Dlouhý start Win - HJT log

djzdenek · Příspěvekod **djzdenek** » 30 srp 2013 00:30

Ahoj, prosím o kontrolu logu. Mám problém s dlouhým startem.Windows logo trva az 3 minuty.System mam starý tak týden jinak nacteni plochy je pak hned DEKUJI ZA ODPOVED.

http://go.microsoft.com/fwlink/?LinkId=54896

http://go.microsoft.com/fwlink/?LinkId=69157

http://go.microsoft.com/fwlink/p/?LinkId=255141

http://go.microsoft.com/fwlink/?LinkId=54896

http://go.microsoft.com/fwlink/p/?LinkId=255141

Reklama

Příspěvekod **memphisto** » 30 srp 2013 13:24

Nedávej ten log do jiného řešeného tématu! Tam si jej nikdo nevšimne. Odděleno!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

djzdenek · Příspěvekod **djzdenek** » 30 srp 2013 15:50

Děkuji za odpověď a omlouvam se.Jak pridu z prace tak to udělám děkuji.

djzdenek · Příspěvekod **djzdenek** » 30 srp 2013 21:28

Dobry den tady to je.

http://www.malwarebytes.org

[list=]# AdwCleaner v3.001 - Report created 30/08/2013 at 21:29:33
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : djzdenek - DJZDENEK-PC
# Running from : C:\Users\djzdenek\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Users\djzdenek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\Users\djzdenek\AppData\LocalLow\AVG Secure Search

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\djzdenek\AppData\Roaming\Mozilla\Firefox\Profiles\mows4i12.default\prefs.js ]

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\djzdenek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [4930 octets] - [30/08/2013 21:29:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4990 octets] ##########
[/list]

Příspěvekod **memphisto** » 31 srp 2013 08:55

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

djzdenek · Příspěvekod **djzdenek** » 31 srp 2013 11:24

Dobry den tady to mam

[list=]# AdwCleaner v3.001 - Report created 31/08/2013 at 11:03:51
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : djzdenek - DJZDENEK-PC
# Running from : C:\Users\djzdenek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\djzdenek\AppData\Roaming\Mozilla\Firefox\Profiles\mows4i12.default\prefs.js ]

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\djzdenek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [5090 octets] - [30/08/2013 21:29:33]
AdwCleaner[R1].txt - [5083 octets] - [31/08/2013 10:53:44]
AdwCleaner[R2].txt - [1267 octets] - [31/08/2013 11:03:21]
AdwCleaner[S0].txt - [5055 octets] - [31/08/2013 10:54:49]
AdwCleaner[S1].txt - [1046 octets] - [31/08/2013 11:03:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1106 octets] ##########[/list]

[list=]RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : djzdenek [Práva správce]
Mód : Kontrola -- Datum : 08/31/2013 11:11:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[EXT RUN][SUSP PATH] HKCU\djzdenek_ON_D:\[...]\Run : Google Update ("C:\Users\djzdenek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\djzdenek\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\djzdenek\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
--- User ---
[MBR] 22f38d2e0200135a5a9d506bbeb45369
[BSP] e58331b03eff12a6bbb5caafa9544f42 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
--- User ---
[MBR] 10a575d1dd0d767075a5d757e3bf788e
[BSP] de1174bee4c800f9c6e4217f449dd771 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953765 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_08312013_111133.txt >>

[/list]

[list=]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Ultimate x64
Ran by djzdenek on so 31.08.2013 at 11:12:58,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\dll-files.com fixer"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 31.08.2013 at 11:18:50,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[/list]

