Prosím o kontrolu - Zpomalený NTB

[Horthus]

Dobrý den, prosím o kontrolu logu z důvodu velmi zpomaleného notebooku.
Předem děkuji za váš čas a pomoc.

Zde je log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:54, on 22.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\DATA\Poker\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A31D943-7A4B-47F0-A045-7BBE0907E879}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{851F4E4D-B962-4524-A8A7-CA6A1FE2F44A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A31D943-7A4B-47F0-A045-7BBE0907E879}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A31D943-7A4B-47F0-A045-7BBE0907E879}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14751 bytes

[Reklama]

[jaro3]

COMODO Internet Security---používáš celý balík nebo jen firewall?? Pak máš dva firewally , jeden odinstaluj.!
avast! Firewall

Odinstaluj:
BingBar
Spybot-S&D IE Protection

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Horthus]

log z Adwcleaneru

# AdwCleaner v2.201 - Log vytvooen 22/04/2013 v 20:19:54
# Aktualizováno 21/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Luk - LUK-HP
# Spuštin systém : Normální
# Spuštino z : D:\STAZENO\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKU\S-1-5-21-1945532040-3723221208-600618339-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Users\Luk\AppData\Roaming\Mozilla\Firefox\Profiles\xfsukdka.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Luk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1496 octets] - [22/04/2013 20:19:54]

########## EOF - C:\AdwCleaner[R1].txt - [1556 octets] ##########

[Horthus]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Luk :: LUK-HP [administrátor]

Ochrana: Povolena

22.4.2013 20:32:25
mbam-log-2013-04-22 (20-32-25).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210438
Uplynulý čas: 4 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Žbeky]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a WIN7 spusť program jako správce, u XP poklepáním.
- Počkej až skončí Prescan.
- Zkontroluj, zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“ - celý obsah logu sem zkopíruj.
Pokud je program blokován, zkus ho spustit několikrát. Pokud dále program nepůjde spustit, přejmenuj ho na winlogon.exe.

[Horthus]

Adw Cleaner :
# AdwCleaner v2.202 - Log vytvooen 23/04/2013 v 15:53:30
# Aktualizováno 23/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Luk - LUK-HP
# Spuštin systém : Normální
# Spuštino z : D:\STAZENO\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****


***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Users\Luk\AppData\Roaming\Mozilla\Firefox\Profiles\xfsukdka.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Luk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1621 octets] - [22/04/2013 20:19:54]
AdwCleaner[S1].txt - [1620 octets] - [23/04/2013 10:27:12]
AdwCleaner[S2].txt - [928 octets] - [23/04/2013 15:53:30]

########## EOF - C:\AdwCleaner[S2].txt - [987 octets] ##########

[Horthus]

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Luk [Práva správce]
Mód : Kontrola -- Datum : 04/23/2013 15:49:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[TASK][SUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 SATA Disk Device +++++
--- User ---
[MBR] 1f234aa9f3fe35778f154d5bde238517
[BSP] d7b22270700bfa45256c6b69a66fa44c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 232462 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 476491776 | Size: 244277 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_04232013_02d1549.txt >>
RKreport[1]_S_04232013_02d1549.txt

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[Horthus]

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Luk [Práva správce]
Mód : Odebrat -- Datum : 04/23/2013 19:33:08
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[TASK][SUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 SATA Disk Device +++++
--- User ---
[MBR] 1f234aa9f3fe35778f154d5bde238517
[BSP] d7b22270700bfa45256c6b69a66fa44c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 232462 Mo
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 476491776 | Size: 244277 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_04232013_02d1933.txt >>
RKreport[1]_S_04232013_02d1549.txt ; RKreport[2]_S_04232013_02d1931.txt ; RKreport[3]_D_04232013_02d1933.txt

[Horthus]

