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-12 12:35 . 2012-09-12 12:35 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-09-12 11:04 . 2012-09-12 11:05 -------- d-----w- c:\program files\Opera x64
2012-09-12 05:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 05:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 05:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:54 . 2012-09-12 04:54 -------- d-----w- c:\programdata\Codemasters
2012-09-11 17:58 . 2012-09-11 17:57 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-11 17:57 . 2012-09-11 17:57 -------- d-----w- c:\program files (x86)\Java
2012-09-11 16:36 . 2012-09-12 11:07 -------- d-----w- c:\program files (x86)\Opera Next
2012-09-11 16:33 . 2012-09-11 16:33 -------- d-----w- c:\users\Fifler\AppData\Local\Socusoft_Co.,_Ltd
2012-09-11 08:37 . 2012-09-11 08:37 -------- d-sh--w- c:\programdata\DSS
2012-09-11 08:36 . 2012-09-11 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-11 08:22 . 2012-09-11 08:22 -------- d-----w- c:\users\Fifler\AppData\Local\Origin
2012-09-11 08:20 . 2012-09-11 08:20 -------- d-----w- c:\programdata\Electronic Arts
2012-09-11 08:20 . 2012-09-22 16:32 -------- d-----w- c:\program files (x86)\Origin
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\Livestation
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Mchid
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Livestation
2012-09-10 10:15 . 2012-09-10 10:18 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:18 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-10 10:12 . 2012-09-10 10:14 -------- d-----w- c:\program files (x86)\JLC's Software
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-09-09 11:23 . 2012-09-09 11:51 -------- d-----w- c:\programdata\FarmFrenzy3_Arctica
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\users\Fifler\AppData\Local\Microsoft Help
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\programdata\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 09:33 . 2012-06-27 13:19 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 09:33 . 2012-06-27 13:19 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-13 04:50 . 2012-06-27 11:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-11 17:57 . 2012-07-25 07:43 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-25 20:10 . 2012-08-25 20:10 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 15:56 . 2012-08-12 12:04 195296 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-08-01 22:58 . 2012-08-28 07:39 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{312DAB3D-6AF6-4CD0-B403-FE6F52DBBA2A}\mpengine.dll
2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2010-08-27 19:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2010-08-27 19:13 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2010-08-27 19:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-07-24 16:01 . 2012-07-24 16:01 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 16:01 . 2012-07-24 12:40 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:40 . 2012-07-24 12:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 13:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-23 13:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-22 11:30 . 2012-07-22 11:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-18 18:15 . 2012-08-15 15:55 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files (x86)\Unrar ----
.
2012-09-15 09:23 . 2012-09-11 11:59 8144067 ----a-w- c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar
2012-09-15 09:20 . 2012-01-09 17:43 266240 ----a-w- c:\program files (x86)\Unrar\UnRAR.exe
2012-09-15 09:20 . 2006-04-04 21:10 1509 ----a-w- c:\program files (x86)\Unrar\license.txt
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-08-27 3122528]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SYSTEM32\Userinit.exe,c:\users\Fifler\AppData\Roaming\System\msiexic.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
R3 ALSysIO;ALSysIO;c:\users\Fifler\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-09-28 1701400]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-03-27 162304]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 09:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-08-27 20:07 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} - c:\program files (x86)\InstallShield Installation Information\{B2164CCB-C002-4B80-8550-7535D80DF237}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{0CE226F3-EB27-4ECD-BBF5-F088716779FD} - c:\program files (x86)\InstallShield Installation Information\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}\setup.exe
AddRemove-{17542DBF-E17C-4562-BC4D-FA3EF3076C45} - c:\program files (x86)\InstallShield Installation Information\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe
AddRemove-{8991E763-21F5-4DEA-A938-5D9D77DCB488} - c:\program files (x86)\InstallShield Installation Information\{8991E763-21F5-4DEA-A938-5D9D77DCB488}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} - c:\program files (x86)\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}\setup.exe
AddRemove-{DFB19121-0609-49C1-92B1-546E5A940FE8} - c:\program files (x86)\InstallShield Installation Information\{DFB19121-0609-49C1-92B1-546E5A940FE8}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2783363877-66151871-397091110-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,c2,b3,bd,be,96,1b,db,5f,e5,e0,72,d3,63,ad,cf,ea,2e,a3,e4,30,
3c,aa,87,18,fc,a9,0c,f5,e6,29,ae,26,fa,72,b8,57,e4,86,e4,f4,15,0a,52,ed,22,\
"rkeysecu"=hex:f9,ec,cb,f9,3e,79,59,f4,a0,94,80,54,40,ae,7f,ab
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2012-10-05 12:02:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-05 10:02
ComboFix2.txt 2012-10-04 19:47
.
Před spuštěním: Volných bajtů: 216 445 190 144
Po spuštění: Volných bajtů: 216 254 558 208
.