Příspěvekod **memphisto** » 31 srp 2013 18:01

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

djzdenek · Příspěvekod **djzdenek** » 31 srp 2013 19:19

[list=]RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : djzdenek [Práva správce]
Mód : Odebrat -- Datum : 08/31/2013 19:08:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[EXT RUN][SUSP PATH] HKCU\djzdenek_ON_D:\[...]\Run : Google Update ("C:\Users\djzdenek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\djzdenek\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\djzdenek\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
--- User ---
[MBR] 22f38d2e0200135a5a9d506bbeb45369
[BSP] e58331b03eff12a6bbb5caafa9544f42 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
--- User ---
[MBR] 10a575d1dd0d767075a5d757e3bf788e
[BSP] de1174bee4c800f9c6e4217f449dd771 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953765 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: WDC WD50 00AAKS-22V1A0 SATA Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_08312013_190859.txt >>
RKreport[0]_S_08312013_111133.txt;RKreport[0]_S_08312013_190843.txt

[/list]

[list=]ComboFix 13-08-30.02 - djzdenek 31.08.2013 19:12:10.1.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8092.6049 [GMT 2:00]
Spuštěný z: c:\users\djzdenek\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\1028.msi
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\1031.msi
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\1033.msi
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\1036.msi
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\1041.msi
c:\users\djzdenek\AppData\Roaming\Microsoft\Windows\Templates\2052.msi
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-28 do 2013-08-31 )))))))))))))))))))))))))))))))
.
.
2013-08-31 17:16 . 2013-08-31 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-31 09:19 . 2013-08-31 17:15 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B3A1654-5DD4-4BCE-A010-E787428F668A}\offreg.dll
2013-08-31 09:12 . 2013-08-31 09:12 -------- d-----w- c:\windows\ERUNT
2013-08-30 19:27 . 2013-08-31 09:03 -------- d-----w- C:\AdwCleaner
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\programdata\Malwarebytes
2013-08-30 19:20 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-30 08:02 . 2012-09-19 09:51 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2013-08-30 08:02 . 2012-09-19 09:51 25952 ----a-w- c:\windows\system32\authuitu.dll
2013-08-30 08:02 . 2012-09-19 09:51 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-08-30 08:02 . 2013-08-30 08:01 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-30 08:01 . 2013-08-30 08:04 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013
2013-08-30 08:01 . 2013-08-30 08:01 -------- d-----w- c:\programdata\TuneUp Software
2013-08-30 08:00 . 2013-08-30 22:14 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-30 08:00 . 2013-08-30 08:00 -------- d--h--w- c:\programdata\Common Files
2013-08-30 06:46 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B3A1654-5DD4-4BCE-A010-E787428F668A}\mpengine.dll
2013-08-29 21:12 . 2013-08-29 21:12 -------- d-----w- c:\program files (x86)\Lavalys
2013-08-29 21:03 . 2013-08-29 21:03 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-29 05:57 . 2013-08-29 05:57 -------- d-----w- C:\Hry
2013-08-28 10:48 . 2013-08-28 10:52 -------- d-----w- c:\program files (x86)\Landwirtschafts Simulator 2011
2013-08-27 19:08 . 2013-08-27 19:10 -------- d-----w- c:\program files (x86)\AMD
2013-08-25 19:05 . 2013-08-25 19:06 -------- d-----r- c:\program files (x86)\Skype
2013-08-25 19:05 . 2013-08-25 19:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-25 19:05 . 2013-08-25 19:06 -------- d-----w- c:\programdata\Skype
2013-08-24 08:41 . 2013-08-24 08:41 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-24 08:35 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-08-24 08:35 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-08-24 08:34 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-08-24 08:34 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-08-23 19:31 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
2013-08-23 19:31 . 2013-03-28 17:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
2013-08-23 19:31 . 2013-03-07 07:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2013-08-23 19:31 . 2013-03-07 07:49 13896 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2013-08-23 19:31 . 2013-03-07 07:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-08-23 19:31 . 2013-03-07 07:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2013-08-23 19:31 . 2013-08-23 19:31 -------- d-----w- c:\program files (x86)\EaseUS
2013-08-23 19:00 . 2013-08-23 19:00 -------- d-----w- c:\program files\7-Zip
2013-08-23 10:04 . 2013-08-23 10:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-23 08:34 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-23 08:33 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-08-23 08:33 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-08-23 07:47 . 2013-08-23 07:47 -------- d-----w- c:\program files (x86)\PowerISO
2013-08-23 07:47 . 2012-12-09 09:51 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\SPReview
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\EventProviders
2013-08-22 14:20 . 2010-11-20 13:27 444416 ----a-w- c:\windows\system32\winhttp.dll
2013-08-22 14:19 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2013-08-22 14:18 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-08-22 11:01 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-22 10:56 . 2013-08-22 10:56 -------- d-----w- C:\NvidiaLogging
2013-08-22 10:55 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-22 10:55 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-22 10:55 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-22 08:16 . 2013-08-22 08:16 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\SysWow64\Wat