19:38:18.0595 5212 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:38:19.0016 5212 ============================================================
19:38:19.0016 5212 Current date / time: 2013/04/23 19:38:19.0016
19:38:19.0016 5212 SystemInfo:
19:38:19.0016 5212
19:38:19.0016 5212 OS Version: 6.1.7601 ServicePack: 1.0
19:38:19.0016 5212 Product type: Workstation
19:38:19.0016 5212 ComputerName: LUK-HP
19:38:19.0016 5212 UserName: Luk
19:38:19.0016 5212 Windows directory: C:\Windows
19:38:19.0016 5212 System windows directory: C:\Windows
19:38:19.0016 5212 Running under WOW64
19:38:19.0016 5212 Processor architecture: Intel x64
19:38:19.0016 5212 Number of processors: 2
19:38:19.0016 5212 Page size: 0x1000
19:38:19.0016 5212 Boot type: Normal boot
19:38:19.0016 5212 ============================================================
19:38:20.0139 5212 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:38:20.0155 5212 ============================================================
19:38:20.0155 5212 \Device\Harddisk0\DR0:
19:38:20.0155 5212 MBR partitions:
19:38:20.0155 5212 Initialize success
19:38:20.0155 5212 ============================================================
19:38:25.0474 4376 ============================================================
19:38:25.0474 4376 Scan started
19:38:25.0474 4376 Mode: Manual;
19:38:25.0474 4376 ============================================================
19:38:25.0474 4376 ================ Scan system memory ========================
19:38:25.0474 4376 System memory - ok
19:38:25.0474 4376 ================ Scan services =============================
19:38:25.0552 4376 1394ohci - ok
19:38:25.0552 4376 ACPI - ok
19:38:25.0568 4376 AcpiPmi - ok
19:38:25.0584 4376 AdobeARMservice - ok
19:38:25.0615 4376 AdobeFlashPlayerUpdateSvc - ok
19:38:25.0615 4376 adp94xx - ok
19:38:25.0630 4376 adpahci - ok
19:38:25.0646 4376 adpu320 - ok
19:38:25.0662 4376 AeLookupSvc - ok
19:38:25.0662 4376 AFD - ok
19:38:25.0677 4376 agp440 - ok
19:38:25.0693 4376 ALG - ok
19:38:25.0693 4376 aliide - ok
19:38:25.0708 4376 AMD External Events Utility - ok
19:38:25.0724 4376 AMD FUEL Service - ok
19:38:25.0740 4376 amdide - ok
19:38:25.0755 4376 amdiox64 - ok
19:38:25.0755 4376 AmdK8 - ok
19:38:25.0771 4376 amdkmdag - ok
19:38:25.0771 4376 amdkmdap - ok
19:38:25.0786 4376 AmdPPM - ok
19:38:25.0786 4376 amdsata - ok
19:38:25.0786 4376 amdsbs - ok
19:38:25.0802 4376 amdxata - ok
19:38:25.0802 4376 amd_sata - ok
19:38:25.0818 4376 amd_xata - ok
19:38:25.0833 4376 AODDriver4.1 - ok
19:38:25.0849 4376 AppID - ok
19:38:25.0864 4376 AppIDSvc - ok
19:38:25.0864 4376 Appinfo - ok
19:38:25.0896 4376 arc - ok
19:38:25.0896 4376 arcsas - ok
19:38:25.0927 4376 aspnet_state - ok
19:38:25.0927 4376 aswFsBlk - ok
19:38:25.0942 4376 aswFW - ok
19:38:25.0942 4376 aswKbd - ok
19:38:25.0974 4376 aswMonFlt - ok
19:38:25.0989 4376 aswNdis - ok
19:38:26.0005 4376 aswNdis2 - ok
19:38:26.0005 4376 aswRdr - ok
19:38:26.0020 4376 aswRvrt - ok
19:38:26.0036 4376 aswSnx - ok
19:38:26.0052 4376 aswSP - ok
19:38:26.0052 4376 aswTdi - ok
19:38:26.0067 4376 aswVmm - ok
19:38:26.0083 4376 AsyncMac - ok
19:38:26.0083 4376 atapi - ok
19:38:26.0114 4376 AtiHDAudioService - ok
19:38:26.0114 4376 AtiHdmiService - ok
19:38:26.0130 4376 AtiPcie - ok
19:38:26.0130 4376 AudioEndpointBuilder - ok
19:38:26.0145 4376 AudioSrv - ok
19:38:26.0145 4376 avast! Antivirus - ok
19:38:26.0176 4376 avast! Firewall - ok
19:38:26.0192 4376 AxInstSV - ok
19:38:26.0208 4376 b06bdrv - ok
19:38:26.0223 4376 b57nd60a - ok