- - End Of File - - 4509A80A64B629D9E39DD56A0A2C77CD
Nahr nˇ probŘhlo ŁspŘçnŘ
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2677 [GMT 2:00]
Spuštěný z: c:\users\Fifler\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Fifler\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll"
"c:\windows\system32\SET1B55.tmp"
"c:\windows\system32\SET1DF9.tmp"
"c:\windows\system32\SET41A9.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\BROWSE~1\22643~1.41\{16CDF~1\browsemngr.dll
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.123\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.123\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.123\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{DD5A779F-5642-40EB-8129-8F633E05DEAD}\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\Babylon
c:\users\Fifler\AppData\Local\Google\Update
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\Fifler\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\Fifler\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\Fifler\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\22.0.1229.79\22.0.1229.79_21.0.1180.89_chrome_updater.exe
c:\users\Fifler\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\Fifler\AppData\Roaming\Babylon
c:\users\Fifler\AppData\Roaming\Babylon\log_file.txt
c:\users\Fifler\AppData\Roaming\stplpfhevfcucfammws.exe
c:\windows\system32\SET1B55.tmp
c:\windows\system32\SET1DF9.tmp
c:\windows\system32\SET41A9.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2783363877-66151871-397091110-1000UA.job
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-05 do 2012-10-05 )))))))))))))))))))))))))))))))
.
.
2012-12-12 19:04 . 2012-09-28 19:57 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-10-05 09:57 . 2012-10-05 09:57 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\offreg.dll
2012-10-05 09:55 . 2012-10-05 09:55 -------- d-----w- c:\users\etgřt\AppData\Local\temp
2012-10-05 09:55 . 2012-10-05 09:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-04 12:09 . 2012-10-04 12:09 -------- d-----w- c:\users\Fifler\AppData\Local\ElevatedDiagnostics
2012-10-04 04:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8EB99E6C-D4EC-46AB-8187-0AB18966EE89}\mpengine.dll
2012-10-02 19:08 . 2012-10-02 19:08 -------- d-----w- c:\users\Fifler\AppData\Local\SlimWare Utilities Inc
2012-10-02 18:16 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-02 14:36 . 2012-10-02 14:36 388096 ----a-r- c:\users\Fifler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-02 14:35 . 2012-10-02 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-01 17:44 . 2012-10-02 19:16 -------- d-----w- c:\program files\WhoCrashed
2012-09-30 17:50 . 2012-09-30 17:50 -------- d-----w- c:\programdata\Web Installer
2012-09-30 08:03 . 2012-08-28 07:42 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 08:03 . 2012-09-30 08:02 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{465887FB-3555-4D31-8E95-381D538A2B3E}\gapaengine.dll
2012-09-30 07:52 . 2012-09-30 07:56 -------- d-----w- c:\program files (x86)\RapidShareManager
2012-09-29 12:37 . 2012-09-29 12:37 -------- d-----w- c:\users\Fifler\AppData\Roaming\Malwarebytes
2012-09-29 12:36 . 2012-09-29 12:36 -------- d-----w- c:\programdata\Malwarebytes
2012-09-29 12:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 12:36 . 2012-09-29 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-28 20:00 . 2012-09-28 20:00 -------- d-----w- c:\users\Fifler\AppData\Roaming\FIOejERO
2012-09-28 19:22 . 2012-09-28 19:22 -------- d-----w- c:\users\Fifler\AppData\Local\Apps
2012-09-28 19:22 . 2012-10-03 17:04 -------- d-----w- c:\users\Fifler\AppData\Local\Deployment
2012-09-28 17:02 . 2012-09-28 17:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\Ufasoft
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\Extensions
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\programdata\Browser Manager
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\users\Fifler\AppData\Roaming\ExpressFiles
2012-09-27 18:23 . 2012-10-04 19:44 -------- d-sh--r- c:\users\Fifler\AppData\Roaming\System
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\programdata\ATI
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-27 15:31 . 2012-09-27 15:31 -------- d-----w- C:\AMD
2012-09-26 14:09 . 2011-12-29 08:46 59904 ----a-w- c:\windows\system32\zlib1.dll
2012-09-25 18:01 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 17:26 . 2012-09-25 17:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-sha-w- c:\users\Public\DRM
2012-09-23 14:32 . 2012-09-23 14:32 -------- d-----w- c:\programdata\RELOADED
2012-09-23 14:22 . 2012-09-23 14:32 -------- d-----w- c:\program files (x86)\Torchlight II
2012-09-23 12:08 . 2012-10-04 12:02 -------- d-----w- c:\programdata\Premium
2012-09-23 12:08 . 2012-10-04 12:03 -------- d-----w- c:\programdata\InstallMate
2012-09-23 09:10 . 2012-09-23 09:10 -------- d-----w- c:\windows\Sun
2012-09-22 19:24 . 2008-09-04 18:17 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-09-22 19:24 . 2012-09-22 19:24 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-09-22 19:15 . 2012-09-29 18:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-09-22 19:02 . 2012-09-22 19:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\PowerISO
2012-09-22 19:01 . 2012-09-22 19:01 -------- d-----w- c:\program files (x86)\PowerISO
2012-09-22 19:01 . 2012-08-24 07:56 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-09-22 13:59 . 2012-09-22 13:59 -------- d-----w- c:\program files\BitComet
2012-09-20 05:32 . 2012-09-28 08:12 -------- d-----w- c:\program files (x86)\F1 2012
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- C:\totalcmd
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- c:\users\Fifler\AppData\Roaming\GHISLER
2012-09-15 09:20 . 2012-09-15 09:23 -------- d-----w- c:\program files (x86)\Unrar
2012-09-12 12:45 . 2012-09-12 12:45 -------- d-----w- c:\users\Fifler\AppData\Local\AMD
2012-09-12 12:40 . 2012-09-27 15:35 -------- d-----w- c:\programdata\AMD
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-09-12 12:39 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-09-12 12:39 . 2012-09-12 12:39 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-09-12 12:37 . 2012-09-27 15:36 -------- d-----w- c:\program files\ATI Technologies