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\system32\Wat
2013-08-21 19:30 . 2013-08-21 19:30 -------- d-----w- C:\Games
2013-08-21 19:20 . 2013-08-21 19:20 -------- d-----w- c:\program files (x86)\TeamViewer
2013-08-21 17:53 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-08-21 17:53 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-08-21 17:53 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-08-21 17:53 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-08-21 17:42 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-08-21 17:40 . 2013-08-21 17:41 -------- d-----w- c:\windows\system32\MRT
2013-08-21 17:26 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-21 17:26 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-21 17:26 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-08-21 17:26 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-21 17:25 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-08-21 17:25 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-08-21 17:25 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-08-21 17:25 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-08-21 17:25 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-08-21 17:25 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-08-21 17:25 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-08-21 17:16 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-21 17:16 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-21 17:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-21 17:15 . 2013-08-30 19:07 -------- d-----w- c:\users\UpdatusUser
2013-08-21 17:15 . 2013-06-20 04:17 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-08-21 17:07 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-21 17:06 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-08-21 17:06 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-08-21 17:06 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-08-21 17:06 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-08-21 17:06 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-08-21 17:06 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2013-08-21 17:06 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-08-21 17:06 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-08-21 17:06 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2013-08-21 17:06 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-08-21 17:06 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2013-08-21 17:01 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-08-21 17:01 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-08-21 17:00 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-08-21 17:00 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-08-21 17:00 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-08-21 16:56 . 2013-08-21 16:56 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 -------- d-----w- c:\programdata\Logs
2013-08-21 16:28 . 2013-08-21 16:28 -------- d-----w- C:\direct
2013-08-21 15:27 . 2013-08-21 15:27 -------- d-----w- c:\program files (x86)\dreamboxEDIT
2013-08-21 15:16 . 2010-12-02 17:12 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll
2013-08-21 15:16 . 2013-08-31 17:02 -------- d-----w- c:\programdata\NVIDIA
2013-08-21 15:15 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-08-21 15:15 . 2013-08-22 10:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-08-21 15:15 . 2011-01-16 23:53 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2013-08-21 15:15 . 2011-01-16 23:53 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2013-08-21 15:15 . 2011-01-16 23:53 67176 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-21 15:15 . 2011-01-16 23:53 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-08-21 15:14 . 2013-06-21 12:06 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-08-21 15:14 . 2013-06-21 12:06 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-08-21 15:14 . 2011-01-16 23:53 11240 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-23 21:27 . 2013-08-23 21:27 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-08-23 21:27 . 2013-08-23 21:27 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-08-23 06:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-08-23 06:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-06-21 12:06 . 2013-02-25 22:32 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-02-25 22:32 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2013-02-25 22:32 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 10:23 . 2011-01-16 15:13 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2011-01-16 15:13 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2011-01-16 15:13 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2011-01-16 15:13 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2011-01-16 15:13 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2011-01-16 15:13 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"LocalAccountTokenFilterPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 cpuz135;cpuz135;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ASFLTDRV.SYS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 19:58 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 14:53]
.
2013-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 14:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.132.12.33 10.132.12.1
FF - ProfilePath - c:\users\djzdenek\AppData\Roaming\Mozilla\Firefox\Profiles\mows4i12.default\
FF - ExtSQL: 2013-08-25 21:06; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Dll-Files Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-31 19:18:23
ComboFix-quarantined-files.txt 2013-08-31 17:18
.
Před spuštěním: Volných bajtů: 405 328 072 704
Po spuštění: Volných bajtů: 405 211 115 520
.
- - End Of File - - 649C80C391B11B6D319E335635E338D3
5FB38429D5D77768867C76DCBDB35194
[/list]