19:38:26.0223 4376 BDESVC - ok
19:38:26.0239 4376 Beep - ok
19:38:26.0254 4376 BFE - ok
19:38:26.0270 4376 BITS - ok
19:38:26.0270 4376 blbdrive - ok
19:38:26.0286 4376 Bluetooth Device Manager - ok
19:38:26.0286 4376 Bluetooth Media Service - ok
19:38:26.0301 4376 Bluetooth OBEX Service - ok
19:38:26.0301 4376 bowser - ok
19:38:26.0317 4376 BrFiltLo - ok
19:38:26.0317 4376 BrFiltUp - ok
19:38:26.0317 4376 Browser - ok
19:38:26.0332 4376 Brserid - ok
19:38:26.0332 4376 BrSerWdm - ok
19:38:26.0348 4376 BrUsbMdm - ok
19:38:26.0348 4376 BrUsbSer - ok
19:38:26.0364 4376 BthEnum - ok
19:38:26.0379 4376 BTHMODEM - ok
19:38:26.0379 4376 BthPan - ok
19:38:26.0395 4376 BTHPORT - ok
19:38:26.0395 4376 bthserv - ok
19:38:26.0410 4376 BTHUSB - ok
19:38:26.0410 4376 BTMCOM - ok
19:38:26.0426 4376 BTMHID - ok
19:38:26.0442 4376 BTMNET - ok
19:38:26.0457 4376 BTMUSB - ok
19:38:26.0457 4376 cdfs - ok
19:38:26.0473 4376 cdrom - ok
19:38:26.0488 4376 CertPropSvc - ok
19:38:26.0520 4376 CFRMD - ok
19:38:26.0535 4376 circlass - ok
19:38:26.0535 4376 CLFS - ok
19:38:26.0566 4376 CLPSLauncher - ok
19:38:26.0566 4376 clr_optimization_v2.0.50727_32 - ok
19:38:26.0582 4376 clr_optimization_v2.0.50727_64 - ok
19:38:26.0582 4376 clr_optimization_v4.0.30319_32 - ok
19:38:26.0598 4376 clr_optimization_v4.0.30319_64 - ok
19:38:26.0613 4376 clwvd - ok
19:38:26.0613 4376 CmBatt - ok
19:38:26.0629 4376 cmdide - ok
19:38:26.0629 4376 CNG - ok
19:38:26.0644 4376 Compbatt - ok
19:38:26.0660 4376 CompositeBus - ok
19:38:26.0660 4376 COMSysApp - ok
19:38:26.0676 4376 crcdisk - ok
19:38:26.0691 4376 CryptSvc - ok
19:38:26.0707 4376 DcomLaunch - ok
19:38:26.0722 4376 defragsvc - ok
19:38:26.0722 4376 DfsC - ok
19:38:26.0722 4376 Dhcp - ok
19:38:26.0738 4376 discache - ok
19:38:26.0754 4376 Disk - ok
19:38:26.0754 4376 Dnscache - ok
19:38:26.0769 4376 dot3svc - ok
19:38:26.0769 4376 DPS - ok
19:38:26.0800 4376 DragonUpdater - ok
19:38:26.0816 4376 drmkaud - ok
19:38:26.0832 4376 dtsoftbus01 - ok
19:38:26.0832 4376 DXGKrnl - ok
19:38:26.0847 4376 EapHost - ok
19:38:26.0847 4376 ebdrv - ok
19:38:26.0863 4376 EFS - ok
19:38:26.0878 4376 ehRecvr - ok
19:38:26.0878 4376 ehSched - ok
19:38:26.0894 4376 elxstor - ok
19:38:26.0894 4376 ErrDev - ok
19:38:26.0910 4376 EventSystem - ok
19:38:26.0910 4376 exfat - ok
19:38:26.0925 4376 ezSharedSvc - ok
19:38:26.0925 4376 fastfat - ok
19:38:26.0941 4376 Fax - ok
19:38:26.0941 4376 fdc - ok
19:38:26.0956 4376 fdPHost - ok
19:38:26.0956 4376 FDResPub - ok
19:38:26.0972 4376 FileInfo - ok
19:38:26.0972 4376 Filetrace - ok
19:38:26.0988 4376 FLEXnet Licensing Service - ok
19:38:26.0988 4376 FLEXnet Licensing Service 64 - ok
19:38:26.0988 4376 flpydisk - ok
19:38:27.0003 4376 FltMgr - ok
19:38:27.0019 4376 FontCache - ok
19:38:27.0019 4376 FontCache3.0.0.0 - ok
19:38:27.0019 4376 FsDepends - ok
19:38:27.0034 4376 Fs_Rec - ok
19:38:27.0066 4376 FTDIBUS - ok
19:38:27.0066 4376 FTSER2K - ok
19:38:27.0081 4376 fvevol - ok
19:38:27.0081 4376 gagp30kx - ok
19:38:27.0112 4376 GameConsoleService - ok
19:38:27.0128 4376 GeekBuddyRSP - ok
19:38:27.0128 4376 gpsvc - ok
19:38:27.0144 4376 gupdate - ok
19:38:27.0144 4376 gupdatem - ok
19:38:27.0159 4376 hcw85cir - ok
19:38:27.0159 4376 HdAudAddService - ok
19:38:27.0175 4376 HDAudBus - ok
19:38:27.0175 4376 HidBatt - ok
19:38:27.0190 4376 HidBth - ok
19:38:27.0190 4376 HidIr - ok
19:38:27.0190 4376 hidserv - ok
19:38:27.0206 4376 HidUsb - ok
19:38:27.0222 4376 hkmsvc - ok
19:38:27.0222 4376 HomeGroupListener - ok