2012-09-12 12:35 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-12 12:35 . 2012-09-12 12:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-09-12 12:35 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-12 12:35 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-12 12:35 . 2012-09-12 12:35 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-09-12 12:35 . 2012-09-12 12:35 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-09-12 12:35 . 2012-09-12 12:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-09-12 12:35 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-12 12:35 . 2012-09-12 12:35 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-09-12 11:04 . 2012-09-12 11:05 -------- d-----w- c:\program files\Opera x64
2012-09-12 05:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 05:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 05:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:54 . 2012-09-12 04:54 -------- d-----w- c:\programdata\Codemasters
2012-09-11 17:58 . 2012-09-11 17:57 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-11 17:57 . 2012-09-11 17:57 -------- d-----w- c:\program files (x86)\Java
2012-09-11 16:36 . 2012-09-12 11:07 -------- d-----w- c:\program files (x86)\Opera Next
2012-09-11 16:33 . 2012-09-11 16:33 -------- d-----w- c:\users\Fifler\AppData\Local\Socusoft_Co.,_Ltd
2012-09-11 08:37 . 2012-09-11 08:37 -------- d-sh--w- c:\programdata\DSS
2012-09-11 08:36 . 2012-09-11 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-11 08:22 . 2012-09-11 08:22 -------- d-----w- c:\users\Fifler\AppData\Local\Origin
2012-09-11 08:20 . 2012-09-11 08:20 -------- d-----w- c:\programdata\Electronic Arts
2012-09-11 08:20 . 2012-09-22 16:32 -------- d-----w- c:\program files (x86)\Origin
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\Livestation
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Mchid
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Livestation
2012-09-10 10:15 . 2012-09-10 10:18 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:18 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-10 10:12 . 2012-09-10 10:14 -------- d-----w- c:\program files (x86)\JLC's Software
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-09-09 11:23 . 2012-09-09 11:51 -------- d-----w- c:\programdata\FarmFrenzy3_Arctica
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\users\Fifler\AppData\Local\Microsoft Help
2012-09-06 15:54 . 2012-09-06 15:54 -------- d-----w- c:\programdata\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 09:33 . 2012-06-27 13:19 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 09:33 . 2012-06-27 13:19 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-13 04:50 . 2012-06-27 11:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-11 17:57 . 2012-07-25 07:43 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-25 20:10 . 2012-08-25 20:10 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 15:56 . 2012-08-12 12:04 195296 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-08-01 22:58 . 2012-08-28 07:39 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{312DAB3D-6AF6-4CD0-B403-FE6F52DBBA2A}\mpengine.dll
2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2010-08-27 19:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2010-08-27 19:13 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2010-08-27 19:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-07-24 16:01 . 2012-07-24 16:01 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 16:01 . 2012-07-24 12:40 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:40 . 2012-07-24 12:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 13:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-23 13:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-22 11:30 . 2012-07-22 11:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-18 18:15 . 2012-08-15 15:55 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files (x86)\Unrar ----
.
2012-09-15 09:23 . 2012-09-11 11:59 8144067 ----a-w- c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar
2012-09-15 09:20 . 2012-01-09 17:43 266240 ----a-w- c:\program files (x86)\Unrar\UnRAR.exe
2012-09-15 09:20 . 2006-04-04 21:10 1509 ----a-w- c:\program files (x86)\Unrar\license.txt
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-08-27 3122528]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SYSTEM32\Userinit.exe,c:\users\Fifler\AppData\Roaming\System\msiexic.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
R3 ALSysIO;ALSysIO;c:\users\Fifler\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-09-28 1701400]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-03-27 162304]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 09:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-08-27 20:07 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} - c:\program files (x86)\InstallShield Installation Information\{B2164CCB-C002-4B80-8550-7535D80DF237}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{0CE226F3-EB27-4ECD-BBF5-F088716779FD} - c:\program files (x86)\InstallShield Installation Information\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}\setup.exe
AddRemove-{17542DBF-E17C-4562-BC4D-FA3EF3076C45} - c:\program files (x86)\InstallShield Installation Information\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe
AddRemove-{8991E763-21F5-4DEA-A938-5D9D77DCB488} - c:\program files (x86)\InstallShield Installation Information\{8991E763-21F5-4DEA-A938-5D9D77DCB488}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} - c:\program files (x86)\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}\setup.exe
AddRemove-{DFB19121-0609-49C1-92B1-546E5A940FE8} - c:\program files (x86)\InstallShield Installation Information\{DFB19121-0609-49C1-92B1-546E5A940FE8}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2783363877-66151871-397091110-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,c2,b3,bd,be,96,1b,db,5f,e5,e0,72,d3,63,ad,cf,ea,2e,a3,e4,30,
3c,aa,87,18,fc,a9,0c,f5,e6,29,ae,26,fa,72,b8,57,e4,86,e4,f4,15,0a,52,ed,22,\
"rkeysecu"=hex:f9,ec,cb,f9,3e,79,59,f4,a0,94,80,54,40,ae,7f,ab
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2012-10-05 12:02:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-05 10:02
ComboFix2.txt 2012-10-04 19:47
.