Příspěvekod **jaro3** » 01 zář 2013 10:04

Odinstaluj:
AVG Secure Search

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Pak nový sken Combofixu.

djzdenek · Příspěvekod **djzdenek** » 01 zář 2013 12:09

Dobry den AVG Secure Search nemam takze nemuzu odinstalovat.

[list=]Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.08.31.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
djzdenek :: DJZDENEK-PC [administrátor]

Ochrana: Zakázána

1.9.2013 11:53:54
mbam-log-2013-09-01 (11-53-54).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 242319
Uplynulý čas: 2 minut, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\djzdenek\AppData\Roaming\PowerISO\Upgrade\PowerISO5.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Users\djzdenek\Downloads\Windows 7 aktivátor.rar (HackTool.Wpakill) -> Přesun do karantény a smazání se zdařilo.

(konec)[/list]

[list=]Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.08.31.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
djzdenek :: DJZDENEK-PC [administrátor]

Ochrana: Zakázána

1.9.2013 11:58:55
mbam-log-2013-09-01 (11-58-55).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 242352
Uplynulý čas: 1 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
[/list]

[list=]ComboFix 13-08-31.01 - djzdenek 01.09.2013 12:03:49.2.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8092.5921 [GMT 2:00]
Spuštěný z: c:\users\djzdenek\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-01 do 2013-09-01 )))))))))))))))))))))))))))))))
.
.
2013-09-01 10:07 . 2013-09-01 10:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-31 09:12 . 2013-08-31 09:12 -------- d-----w- c:\windows\ERUNT
2013-08-30 19:27 . 2013-08-31 09:03 -------- d-----w- C:\AdwCleaner
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\programdata\Malwarebytes
2013-08-30 19:20 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-30 08:02 . 2012-09-19 09:51 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2013-08-30 08:02 . 2012-09-19 09:51 25952 ----a-w- c:\windows\system32\authuitu.dll
2013-08-30 08:02 . 2012-09-19 09:51 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-08-30 08:02 . 2013-08-30 08:01 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-30 08:01 . 2013-08-30 08:04 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013
2013-08-30 08:01 . 2013-08-30 08:01 -------- d-----w- c:\programdata\TuneUp Software
2013-08-30 08:00 . 2013-08-30 22:14 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-30 08:00 . 2013-08-30 08:00 -------- d--h--w- c:\programdata\Common Files
2013-08-30 06:46 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B3A1654-5DD4-4BCE-A010-E787428F668A}\mpengine.dll
2013-08-29 21:12 . 2013-08-29 21:12 -------- d-----w- c:\program files (x86)\Lavalys
2013-08-29 21:03 . 2013-08-29 21:03 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-29 05:57 . 2013-08-29 05:57 -------- d-----w- C:\Hry
2013-08-28 10:48 . 2013-08-28 10:52 -------- d-----w- c:\program files (x86)\Landwirtschafts Simulator 2011
2013-08-27 19:08 . 2013-08-27 19:10 -------- d-----w- c:\program files (x86)\AMD
2013-08-25 19:05 . 2013-08-25 19:06 -------- d-----r- c:\program files (x86)\Skype
2013-08-25 19:05 . 2013-08-25 19:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-25 19:05 . 2013-08-25 19:06 -------- d-----w- c:\programdata\Skype
2013-08-24 08:41 . 2013-08-24 08:41 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-24 08:35 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-08-24 08:35 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-08-24 08:34 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-08-24 08:34 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-08-23 19:31 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
2013-08-23 19:31 . 2013-03-28 17:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
2013-08-23 19:31 . 2013-03-07 07:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2013-08-23 19:31 . 2013-03-07 07:49 13896 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2013-08-23 19:31 . 2013-03-07 07:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-08-23 19:31 . 2013-03-07 07:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2013-08-23 19:31 . 2013-08-23 19:31 -------- d-----w- c:\program files (x86)\EaseUS
2013-08-23 19:00 . 2013-08-23 19:00 -------- d-----w- c:\program files\7-Zip
2013-08-23 10:04 . 2013-08-23 10:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-23 08:34 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-23 08:33 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-08-23 08:33 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-08-23 07:47 . 2013-08-23 07:47 -------- d-----w- c:\program files (x86)\PowerISO
2013-08-23 07:47 . 2012-12-09 09:51 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\SPReview
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\EventProviders
2013-08-22 14:20 . 2010-11-20 13:27 444416 ----a-w- c:\windows\system32\winhttp.dll
2013-08-22 14:19 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2013-08-22 14:18 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-08-22 11:01 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-22 10:56 . 2013-08-22 10:56 -------- d-----w- C:\NvidiaLogging
2013-08-22 10:55 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-22 10:55 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-22 10:55 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-22 08:16 . 2013-08-22 08:16 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\SysWow64\Wat
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\system32\Wat
2013-08-21 19:30 . 2013-08-21 19:30 -------- d-----w- C:\Games
2013-08-21 19:20 . 2013-08-21 19:20 -------- d-----w- c:\program files (x86)\TeamViewer