19:38:27.0237 4376 HomeGroupProvider - ok
19:38:27.0237 4376 HP Wireless Assistant Service - ok
19:38:27.0253 4376 HPClientSvc - ok
19:38:27.0253 4376 hpqwmiex - ok
19:38:27.0268 4376 HpSAMD - ok
19:38:27.0284 4376 HPWMISVC - ok
19:38:27.0300 4376 HTTP - ok
19:38:27.0315 4376 hwpolicy - ok
19:38:27.0315 4376 i8042prt - ok
19:38:27.0346 4376 iaStorV - ok
19:38:27.0346 4376 idsvc - ok
19:38:27.0362 4376 igfx - ok
19:38:27.0362 4376 iirsp - ok
19:38:27.0362 4376 IKEEXT - ok
19:38:27.0378 4376 intelide - ok
19:38:27.0393 4376 intelppm - ok
19:38:27.0393 4376 IPBusEnum - ok
19:38:27.0393 4376 IpFilterDriver - ok
19:38:27.0409 4376 iphlpsvc - ok
19:38:27.0409 4376 IPMIDRV - ok
19:38:27.0424 4376 IPNAT - ok
19:38:27.0440 4376 IRENUM - ok
19:38:27.0440 4376 isapnp - ok
19:38:27.0456 4376 iScsiPrt - ok
19:38:27.0471 4376 IT9135BDA - ok
19:38:27.0471 4376 kbdclass - ok
19:38:27.0487 4376 kbdhid - ok
19:38:27.0487 4376 KeyIso - ok
19:38:27.0502 4376 KovaPlusFltr - ok
19:38:27.0518 4376 KSecDD - ok
19:38:27.0518 4376 KSecPkg - ok
19:38:27.0518 4376 ksthunk - ok
19:38:27.0534 4376 KtmRm - ok
19:38:27.0534 4376 LanmanServer - ok
19:38:27.0549 4376 LanmanWorkstation - ok
19:38:27.0565 4376 LightScribeService - ok
19:38:27.0565 4376 lltdio - ok
19:38:27.0565 4376 lltdsvc - ok
19:38:27.0580 4376 lmhosts - ok
19:38:27.0580 4376 LSI_FC - ok
19:38:27.0596 4376 LSI_SAS - ok
19:38:27.0596 4376 LSI_SAS2 - ok
19:38:27.0612 4376 LSI_SCSI - ok
19:38:27.0627 4376 luafv - ok
19:38:27.0643 4376 MBAMProtector - ok
19:38:27.0658 4376 MBAMScheduler - ok
19:38:27.0658 4376 MBAMService - ok
19:38:27.0674 4376 Mcx2Svc - ok
19:38:27.0690 4376 megasas - ok
19:38:27.0690 4376 MegaSR - ok
19:38:27.0705 4376 Microsoft Office Groove Audit Service - ok
19:38:27.0721 4376 MMCSS - ok
19:38:27.0721 4376 Modem - ok
19:38:27.0721 4376 monitor - ok
19:38:27.0736 4376 mouclass - ok
19:38:27.0752 4376 mouhid - ok
19:38:27.0752 4376 mountmgr - ok
19:38:27.0768 4376 MozillaMaintenance - ok
19:38:27.0783 4376 mpio - ok
19:38:27.0783 4376 mpsdrv - ok
19:38:27.0783 4376 MpsSvc - ok
19:38:27.0799 4376 MRxDAV - ok
19:38:27.0799 4376 mrxsmb - ok
19:38:27.0814 4376 mrxsmb10 - ok
19:38:27.0814 4376 mrxsmb20 - ok
19:38:27.0830 4376 msahci - ok
19:38:27.0830 4376 msdsm - ok
19:38:27.0830 4376 MSDTC - ok
19:38:27.0846 4376 Msfs - ok
19:38:27.0861 4376 mshidkmdf - ok
19:38:27.0861 4376 msisadrv - ok
19:38:27.0877 4376 MSiSCSI - ok
19:38:27.0877 4376 msiserver - ok
19:38:27.0892 4376 MSKSSRV - ok
19:38:27.0892 4376 MSPCLOCK - ok
19:38:27.0892 4376 MSPQM - ok
19:38:27.0908 4376 MsRPC - ok
19:38:27.0924 4376 mssmbios - ok
19:38:27.0924 4376 MSTEE - ok
19:38:27.0924 4376 MTConfig - ok
19:38:27.0939 4376 Mup - ok
19:38:27.0955 4376 napagent - ok
19:38:27.0955 4376 NativeWifiP - ok
19:38:27.0970 4376 NDIS - ok
19:38:27.0970 4376 NdisCap - ok
19:38:27.0986 4376 NdisTapi - ok
19:38:27.0986 4376 Ndisuio - ok
19:38:28.0002 4376 NdisWan - ok
19:38:28.0002 4376 NDProxy - ok
19:38:28.0017 4376 NetBIOS - ok
19:38:28.0017 4376 NetBT - ok
19:38:28.0033 4376 Netlogon - ok
19:38:28.0033 4376 Netman - ok
19:38:28.0048 4376 NetMsmqActivator - ok
19:38:28.0064 4376 NetPipeActivator - ok
19:38:28.0064 4376 netprofm - ok
19:38:28.0080 4376 netr28x - ok
19:38:28.0095 4376 NetTcpActivator - ok
19:38:28.0111 4376 NetTcpPortSharing - ok
19:38:28.0111 4376 netw5v64 - ok
19:38:28.0111 4376 nfrd960 - ok
19:38:28.0126 4376 NlaSvc - ok
19:38:28.0126 4376 Npfs - ok
19:38:28.0142 4376 nsi - ok
19:38:28.0142 4376 nsiproxy - ok
19:38:28.0158 4376 Ntfs - ok
19:38:28.0158 4376 Null - ok