Před spuštěním: Volných bajtů: 216 445 190 144
Po spuštění: Volných bajtů: 216 254 558 208
.
- - End Of File - - 4509A80A64B629D9E39DD56A0A2C77CD
Nahr nˇ probŘhlo ŁspŘçnŘ
Re: Zpomaleny ntb
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:47, on 5.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8208 bytes
Scan saved at 12:05:47, on 5.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8208 bytes
Re: Zpomaleny ntb
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-05 12:07:05
-----------------------------
12:07:05.920 OS Version: Windows x64 6.1.7601 Service Pack 1
12:07:05.920 Number of processors: 4 586 0x503
12:07:05.920 ComputerName: FIFLER-PC UserName: Fifler
12:07:08.557 Initialize success
12:07:11.751 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:07:11.751 Disk 0 Vendor: WDC_WD5000BEVT-24A0RT0 01.01A02 Size: 476940MB BusType: 11
12:07:12.094 Disk 0 MBR read successfully
12:07:12.094 Disk 0 MBR scan
12:07:12.094 Disk 0 Windows 7 default MBR code
12:07:12.141 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
12:07:12.156 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
12:07:12.156 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
12:07:12.188 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
12:07:12.219 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
12:07:12.250 Disk 0 scanning C:\windows\system32\drivers
12:07:19.395 Service scanning
12:07:51.281 Modules scanning
12:07:51.281 Disk 0 trace - called modules:
12:07:51.312 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:07:51.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800468e790]
12:07:51.328 3 CLASSPNP.SYS[fffff8800184043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004696680]
12:07:51.328 Scan finished successfully
12:08:25.118 Disk 0 MBR has been saved successfully to "C:\Users\Fifler\Desktop\MBR.dat"
12:08:25.133 The log file has been saved successfully to "C:\Users\Fifler\Desktop\aswMBR.txt"
Run date: 2012-10-05 12:07:05
-----------------------------
12:07:05.920 OS Version: Windows x64 6.1.7601 Service Pack 1
12:07:05.920 Number of processors: 4 586 0x503
12:07:05.920 ComputerName: FIFLER-PC UserName: Fifler
12:07:08.557 Initialize success
12:07:11.751 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:07:11.751 Disk 0 Vendor: WDC_WD5000BEVT-24A0RT0 01.01A02 Size: 476940MB BusType: 11
12:07:12.094 Disk 0 MBR read successfully
12:07:12.094 Disk 0 MBR scan
12:07:12.094 Disk 0 Windows 7 default MBR code
12:07:12.141 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
12:07:12.156 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
12:07:12.156 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
12:07:12.188 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
12:07:12.219 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
12:07:12.250 Disk 0 scanning C:\windows\system32\drivers
12:07:19.395 Service scanning
12:07:51.281 Modules scanning
12:07:51.281 Disk 0 trace - called modules:
12:07:51.312 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:07:51.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800468e790]
12:07:51.328 3 CLASSPNP.SYS[fffff8800184043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004696680]
12:07:51.328 Scan finished successfully
12:08:25.118 Disk 0 MBR has been saved successfully to "C:\Users\Fifler\Desktop\MBR.dat"
12:08:25.133 The log file has been saved successfully to "C:\Users\Fifler\Desktop\aswMBR.txt"
Re: Zpomaleny ntb
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Fifler [Práva správce]
Mód : Kontrola -- Datum : 10/05/2012 12:25:28
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] browsemngr.exe -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -> SMAZÁNO [TermProc]
[SUSP PATH] browsemngr.exe -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[SHELL][SUSP PATH] HKLM\[...]\Wow6432Node\Winlogon : Userinit (C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 ATA Device +++++
--- User ---
[MBR] 2f3cf516e321bd3496098496ff7fe3e5
[BSP] 105fc8d8504b9c7eb316df353b706e55 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Fifler [Práva správce]
Mód : Kontrola -- Datum : 10/05/2012 12:25:28
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] browsemngr.exe -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -> SMAZÁNO [TermProc]
[SUSP PATH] browsemngr.exe -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[SHELL][SUSP PATH] HKLM\[...]\Wow6432Node\Winlogon : Userinit (C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-24A0RT0 ATA Device +++++
--- User ---
[MBR] 2f3cf516e321bd3496098496ff7fe3e5
[BSP] 105fc8d8504b9c7eb316df353b706e55 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomaleny ntb
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
KillAll::
File::
c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar
Folder::
c:\users\Fifler\AppData\Roaming\FIOejEROZvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomaleny ntb
ComboFix 12-10-04.01 - Fifler 07.10.2012 19:48:24.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2693 [GMT 2:00]