2013-08-21 17:53 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-08-21 17:53 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-08-21 17:53 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-08-21 17:53 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-08-21 17:42 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-08-21 17:40 . 2013-08-21 17:41 -------- d-----w- c:\windows\system32\MRT
2013-08-21 17:26 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-21 17:26 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-21 17:26 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-08-21 17:26 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-21 17:25 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-08-21 17:25 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-08-21 17:25 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-08-21 17:25 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-08-21 17:25 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-08-21 17:25 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-08-21 17:25 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-08-21 17:16 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-21 17:16 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-21 17:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-21 17:15 . 2013-08-30 19:07 -------- d-----w- c:\users\UpdatusUser
2013-08-21 17:15 . 2013-06-20 04:17 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-08-21 17:07 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-21 17:06 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-08-21 17:06 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-08-21 17:06 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-08-21 17:06 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-08-21 17:06 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-08-21 17:06 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2013-08-21 17:06 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-08-21 17:06 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-08-21 17:06 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2013-08-21 17:06 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-08-21 17:06 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2013-08-21 17:01 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-08-21 17:01 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-08-21 17:00 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-08-21 17:00 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-08-21 17:00 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-08-21 16:56 . 2013-08-21 16:56 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 -------- d-----w- c:\programdata\Logs
2013-08-21 16:28 . 2013-08-21 16:28 -------- d-----w- C:\direct
2013-08-21 15:27 . 2013-08-21 15:27 -------- d-----w- c:\program files (x86)\dreamboxEDIT
2013-08-21 15:16 . 2010-12-02 17:12 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll
2013-08-21 15:16 . 2013-09-01 08:08 -------- d-----w- c:\programdata\NVIDIA
2013-08-21 15:15 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-08-21 15:15 . 2013-08-22 10:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-08-21 15:15 . 2011-01-16 23:53 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2013-08-21 15:15 . 2011-01-16 23:53 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2013-08-21 15:15 . 2011-01-16 23:53 67176 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-21 15:15 . 2011-01-16 23:53 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-08-21 15:14 . 2013-06-21 12:06 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-08-21 15:14 . 2013-06-21 12:06 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-08-21 15:14 . 2011-01-16 23:53 11240 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2013-08-21 15:14 . 2013-08-22 10:56 -------- d-----w- c:\program files\NVIDIA Corporation
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-23 21:27 . 2013-08-23 21:27 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-08-23 21:27 . 2013-08-23 21:27 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-08-23 06:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-08-23 06:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-06-21 12:06 . 2013-02-25 22:32 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-02-25 22:32 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2013-02-25 22:32 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 10:23 . 2011-01-16 15:13 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2011-01-16 15:13 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2011-01-16 15:13 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2011-01-16 15:13 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2011-01-16 15:13 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2011-01-16 15:13 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"LocalAccountTokenFilterPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 cpuz135;cpuz135;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 19:58 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 14:53]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 14:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.132.12.33 10.132.12.1
FF - ProfilePath - c:\users\djzdenek\AppData\Roaming\Mozilla\Firefox\Profiles\mows4i12.default\
FF - ExtSQL: 2013-08-25 21:06; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Dll-Files Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-01 12:08:48
ComboFix-quarantined-files.txt 2013-09-01 10:08
ComboFix2.txt 2013-08-31 17:18
.
Před spuštěním: Volných bajtů: 399 762 710 528
Po spuštění: Volných bajtů: 399 695 704 064
.
- - End Of File - - 306B60FA2237CC24D22BCCC83F6BDD83
5FB38429D5D77768867C76DCBDB35194
[/list]