19:38:28.0173 4376 nvraid - ok
19:38:28.0173 4376 nvstor - ok
19:38:28.0189 4376 nv_agp - ok
19:38:28.0189 4376 odserv - ok
19:38:28.0189 4376 ohci1394 - ok
19:38:28.0236 4376 ose - ok
19:38:28.0251 4376 p2pimsvc - ok
19:38:28.0267 4376 p2psvc - ok
19:38:28.0267 4376 Parport - ok
19:38:28.0267 4376 partmgr - ok
19:38:28.0282 4376 PcaSvc - ok
19:38:28.0282 4376 pci - ok
19:38:28.0298 4376 pciide - ok
19:38:28.0298 4376 pcmcia - ok
19:38:28.0314 4376 pcw - ok
19:38:28.0314 4376 PEAUTH - ok
19:38:28.0329 4376 PerfHost - ok
19:38:28.0345 4376 pla - ok
19:38:28.0345 4376 PlugPlay - ok
19:38:28.0360 4376 PNRPAutoReg - ok
19:38:28.0360 4376 PNRPsvc - ok
19:38:28.0376 4376 PolicyAgent - ok
19:38:28.0376 4376 Power - ok
19:38:28.0392 4376 PptpMiniport - ok
19:38:28.0392 4376 Processor - ok
19:38:28.0392 4376 ProfSvc - ok
19:38:28.0407 4376 ProtectedStorage - ok
19:38:28.0470 4376 Psched - ok
19:38:28.0470 4376 ql2300 - ok
19:38:28.0485 4376 ql40xx - ok
19:38:28.0501 4376 QWAVE - ok
19:38:28.0501 4376 QWAVEdrv - ok
19:38:28.0516 4376 RasAcd - ok
19:38:28.0516 4376 RasAgileVpn - ok
19:38:28.0532 4376 RasAuto - ok
19:38:28.0532 4376 Rasl2tp - ok
19:38:28.0548 4376 RasMan - ok
19:38:28.0548 4376 RasPppoe - ok
19:38:28.0548 4376 RasSstp - ok
19:38:28.0563 4376 rdbss - ok
19:38:28.0563 4376 rdpbus - ok
19:38:28.0579 4376 RDPCDD - ok
19:38:28.0594 4376 RDPENCDD - ok
19:38:28.0610 4376 RDPREFMP - ok
19:38:28.0610 4376 RDPWD - ok
19:38:28.0626 4376 rdyboost - ok
19:38:28.0641 4376 RemoteAccess - ok
19:38:28.0641 4376 RemoteRegistry - ok
19:38:28.0657 4376 RFCOMM - ok
19:38:28.0688 4376 RpcEptMapper - ok
19:38:28.0688 4376 RpcLocator - ok
19:38:28.0704 4376 RpcSs - ok
19:38:28.0704 4376 RSPCIESTOR - ok
19:38:28.0704 4376 rspndr - ok
19:38:28.0735 4376 RTL8167 - ok
19:38:28.0735 4376 SamSs - ok
19:38:28.0735 4376 sbp2port - ok
19:38:28.0750 4376 SCardSvr - ok
19:38:28.0750 4376 scfilter - ok
19:38:28.0766 4376 Schedule - ok
19:38:28.0766 4376 SCPolicySvc - ok
19:38:28.0782 4376 sdbus - ok
19:38:28.0782 4376 SDRSVC - ok
19:38:28.0797 4376 secdrv - ok
19:38:28.0797 4376 seclogon - ok
19:38:28.0813 4376 SENS - ok
19:38:28.0813 4376 SensrSvc - ok
19:38:28.0828 4376 Serenum - ok
19:38:28.0828 4376 Serial - ok
19:38:28.0844 4376 sermouse - ok
19:38:28.0860 4376 SessionEnv - ok
19:38:28.0860 4376 sffdisk - ok
19:38:28.0875 4376 sffp_mmc - ok
19:38:28.0875 4376 sffp_sd - ok
19:38:28.0875 4376 sfloppy - ok
19:38:28.0891 4376 SharedAccess - ok
19:38:28.0891 4376 ShellHWDetection - ok
19:38:28.0906 4376 SiSRaid2 - ok
19:38:28.0906 4376 SiSRaid4 - ok
19:38:28.0953 4376 SmartDefragDriver - ok
19:38:28.0969 4376 Smb - ok
19:38:29.0000 4376 SNMPTRAP - ok
19:38:29.0000 4376 spldr - ok
19:38:29.0016 4376 Spooler - ok
19:38:29.0016 4376 sppsvc - ok
19:38:29.0016 4376 sppuinotify - ok
19:38:29.0031 4376 srv - ok
19:38:29.0031 4376 srv2 - ok
19:38:29.0047 4376 SrvHsfHDA - ok
19:38:29.0062 4376 SrvHsfV92 - ok
19:38:29.0062 4376 SrvHsfWinac - ok
19:38:29.0078 4376 srvnet - ok
19:38:29.0094 4376 SSDPSRV - ok
19:38:29.0094 4376 SstpSvc - ok
19:38:29.0109 4376 STacSV - ok
19:38:29.0140 4376 Steam Client Service - ok
19:38:29.0140 4376 stexstor - ok
19:38:29.0156 4376 STHDA - ok
19:38:29.0172 4376 stisvc - ok
19:38:29.0172 4376 swenum - ok
19:38:29.0187 4376 swprv - ok
19:38:29.0203 4376 SynTP - ok
19:38:29.0218 4376 SysMain - ok
19:38:29.0218 4376 TabletInputService - ok
19:38:29.0234 4376 TapiSrv - ok
19:38:29.0234 4376 TBS - ok
19:38:29.0250 4376 Tcpip - ok
19:38:29.0265 4376 TCPIP6 - ok