Spuštěný z: c:\users\Fifler\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Fifler\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar
c:\users\Fifler\AppData\Roaming\FIOejERO
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-07 do 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-12-12 19:04 . 2012-09-28 19:57 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-10-04 12:09 . 2012-10-04 12:09 -------- d-----w- c:\users\Fifler\AppData\Local\ElevatedDiagnostics
2012-10-02 19:08 . 2012-10-02 19:08 -------- d-----w- c:\users\Fifler\AppData\Local\SlimWare Utilities Inc
2012-10-02 14:36 . 2012-10-02 14:36 388096 ----a-r- c:\users\Fifler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-02 14:35 . 2012-10-02 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-01 17:44 . 2012-10-02 19:16 -------- d-----w- c:\program files\WhoCrashed
2012-09-30 17:50 . 2012-09-30 17:50 -------- d-----w- c:\programdata\Web Installer
2012-09-30 08:03 . 2012-09-30 08:02 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 07:52 . 2012-09-30 07:56 -------- d-----w- c:\program files (x86)\RapidShareManager
2012-09-29 12:37 . 2012-09-29 12:37 -------- d-----w- c:\users\Fifler\AppData\Roaming\Malwarebytes
2012-09-29 12:36 . 2012-09-29 12:36 -------- d-----w- c:\programdata\Malwarebytes
2012-09-29 12:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 12:36 . 2012-09-29 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-28 19:22 . 2012-09-28 19:22 -------- d-----w- c:\users\Fifler\AppData\Local\Apps
2012-09-28 19:22 . 2012-10-03 17:04 -------- d-----w- c:\users\Fifler\AppData\Local\Deployment
2012-09-28 17:02 . 2012-09-28 17:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\Ufasoft
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\Extensions
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\programdata\Browser Manager
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\users\Fifler\AppData\Roaming\ExpressFiles
2012-09-27 18:23 . 2012-10-04 19:44 -------- d-sh--r- c:\users\Fifler\AppData\Roaming\System
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\programdata\ATI
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-27 15:31 . 2012-09-27 15:31 -------- d-----w- C:\AMD
2012-09-26 14:09 . 2011-12-29 08:46 59904 ----a-w- c:\windows\system32\zlib1.dll
2012-09-25 18:01 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 17:26 . 2012-09-25 17:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-sha-w- c:\users\Public\DRM
2012-09-23 14:32 . 2012-09-23 14:32 -------- d-----w- c:\programdata\RELOADED
2012-09-23 14:22 . 2012-09-23 14:32 -------- d-----w- c:\program files (x86)\Torchlight II
2012-09-23 12:08 . 2012-10-04 12:02 -------- d-----w- c:\programdata\Premium
2012-09-23 12:08 . 2012-10-04 12:03 -------- d-----w- c:\programdata\InstallMate
2012-09-23 09:10 . 2012-09-23 09:10 -------- d-----w- c:\windows\Sun
2012-09-22 19:24 . 2008-09-04 18:17 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-09-22 19:24 . 2012-09-22 19:24 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-09-22 19:15 . 2012-09-29 18:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-09-22 19:02 . 2012-09-22 19:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\PowerISO
2012-09-22 19:01 . 2012-09-22 19:01 -------- d-----w- c:\program files (x86)\PowerISO
2012-09-22 19:01 . 2012-08-24 07:56 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-09-22 13:59 . 2012-09-22 13:59 -------- d-----w- c:\program files\BitComet
2012-09-20 05:32 . 2012-09-28 08:12 -------- d-----w- c:\program files (x86)\F1 2012
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- C:\totalcmd
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- c:\users\Fifler\AppData\Roaming\GHISLER
2012-09-15 09:20 . 2012-10-07 17:55 -------- d-----w- c:\program files (x86)\Unrar
2012-09-12 12:45 . 2012-09-12 12:45 -------- d-----w- c:\users\Fifler\AppData\Local\AMD
2012-09-12 12:40 . 2012-09-27 15:35 -------- d-----w- c:\programdata\AMD
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-09-12 12:39 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-09-12 12:39 . 2012-09-12 12:39 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-09-12 12:37 . 2012-09-27 15:36 -------- d-----w- c:\program files\ATI Technologies
2012-09-12 12:35 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-12 12:35 . 2012-09-12 12:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-09-12 12:35 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-12 12:35 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-12 12:35 . 2012-09-12 12:35 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-09-12 12:35 . 2012-09-12 12:35 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-09-12 12:35 . 2012-09-12 12:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-09-12 12:35 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-12 12:35 . 2012-09-12 12:35 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-09-12 11:04 . 2012-09-12 11:05 -------- d-----w- c:\program files\Opera x64