Příspěvekod **jaro3** » 02 zář 2013 11:01

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Common Files\AVG Secure Search
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
vToolbarUpdater15.4.0
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

djzdenek · Příspěvekod **djzdenek** » 02 zář 2013 16:51

[list=]ComboFix 13-09-02.02 - djzdenek 02.09.2013 16:36:07.3.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8092.6220 [GMT 2:00]
Spuštěný z: c:\users\djzdenek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\djzdenek\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.153\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.153\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.153\psuser.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
-------\Service_vToolbarUpdater15.4.0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-02 do 2013-09-02 )))))))))))))))))))))))))))))))
.
.
2013-09-02 14:40 . 2013-09-02 14:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-01 17:08 . 2013-09-02 14:04 -------- d-----w- c:\programdata\BootRacer
2013-09-01 16:35 . 2013-09-02 14:43 -------- d-----w- c:\program files (x86)\BootRacer
2013-09-01 14:27 . 2013-09-01 14:27 -------- d-----w- c:\programdata\Orbit
2013-08-31 09:12 . 2013-08-31 09:12 -------- d-----w- c:\windows\ERUNT
2013-08-30 19:27 . 2013-08-31 09:03 -------- d-----w- C:\AdwCleaner
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-30 19:20 . 2013-08-30 19:20 -------- d-----w- c:\programdata\Malwarebytes
2013-08-30 19:20 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-30 08:02 . 2012-09-19 09:51 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2013-08-30 08:02 . 2012-09-19 09:51 25952 ----a-w- c:\windows\system32\authuitu.dll
2013-08-30 08:02 . 2012-09-19 09:51 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-08-30 08:02 . 2013-08-30 08:01 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-30 08:01 . 2013-08-30 08:04 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013
2013-08-30 08:01 . 2013-08-30 08:01 -------- d-----w- c:\programdata\TuneUp Software
2013-08-30 08:00 . 2013-08-30 22:14 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-30 08:00 . 2013-08-30 08:00 -------- d--h--w- c:\programdata\Common Files
2013-08-30 06:46 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B3A1654-5DD4-4BCE-A010-E787428F668A}\mpengine.dll
2013-08-29 21:12 . 2013-08-29 21:12 -------- d-----w- c:\program files (x86)\Lavalys
2013-08-29 21:03 . 2013-08-29 21:03 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-29 05:57 . 2013-09-01 10:14 -------- d-----w- C:\Hry
2013-08-28 10:48 . 2013-09-01 11:53 -------- d-----w- c:\program files (x86)\Landwirtschafts Simulator 2011
2013-08-27 19:08 . 2013-08-27 19:10 -------- d-----w- c:\program files (x86)\AMD
2013-08-25 19:05 . 2013-09-02 14:40 -------- d-----r- c:\program files (x86)\Skype
2013-08-25 19:05 . 2013-08-25 19:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-25 19:05 . 2013-08-25 19:06 -------- d-----w- c:\programdata\Skype
2013-08-24 08:41 . 2013-08-24 08:41 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-24 08:35 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-08-24 08:35 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-08-24 08:34 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-08-24 08:34 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-08-23 19:31 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
2013-08-23 19:31 . 2013-03-28 17:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
2013-08-23 19:31 . 2013-03-07 07:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2013-08-23 19:31 . 2013-03-07 07:49 13896 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2013-08-23 19:31 . 2013-03-07 07:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2013-08-23 19:31 . 2013-03-07 07:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-08-23 19:31 . 2013-03-07 07:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2013-08-23 19:31 . 2013-08-23 19:31 -------- d-----w- c:\program files (x86)\EaseUS
2013-08-23 19:00 . 2013-08-23 19:00 -------- d-----w- c:\program files\7-Zip
2013-08-23 10:04 . 2013-08-23 10:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-23 08:34 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-23 08:33 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-08-23 08:33 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-08-23 07:47 . 2013-08-23 07:47 -------- d-----w- c:\program files (x86)\PowerISO
2013-08-23 07:47 . 2012-12-09 09:51 126944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\SPReview
2013-08-22 21:21 . 2013-08-22 21:21 -------- d-----w- c:\windows\system32\EventProviders
2013-08-22 14:20 . 2010-11-20 13:27 444416 ----a-w- c:\windows\system32\winhttp.dll
2013-08-22 14:19 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2013-08-22 14:18 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-08-22 14:18 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-08-22 11:01 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-22 10:56 . 2013-08-22 10:56 -------- d-----w- C:\NvidiaLogging
2013-08-22 10:55 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-22 10:55 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-22 10:55 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-22 08:16 . 2013-08-22 08:16 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\SysWow64\Wat
2013-08-21 21:32 . 2013-08-21 21:32 -------- d-----w- c:\windows\system32\Wat
2013-08-21 19:30 . 2013-08-21 19:30 -------- d-----w- C:\Games
2013-08-21 19:20 . 2013-08-21 19:20 -------- d-----w- c:\program files (x86)\TeamViewer
2013-08-21 17:53 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-08-21 17:53 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-08-21 17:53 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-08-21 17:53 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-08-21 17:42 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-08-21 17:40 . 2013-08-21 17:41 -------- d-----w- c:\windows\system32\MRT