19:38:29.0281 4376 tcpipreg - ok
19:38:29.0296 4376 TDPIPE - ok
19:38:29.0296 4376 TDTCP - ok
19:38:29.0312 4376 tdx - ok
19:38:29.0312 4376 TermDD - ok
19:38:29.0328 4376 TermService - ok
19:38:29.0328 4376 Themes - ok
19:38:29.0343 4376 THREADORDER - ok
19:38:29.0343 4376 TrkWks - ok
19:38:29.0359 4376 TrustedInstaller - ok
19:38:29.0359 4376 tssecsrv - ok
19:38:29.0374 4376 TsUsbFlt - ok
19:38:29.0390 4376 tunnel - ok
19:38:29.0390 4376 uagp35 - ok
19:38:29.0406 4376 udfs - ok
19:38:29.0421 4376 UI0Detect - ok
19:38:29.0421 4376 uliagpkx - ok
19:38:29.0421 4376 umbus - ok
19:38:29.0437 4376 UmPass - ok
19:38:29.0437 4376 upnphost - ok
19:38:29.0452 4376 usbccgp - ok
19:38:29.0452 4376 usbcir - ok
19:38:29.0468 4376 usbehci - ok
19:38:29.0468 4376 usbfilter - ok
19:38:29.0484 4376 usbhub - ok
19:38:29.0484 4376 usbohci - ok
19:38:29.0484 4376 usbprint - ok
19:38:29.0499 4376 USBSTOR - ok
19:38:29.0499 4376 usbuhci - ok
19:38:29.0515 4376 usbvideo - ok
19:38:29.0530 4376 UxSms - ok
19:38:29.0530 4376 VaultSvc - ok
19:38:29.0546 4376 vdrvroot - ok
19:38:29.0546 4376 vds - ok
19:38:29.0562 4376 vga - ok
19:38:29.0562 4376 VgaSave - ok
19:38:29.0562 4376 vhdmp - ok
19:38:29.0577 4376 viaide - ok
19:38:29.0577 4376 volmgr - ok
19:38:29.0593 4376 volmgrx - ok
19:38:29.0593 4376 volsnap - ok
19:38:29.0608 4376 vsmraid - ok
19:38:29.0624 4376 VSS - ok
19:38:29.0624 4376 vwifibus - ok
19:38:29.0624 4376 vwififlt - ok
19:38:29.0640 4376 W32Time - ok
19:38:29.0655 4376 WacomPen - ok
19:38:29.0655 4376 WANARP - ok
19:38:29.0655 4376 Wanarpv6 - ok
19:38:29.0686 4376 WatAdminSvc - ok
19:38:29.0686 4376 wbengine - ok
19:38:29.0702 4376 WbioSrvc - ok
19:38:29.0702 4376 wcncsvc - ok
19:38:29.0702 4376 WcsPlugInService - ok
19:38:29.0718 4376 Wd - ok
19:38:29.0718 4376 Wdf01000 - ok
19:38:29.0733 4376 WdiServiceHost - ok
19:38:29.0733 4376 WdiSystemHost - ok
19:38:29.0749 4376 WebClient - ok
19:38:29.0749 4376 Wecsvc - ok
19:38:29.0749 4376 wercplsupport - ok
19:38:29.0764 4376 WerSvc - ok
19:38:29.0764 4376 WfpLwf - ok
19:38:29.0780 4376 WIMMount - ok
19:38:29.0780 4376 WinDefend - ok
19:38:29.0796 4376 WinHttpAutoProxySvc - ok
19:38:29.0796 4376 Winmgmt - ok
19:38:29.0827 4376 WinRing0_1_2_0 - ok
19:38:29.0842 4376 WinRM - ok
19:38:29.0842 4376 Wlansvc - ok
19:38:29.0858 4376 wlcrasvc - ok
19:38:29.0858 4376 wlidsvc - ok
19:38:29.0874 4376 WmiAcpi - ok
19:38:29.0874 4376 wmiApSrv - ok
19:38:29.0889 4376 WMPNetworkSvc - ok
19:38:29.0905 4376 WPCSvc - ok
19:38:29.0905 4376 WPDBusEnum - ok
19:38:29.0920 4376 ws2ifsl - ok
19:38:29.0920 4376 wscsvc - ok
19:38:29.0920 4376 WSearch - ok
19:38:29.0936 4376 wuauserv - ok
19:38:29.0952 4376 WudfPf - ok
19:38:29.0952 4376 WUDFRd - ok
19:38:29.0952 4376 wudfsvc - ok
19:38:29.0967 4376 WwanSvc - ok
19:38:29.0983 4376 yukonw7 - ok
19:38:29.0998 4376 ================ Scan global ===============================
19:38:30.0014 4376 [Global] - ok
19:38:30.0014 4376 ================ Scan MBR ==================================
19:38:30.0030 4376 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:38:30.0264 4376 \Device\Harddisk0\DR0 - ok
19:38:30.0264 4376 ================ Scan VBR ==================================
19:38:30.0264 4376 ============================================================
19:38:30.0264 4376 Scan finished
19:38:30.0264 4376 ============================================================
19:38:30.0295 3404 Detected object count: 0
19:38:30.0295 3404 Actual detected object count: 0
19:38:39.0171 0888 Deinitialize success