2012-09-12 05:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 05:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 05:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:54 . 2012-09-12 04:54 -------- d-----w- c:\programdata\Codemasters
2012-09-11 17:58 . 2012-09-11 17:57 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-11 17:57 . 2012-09-11 17:57 -------- d-----w- c:\program files (x86)\Java
2012-09-11 16:36 . 2012-09-12 11:07 -------- d-----w- c:\program files (x86)\Opera Next
2012-09-11 16:33 . 2012-09-11 16:33 -------- d-----w- c:\users\Fifler\AppData\Local\Socusoft_Co.,_Ltd
2012-09-11 08:37 . 2012-09-11 08:37 -------- d-sh--w- c:\programdata\DSS
2012-09-11 08:36 . 2012-09-11 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-11 08:22 . 2012-09-11 08:22 -------- d-----w- c:\users\Fifler\AppData\Local\Origin
2012-09-11 08:20 . 2012-09-11 08:20 -------- d-----w- c:\programdata\Electronic Arts
2012-09-11 08:20 . 2012-09-22 16:32 -------- d-----w- c:\program files (x86)\Origin
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\Livestation
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Mchid
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Livestation
2012-09-10 10:15 . 2012-09-10 10:18 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:18 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-10 10:12 . 2012-09-10 10:14 -------- d-----w- c:\program files (x86)\JLC's Software
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-09-09 11:23 . 2012-09-09 11:51 -------- d-----w- c:\programdata\FarmFrenzy3_Arctica
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 09:33 . 2012-06-27 13:19 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 09:33 . 2012-06-27 13:19 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-13 04:50 . 2012-06-27 11:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-11 17:57 . 2012-07-25 07:43 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-25 20:10 . 2012-08-25 20:10 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 15:56 . 2012-08-12 12:04 195296 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-08-01 22:58 . 2012-08-28 07:39 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{312DAB3D-6AF6-4CD0-B403-FE6F52DBBA2A}\mpengine.dll
2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2010-08-27 19:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2010-08-27 19:13 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2010-08-27 19:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-07-24 16:01 . 2012-07-24 16:01 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 16:01 . 2012-07-24 12:40 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:40 . 2012-07-24 12:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 13:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-23 13:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-22 11:30 . 2012-07-22 11:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-18 18:15 . 2012-08-15 15:55 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-08-27 3122528]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SYSTEM32\Userinit.exe,c:\users\Fifler\AppData\Roaming\System\msiexic.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
R3 ALSysIO;ALSysIO;c:\users\Fifler\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-09-28 1701400]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-03-27 162304]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 09:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-08-27 20:07 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} - c:\program files (x86)\InstallShield Installation Information\{B2164CCB-C002-4B80-8550-7535D80DF237}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{0CE226F3-EB27-4ECD-BBF5-F088716779FD} - c:\program files (x86)\InstallShield Installation Information\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}\setup.exe
AddRemove-{17542DBF-E17C-4562-BC4D-FA3EF3076C45} - c:\program files (x86)\InstallShield Installation Information\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe
AddRemove-{8991E763-21F5-4DEA-A938-5D9D77DCB488} - c:\program files (x86)\InstallShield Installation Information\{8991E763-21F5-4DEA-A938-5D9D77DCB488}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} - c:\program files (x86)\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}\setup.exe
AddRemove-{DFB19121-0609-49C1-92B1-546E5A940FE8} - c:\program files (x86)\InstallShield Installation Information\{DFB19121-0609-49C1-92B1-546E5A940FE8}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2783363877-66151871-397091110-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,c2,b3,bd,be,96,1b,db,5f,e5,e0,72,d3,63,ad,cf,ea,2e,a3,e4,30,
3c,aa,87,18,fc,a9,0c,f5,e6,29,ae,26,fa,72,b8,57,e4,86,e4,f4,15,0a,52,ed,22,\
"rkeysecu"=hex:f9,ec,cb,f9,3e,79,59,f4,a0,94,80,54,40,ae,7f,ab
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2012-10-07 20:02:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-07 18:02
ComboFix2.txt 2012-10-05 10:04
ComboFix3.txt 2012-10-04 19:47
.
Před spuštěním: Volných bajtů: 213 496 188 928
Po spuštění: Volných bajtů: 213 182 681 088
.