2013-08-21 17:26 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-21 17:26 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-21 17:26 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-21 17:26 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-08-21 17:26 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-21 17:25 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-08-21 17:25 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-08-21 17:25 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-08-21 17:25 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-08-21 17:25 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-08-21 17:25 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-08-21 17:25 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-08-21 17:16 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-21 17:16 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-21 17:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-21 17:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-21 17:15 . 2013-08-30 19:07 -------- d-----w- c:\users\UpdatusUser
2013-08-21 17:15 . 2013-06-20 04:17 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-08-21 17:07 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-21 17:06 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-08-21 17:06 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-08-21 17:06 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-08-21 17:06 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-08-21 17:06 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-08-21 17:06 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2013-08-21 17:06 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-08-21 17:06 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-08-21 17:06 . 2010-11-20 13:27 33792 ----a-w- c:\windows\system32\profprov.dll
2013-08-21 17:06 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-08-21 17:06 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2013-08-21 17:01 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-08-21 17:01 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-08-21 17:00 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-08-21 17:00 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-08-21 17:00 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-08-21 17:00 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-08-21 16:56 . 2013-08-21 16:56 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-08-21 16:45 . 2013-08-21 16:45 -------- d-----w- c:\programdata\Logs
2013-08-21 16:28 . 2013-08-21 16:28 -------- d-----w- C:\direct
2013-08-21 15:27 . 2013-08-21 15:27 -------- d-----w- c:\program files (x86)\dreamboxEDIT
2013-08-21 15:16 . 2010-12-02 17:12 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll
2013-08-21 15:16 . 2013-09-02 14:43 -------- d-----w- c:\programdata\NVIDIA
2013-08-21 15:15 . 2013-08-22 11:01 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-08-21 15:15 . 2013-08-22 10:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-08-21 15:15 . 2011-01-16 23:53 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2013-08-21 15:15 . 2011-01-16 23:53 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2013-08-21 15:15 . 2011-01-16 23:53 67176 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-21 15:15 . 2011-01-16 23:53 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-08-21 15:14 . 2013-06-21 12:06 2936208 ----a-w- c:\windows\system32\nvapi64.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-23 21:27 . 2013-08-23 21:27 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-08-23 21:27 . 2013-08-23 21:27 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-08-23 06:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-08-23 06:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-06-21 12:06 . 2013-02-25 22:32 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-02-25 22:32 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2013-02-25 22:32 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 10:23 . 2011-01-16 15:13 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2011-01-16 15:13 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2011-01-16 15:13 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2011-01-16 15:13 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2011-01-16 15:13 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2011-01-16 15:13 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"LocalAccountTokenFilterPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 cpuz135;cpuz135;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\djzdenek\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.10\AsusFanControlService.exe [x]
S2 BootRacerServ;BootRacerServ;c:\program files (x86)\BootRacer\BootRacerServ.exe;c:\program files (x86)\BootRacer\BootRacerServ.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ASFLTDRV.SYS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 19:58 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.132.12.33 10.132.12.1
FF - ProfilePath - c:\users\djzdenek\AppData\Roaming\Mozilla\Firefox\Profiles\mows4i12.default\
FF - ExtSQL: 2013-08-25 21:06; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Dll-Files Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
c:\program files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-09-02 16:47:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-02 14:47
ComboFix2.txt 2013-09-01 10:08
ComboFix3.txt 2013-08-31 17:18
.
Před spuštěním: Volných bajtů: 384 554 340 352
Po spuštění: Volných bajtů: 388 692 926 464
.
- - End Of File - - 216892CB4EFFB72426589BAA2D751046
5FB38429D5D77768867C76DCBDB35194[/list]