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Horthus]

ComboFix 13-04-24.02 - Luk 24.04.2013 10:17:48.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2441 [GMT 2:00]
Spuštěný z: c:\users\Luk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PolicyDefinitions
c:\windows\PolicyDefinitions\cs-CZ\DeviceRedirection.adml
c:\windows\PolicyDefinitions\cs-CZ\EnhancedStorage.adml
c:\windows\PolicyDefinitions\cs-CZ\InetRes.adml
c:\windows\PolicyDefinitions\cs-CZ\NCSI.adml
c:\windows\PolicyDefinitions\cs-CZ\RacWmiProv.adml
c:\windows\PolicyDefinitions\cs-CZ\ReAgent.adml
c:\windows\PolicyDefinitions\cs-CZ\sdiageng.adml
c:\windows\PolicyDefinitions\cs-CZ\sdiagschd.adml
c:\windows\PolicyDefinitions\cs-CZ\Search.adml
c:\windows\PolicyDefinitions\cs-CZ\WindowsMediaDRM.adml
c:\windows\PolicyDefinitions\cs-CZ\WindowsMediaPlayer.adml
c:\windows\PolicyDefinitions\DeviceRedirection.admx
c:\windows\PolicyDefinitions\en-US\InetRes.adml
c:\windows\PolicyDefinitions\EnhancedStorage.admx
c:\windows\PolicyDefinitions\inetres.admx
c:\windows\PolicyDefinitions\NCSI.admx
c:\windows\PolicyDefinitions\RacWmiProv.admx
c:\windows\PolicyDefinitions\ReAgent.admx
c:\windows\PolicyDefinitions\sdiageng.admx
c:\windows\PolicyDefinitions\sdiagschd.admx
c:\windows\PolicyDefinitions\Search.admx
c:\windows\PolicyDefinitions\sk-SK\InetRes.adml
c:\windows\PolicyDefinitions\WindowsMediaDRM.admx
c:\windows\PolicyDefinitions\WindowsMediaPlayer.admx
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-24 do 2013-04-24 )))))))))))))))))))))))))))))))
.
.
2013-04-22 18:27 . 2013-04-22 18:27 -------- d-----w- c:\users\Luk\AppData\Roaming\Malwarebytes
2013-04-22 18:27 . 2013-04-22 18:27 -------- d-----w- c:\programdata\Malwarebytes
2013-04-22 18:27 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-19 12:49 . 2013-04-19 13:16 -------- d-----w- c:\users\Luk\AppData\Roaming\Comodo
2013-04-18 06:04 . 2013-04-18 06:04 -------- d-----w- c:\program files (x86)\Common Files\COMODO
2013-04-13 12:08 . 2013-04-13 12:08 388096 ----a-r- c:\users\Luk\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-04-13 12:08 . 2013-04-13 12:08 -------- d-----w- c:\program files (x86)\Trend Micro
2013-04-10 10:43 . 2013-04-10 13:39 -------- d-----w- c:\users\Luk\AppData\Roaming\Spore
2013-04-10 10:26 . 2013-04-10 10:26 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-04-10 10:20 . 2013-04-10 10:20 -------- d-----w- c:\program files\Microsoft Office
2013-04-10 10:20 . 2013-04-10 10:20 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-04-10 10:19 . 2013-04-10 10:25 -------- d-----w- c:\windows\SHELLNEW
2013-04-10 10:19 . 2013-04-10 10:19 -------- d-----w- c:\users\Luk\AppData\Local\Microsoft Help
2013-04-10 10:19 . 2013-04-10 10:32 -------- d-----w- c:\programdata\Microsoft Help
2013-04-10 10:18 . 2013-04-10 10:18 -------- d-----r- C:\MSOCache
2013-04-10 05:23 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:23 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 05:23 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 05:23 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 05:23 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 05:23 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 05:23 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 05:23 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 05:22 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 05:22 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 05:22 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 05:22 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 05:22 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 05:22 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-08 07:22 . 2013-04-20 10:36 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-04-07 14:32 . 2013-04-22 17:46 -------- d-----w- c:\programdata\COMODO
2013-04-07 14:32 . 2013-04-07 14:32 -------- d-----w- c:\users\Luk\AppData\Local\Comodo
2013-04-07 14:32 . 2013-04-20 10:36 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-04-07 14:32 . 2013-04-20 10:36 -------- d-----w- c:\program files (x86)\Comodo
2013-04-07 14:32 . 2013-04-07 14:32 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-04-07 14:32 . 2013-04-07 14:32 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-04-07 11:12 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-04-07 10:58 . 2013-03-06 22:33 263096 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-04-07 10:58 . 2013-03-06 22:33 127136 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-04-07 10:58 . 2013-03-06 22:33 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-04-07 10:58 . 2013-03-06 22:11 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-04-07 10:52 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-04-07 10:52 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-04-07 10:52 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-04-07 10:52 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-04-07 10:52 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-04-07 10:52 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-04-07 10:52 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-04-07 10:51 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-04-07 10:51 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-07 10:50 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr
2013-04-07 10:50 . 2013-04-07 10:50 -------- d-----w- c:\program files\AVAST Software
2013-04-07 10:49 . 2013-04-07 10:50 -------- d-----w- c:\programdata\AVAST Software
2013-04-06 20:48 . 2013-04-06 20:48 -------- d-----w- c:\windows\system32\SPReview
2013-04-06 20:48 . 2013-04-06 20:48 -------- d-----w- c:\windows\system32\EventProviders
2013-04-06 18:48 . 2013-04-06 19:34 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-04-05 18:43 . 2013-04-05 18:43 -------- d-----w- c:\users\Luk\AppData\Local\ElevatedDiagnostics
2013-04-05 13:59 . 2012-05-08 16:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-04-05 13:59 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-04-02 18:26 . 2013-04-02 18:26 -------- d-----w- c:\programdata\LightScribe
2013-04-02 09:07 . 2013-04-02 09:07 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-04-02 09:07 . 2013-04-02 09:07 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-03-31 18:35 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-03-31 18:35 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-03-31 18:35 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-03-31 18:35 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-03-31 18:35 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-03-31 18:35 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-03-31 07:21 . 2013-03-31 07:21 -------- d-----w- c:\users\Luk\AppData\Roaming\LolClient
2013-03-29 07:52 . 2013-03-29 07:52 -------- d-----w- c:\users\Luk\AppData\Local\Razer
2013-03-29 07:52 . 2013-03-29 07:52 -------- d-----w- c:\programdata\Razer
2013-03-29 07:52 . 2013-03-29 07:52 -------- d-----w- c:\program files (x86)\Razer
2013-03-28 20:34 . 2013-03-29 06:49 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-03-28 20:34 . 2013-03-28 21:06 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2013-03-28 20:26 . 2013-03-28 20:26 -------- d-----w- c:\programdata\Battle.net
2013-03-28 20:23 . 2013-03-28 20:24 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-03-28 20:23 . 2013-03-28 20:23 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-03-27 17:11 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2013-03-27 17:11 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2013-03-27 17:11 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-03-27 12:08 . 2013-04-20 21:17 -------- d-----w- c:\users\Luk\AppData\Roaming\Skype
2013-03-27 12:07 . 2013-03-27 12:07 -------- d-----r- c:\program files (x86)\Skype
2013-03-27 12:07 . 2013-03-27 12:07 -------- d-----w- c:\programdata\Skype
2013-03-26 16:38 . 2013-03-26 16:38 -------- d-----w- c:\users\Public\CyberLink
2013-03-26 16:28 . 2013-04-07 16:33 -------- d-----w- c:\programdata\GFACE