- - End Of File - - 337FC15B0F5AB95738B69C1A28831F80
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4091.2693 [GMT 2:00]
Spuštěný z: c:\users\Fifler\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Fifler\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Unrar\FIFA 12 KEYGEN Serial + Crack 2011for PC PS3 XBOX 360.rar
c:\users\Fifler\AppData\Roaming\FIOejERO
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-07 do 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-12-12 19:04 . 2012-09-28 19:57 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-10-04 12:09 . 2012-10-04 12:09 -------- d-----w- c:\users\Fifler\AppData\Local\ElevatedDiagnostics
2012-10-02 19:08 . 2012-10-02 19:08 -------- d-----w- c:\users\Fifler\AppData\Local\SlimWare Utilities Inc
2012-10-02 14:36 . 2012-10-02 14:36 388096 ----a-r- c:\users\Fifler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-02 14:35 . 2012-10-02 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-01 17:44 . 2012-10-02 19:16 -------- d-----w- c:\program files\WhoCrashed
2012-09-30 17:50 . 2012-09-30 17:50 -------- d-----w- c:\programdata\Web Installer
2012-09-30 08:03 . 2012-09-30 08:02 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-30 07:52 . 2012-09-30 07:56 -------- d-----w- c:\program files (x86)\RapidShareManager
2012-09-29 12:37 . 2012-09-29 12:37 -------- d-----w- c:\users\Fifler\AppData\Roaming\Malwarebytes
2012-09-29 12:36 . 2012-09-29 12:36 -------- d-----w- c:\programdata\Malwarebytes
2012-09-29 12:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-29 12:36 . 2012-09-29 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-28 19:22 . 2012-09-28 19:22 -------- d-----w- c:\users\Fifler\AppData\Local\Apps
2012-09-28 19:22 . 2012-10-03 17:04 -------- d-----w- c:\users\Fifler\AppData\Local\Deployment
2012-09-28 17:02 . 2012-09-28 17:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\Ufasoft
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\windows\SysWow64\Extensions
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\programdata\Browser Manager
2012-09-28 16:39 . 2012-09-28 16:39 -------- d-----w- c:\users\Fifler\AppData\Roaming\ExpressFiles
2012-09-27 18:23 . 2012-10-04 19:44 -------- d-sh--r- c:\users\Fifler\AppData\Roaming\System
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\programdata\ATI
2012-09-27 15:36 . 2012-09-27 15:36 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-27 15:31 . 2012-09-27 15:31 -------- d-----w- C:\AMD
2012-09-26 14:09 . 2011-12-29 08:46 59904 ----a-w- c:\windows\system32\zlib1.dll
2012-09-25 18:01 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 17:26 . 2012-09-25 17:26 -------- d-----w- c:\program files (x86)\Origin Games
2012-09-23 17:42 . 2012-09-23 17:42 -------- d-sha-w- c:\users\Public\DRM
2012-09-23 14:32 . 2012-09-23 14:32 -------- d-----w- c:\programdata\RELOADED
2012-09-23 14:22 . 2012-09-23 14:32 -------- d-----w- c:\program files (x86)\Torchlight II
2012-09-23 12:08 . 2012-10-04 12:02 -------- d-----w- c:\programdata\Premium
2012-09-23 12:08 . 2012-10-04 12:03 -------- d-----w- c:\programdata\InstallMate
2012-09-23 09:10 . 2012-09-23 09:10 -------- d-----w- c:\windows\Sun
2012-09-22 19:24 . 2008-09-04 18:17 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-09-22 19:24 . 2012-09-22 19:24 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-09-22 19:15 . 2012-09-29 18:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-09-22 19:02 . 2012-09-22 19:02 -------- d-----w- c:\users\Fifler\AppData\Roaming\PowerISO
2012-09-22 19:01 . 2012-09-22 19:01 -------- d-----w- c:\program files (x86)\PowerISO
2012-09-22 19:01 . 2012-08-24 07:56 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-09-22 13:59 . 2012-09-22 13:59 -------- d-----w- c:\program files\BitComet
2012-09-20 05:32 . 2012-09-28 08:12 -------- d-----w- c:\program files (x86)\F1 2012
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- C:\totalcmd
2012-09-15 09:26 . 2012-09-15 09:26 -------- d-----w- c:\users\Fifler\AppData\Roaming\GHISLER
2012-09-15 09:20 . 2012-10-07 17:55 -------- d-----w- c:\program files (x86)\Unrar
2012-09-12 12:45 . 2012-09-12 12:45 -------- d-----w- c:\users\Fifler\AppData\Local\AMD
2012-09-12 12:40 . 2012-09-27 15:35 -------- d-----w- c:\programdata\AMD
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-09-12 12:40 . 2012-09-12 12:40 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-09-12 12:39 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-09-12 12:39 . 2012-09-12 12:39 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-09-12 12:37 . 2012-09-27 15:36 -------- d-----w- c:\program files\ATI Technologies
2012-09-12 12:35 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-12 12:35 . 2012-09-12 12:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-09-12 12:35 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-12 12:35 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-12 12:35 . 2012-09-12 12:35 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-09-12 12:35 . 2012-09-12 12:35 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-09-12 12:35 . 2012-09-12 12:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-09-12 12:35 . 2012-07-28 01:13 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-12 12:35 . 2012-09-12 12:35 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-09-12 11:04 . 2012-09-12 11:05 -------- d-----w- c:\program files\Opera x64
2012-09-12 05:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 05:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 05:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 04:54 . 2012-09-12 04:54 -------- d-----w- c:\programdata\Codemasters
2012-09-11 17:58 . 2012-09-11 17:57 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-11 17:57 . 2012-09-11 17:57 -------- d-----w- c:\program files (x86)\Java
2012-09-11 16:36 . 2012-09-12 11:07 -------- d-----w- c:\program files (x86)\Opera Next
2012-09-11 16:33 . 2012-09-11 16:33 -------- d-----w- c:\users\Fifler\AppData\Local\Socusoft_Co.,_Ltd
2012-09-11 08:37 . 2012-09-11 08:37 -------- d-sh--w- c:\programdata\DSS