[list=]aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-02 16:50:38
-----------------------------
16:50:38.171 OS Version: Windows x64 6.1.7601 Service Pack 1
16:50:38.171 Number of processors: 6 586 0x200
16:50:38.172 ComputerName: DJZDENEK-PC UserName: djzdenek
16:50:38.197 Initialze error 1
16:50:59.478 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
16:50:59.481 Disk 0 Vendor: WDC_WD50 05.0 Size: 476935MB BusType: 11
16:50:59.485 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006f
16:50:59.489 Disk 1 Vendor: WDC_WD10 51.0 Size: 953865MB BusType: 11
16:50:59.510 Disk 0 MBR read successfully
16:50:59.515 Disk 0 MBR scan
16:50:59.519 Disk 0 unknown MBR code
16:50:59.525 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
16:50:59.530 Disk 0 scanning C:\Windows\system32\drivers
16:50:59.536 Service scanning
16:51:00.839 Modules scanning
16:51:00.846 Disk 0 trace - called modules:
16:51:00.868 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
16:51:00.873 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007afa060]
16:51:00.880 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006b08ac0]
16:51:00.886 5 amd_xata.sys[fffff880010fbd00] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa8006afd8a0]
16:51:00.892 Scan finished successfully
16:51:20.277 Disk 0 MBR has been saved successfully to "C:\Users\djzdenek\Desktop\MBR.dat"
16:51:20.281 The log file has been saved successfully to "C:\Users\djzdenek\Desktop\aswMBR.txt"[/list]

Dlouhý start Win - HJT log

Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Re: Dlouhý start Win - HJT log

Kdo je online