2013-03-26 16:10 . 2013-03-26 16:10 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 13:12 . 2013-03-12 18:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-13 13:12 . 2013-03-12 18:01 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-10 05:39 . 2013-03-12 17:55 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-07 15:52 . 2013-03-22 19:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-04-06 21:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-04-06 21:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-03-22 19:25 . 2013-03-22 19:25 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-12 20:21 . 2013-03-12 20:21 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-03-12 17:34 . 2013-03-12 17:34 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-03-12 17:34 . 2013-03-12 17:34 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-12 17:34 . 2013-03-12 17:34 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-03-12 17:34 . 2013-03-12 17:34 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-03-12 17:34 . 2013-03-12 17:34 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-12 17:34 . 2013-03-12 17:34 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-12 17:34 . 2013-03-12 17:34 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-03-12 17:34 . 2013-03-12 17:34 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-12 17:34 . 2013-03-12 17:34 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-12 17:34 . 2013-03-12 17:34 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-12 17:34 . 2013-03-12 17:34 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-12 17:34 . 2013-03-12 17:34 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-12 17:34 . 2013-03-12 17:34 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-12 17:34 . 2013-03-12 17:34 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-12 17:34 . 2013-03-12 17:34 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-03-12 17:34 . 2013-03-12 17:34 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-03-12 17:34 . 2013-03-12 17:34 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-12 17:34 . 2013-03-12 17:34 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-03-12 17:34 . 2013-03-12 17:34 222208 ----a-w- c:\windows\system32\msls31.dll
2013-03-12 17:34 . 2013-03-12 17:34 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-12 17:34 . 2013-03-12 17:34 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-03-12 17:34 . 2013-03-12 17:34 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-12 17:34 . 2013-03-12 17:34 12288 ----a-w- c:\windows\system32\mshta.exe
2013-03-12 17:34 . 2013-03-12 17:34 114176 ----a-w- c:\windows\system32\admparse.dll
2013-03-12 17:34 . 2013-03-12 17:34 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-12 17:34 . 2013-03-12 17:34 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-03-12 17:34 . 2013-03-12 17:34 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-12 17:34 . 2013-03-12 17:34 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-03-12 17:34 . 2013-03-12 17:34 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-12 17:34 . 2013-03-12 17:34 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-12 17:34 . 2013-03-12 17:34 448512 ----a-w- c:\windows\system32\html.iec
2013-03-12 17:34 . 2013-03-12 17:34 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-12 17:34 . 2013-03-12 17:34 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-03-12 17:34 . 2013-03-12 17:34 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-03-12 17:34 . 2013-03-12 17:34 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-12 17:34 . 2013-03-12 17:34 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-03-12 17:34 . 2013-03-12 17:34 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-12 17:34 . 2013-03-12 17:34 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-12 17:34 . 2013-03-12 17:34 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-03-12 17:34 . 2013-03-12 17:34 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-03-12 17:34 . 2013-03-12 17:34 82432 ----a-w- c:\windows\system32\icardie.dll
2013-03-12 17:34 . 2013-03-12 17:34 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-12 17:34 . 2013-03-12 17:34 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-12 17:34 . 2013-03-12 17:34 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-03-12 17:34 . 2013-03-12 17:34 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-12 17:34 . 2013-03-12 17:34 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-03-12 17:34 . 2013-03-12 17:34 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-03-12 17:34 . 2013-03-12 17:34 160256 ----a-w- c:\windows\system32\wextract.exe
2013-03-12 17:34 . 2013-03-12 17:34 103936 ----a-w- c:\windows\system32\inseng.dll
2013-03-12 16:47 . 2010-06-24 10:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-02-12 04:12 . 2013-03-20 19:54 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-11-22 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 318520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"gbrspcontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-04-17 1851088]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe [2013-4-17 49352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-11-30 1188616]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-11-30 52736]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [2010-02-03 113280]
R3 KovaPlusFltr;ROCCAT Kova[+] Mouse;c:\windows\system32\drivers\KovaPlusFltr.sys [2010-01-25 12:24 15104]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-15 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-05-15 73856]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-05-15 28800]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-06 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-03-06 263096]
S0 aswRvrt;aswRvrt; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-03-06 127136]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-03-06 136912]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-11-30 679176]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2013-04-19 2074760]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 MBAMService;MBAMService;d:\data\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-11-30 4150864]
S3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys [2010-11-30 34176]
S3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys [2010-11-30 30208]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-11-30 484224]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-10 31088]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-28 283200]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-03-12 1028096]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-04 1041760]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-12-08 329832]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 13:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 05:29 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 13:12]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-12 18:18]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-12 18:18]
.
2013-03-27 c:\windows\Tasks\HPCeeScheduleForLUK-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
2013-03-27 c:\windows\Tasks\HPCeeScheduleForLuk.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-02 524800]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com?pc=HPNTDF
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=HPNTDF
mStart Page = hxxp://www.bing.com?pc=HPNTDF
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Luk\AppData\Roaming\Mozilla\Firefox\Profiles\xfsukdka.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =114576&p=
FF - ExtSQL: 2013-03-26 17:27; cryenginebrowserplugin@crytek.com; c:\users\Luk\AppData\Roaming\Mozilla\Firefox\Profiles\xfsukdka.default\extensions\cryenginebrowserplugin@crytek.com
FF - ExtSQL: 2013-04-07 12:50; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
d:\data\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
d:\data\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2013-04-24 10:36:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-24 08:36
.
Před spuštěním: Volných bajtů: 190 177 865 728
Po spuštění: Volných bajtů: 190 003 097 600
.
- - End Of File - - 63833DA940C5E2A64324D815D961D9AD