2012-09-11 08:36 . 2012-09-11 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-11 08:22 . 2012-09-11 08:22 -------- d-----w- c:\users\Fifler\AppData\Local\Origin
2012-09-11 08:20 . 2012-09-11 08:20 -------- d-----w- c:\programdata\Electronic Arts
2012-09-11 08:20 . 2012-09-22 16:32 -------- d-----w- c:\program files (x86)\Origin
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\Livestation
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Mchid
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\users\Fifler\AppData\Roaming\Livestation
2012-09-10 10:15 . 2012-09-10 10:18 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-09-10 10:15 . 2012-09-10 10:18 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:18 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-09-10 10:15 . 2012-09-10 10:15 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-10 10:12 . 2012-09-10 10:14 -------- d-----w- c:\program files (x86)\JLC's Software
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-09-09 17:12 . 2012-09-09 17:12 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-09-09 11:23 . 2012-09-09 11:51 -------- d-----w- c:\programdata\FarmFrenzy3_Arctica
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 09:33 . 2012-06-27 13:19 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 09:33 . 2012-06-27 13:19 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-13 04:50 . 2012-06-27 11:20 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-11 17:57 . 2012-07-25 07:43 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-25 20:10 . 2012-08-25 20:10 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 15:56 . 2012-08-12 12:04 195296 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2012-08-01 22:58 . 2012-08-28 07:39 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{312DAB3D-6AF6-4CD0-B403-FE6F52DBBA2A}\mpengine.dll
2012-07-28 04:09 . 2012-07-28 04:09 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2012-07-28 02:15 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2010-08-27 19:13 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2010-08-27 19:13 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2012-07-28 01:32 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2010-08-27 19:13 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-07-28 01:13 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-07-24 16:01 . 2012-07-24 16:01 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 16:01 . 2012-07-24 12:40 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 12:40 . 2012-07-24 12:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-24 12:40 . 2012-07-24 12:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 13:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-23 13:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-22 11:30 . 2012-07-22 11:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-18 18:15 . 2012-08-15 15:55 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-08-27 3122528]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-03-02 171104]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\SYSTEM32\Userinit.exe,c:\users\Fifler\AppData\Roaming\System\msiexic.exe,"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
R3 ALSysIO;ALSysIO;c:\users\Fifler\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-22 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-09-28 1701400]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-03-27 162304]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 09:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-08-27 20:07 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-27 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-27 2040352]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42} - c:\program files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe
AddRemove-InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237} - c:\program files (x86)\InstallShield Installation Information\{B2164CCB-C002-4B80-8550-7535D80DF237}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{0CE226F3-EB27-4ECD-BBF5-F088716779FD} - c:\program files (x86)\InstallShield Installation Information\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}\setup.exe
AddRemove-{17542DBF-E17C-4562-BC4D-FA3EF3076C45} - c:\program files (x86)\InstallShield Installation Information\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe
AddRemove-{8991E763-21F5-4DEA-A938-5D9D77DCB488} - c:\program files (x86)\InstallShield Installation Information\{8991E763-21F5-4DEA-A938-5D9D77DCB488}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} - c:\program files (x86)\InstallShield Installation Information\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}\setup.exe
AddRemove-{DFB19121-0609-49C1-92B1-546E5A940FE8} - c:\program files (x86)\InstallShield Installation Information\{DFB19121-0609-49C1-92B1-546E5A940FE8}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2783363877-66151871-397091110-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,c2,b3,bd,be,96,1b,db,5f,e5,e0,72,d3,63,ad,cf,ea,2e,a3,e4,30,
3c,aa,87,18,fc,a9,0c,f5,e6,29,ae,26,fa,72,b8,57,e4,86,e4,f4,15,0a,52,ed,22,\
"rkeysecu"=hex:f9,ec,cb,f9,3e,79,59,f4,a0,94,80,54,40,ae,7f,ab
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2012-10-07 20:02:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-07 18:02
ComboFix2.txt 2012-10-05 10:04
ComboFix3.txt 2012-10-04 19:47
.
Před spuštěním: Volných bajtů: 213 496 188 928
Po spuštění: Volných bajtů: 213 182 681 088
.
- - End Of File - - 337FC15B0F5AB95738B69C1A28831F80
Re: Zpomaleny ntb
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:45, on 7.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8197 bytes
Scan saved at 20:04:45, on 7.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\windows\SYSTEM32\Userinit.exe,C:\Users\Fifler\AppData\Roaming\System\msiexic.exe,
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8197 bytes
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Zpomaleny ntb
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
Jak se chová PC?
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Zpomaleny ntb Vyřešeno
uz je to v pohode diky za pomoc
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 78 hostů