Kontrola logu

[jetrot]

Dobrý den, mužete mi někdo prosím pomoci začistit? Lapl jsem Antispyware 2012, který jsem zrušil rkillem, mbam je čistej i troan killer.
Book se chová již normálně a 2012 už neotravuje.
V registrech je ale plno řádků , které začínají "@čem" a myslím , že tam nemají co dělat, ale raději bych někoho zkušeného poprosil o kontrolu logu, protože tam se zatím moc u win 7 64 bit nevyznám. Avast nainstaluji po případném dočištění.



ComboFix 12-01-13.01 - zbynek 13.01.2012 12:47:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4044.2553 [GMT 1:00]
Spuštěný z: c:\users\zbynek\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\java.exe
c:\windows\SysWow64\systeminfo.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-13 do 2012-01-13 )))))))))))))))))))))))))))))))
.
.
2012-01-13 11:52 . 2012-01-13 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-13 11:46 . 2012-01-13 11:46 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{843F171E-FBB0-46CB-8943-93279D2D9E7E}\offreg.dll
2012-01-13 11:44 . 2012-01-13 11:44 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-13 10:38 . 2012-01-13 11:21 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-01-13 10:01 . 2012-01-13 10:01 -------- d-----w- c:\users\zbynek\AppData\Roaming\Malwarebytes
2012-01-13 10:01 . 2012-01-13 10:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-13 10:01 . 2012-01-13 10:01 -------- d-----w- c:\programdata\Malwarebytes
2012-01-13 10:01 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-13 09:46 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{843F171E-FBB0-46CB-8943-93279D2D9E7E}\mpengine.dll
2012-01-13 09:46 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-13 09:46 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-13 09:46 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-13 09:46 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-13 09:45 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-13 09:45 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-13 09:45 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-13 09:45 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-13 09:44 . 2012-01-13 09:44 -------- d-----w- c:\users\zbynek\AppData\Local\Mozilla
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\users\zbynek\AppData\Roaming\Kastner software
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\programdata\KASTNER software
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\program files (x86)\KASTNER software
2011-12-24 11:48 . 2011-12-24 11:48 -------- d-----w- c:\program files (x86)\Conduit
2011-12-24 11:48 . 2011-12-24 11:48 -------- d-----w- c:\program files (x86)\BS_Player
2011-12-24 11:47 . 2011-12-24 15:11 -------- d-----w- c:\users\zbynek\AppData\Roaming\BSplayer
2011-12-24 11:47 . 2011-12-24 11:47 -------- d-----w- c:\users\zbynek\AppData\Roaming\BSplayer Pro
2011-12-24 11:47 . 2011-12-24 11:47 -------- d-----w- c:\program files (x86)\Webteh
2011-12-24 11:42 . 2011-12-24 11:42 -------- d-----w- c:\users\zbynek\AppData\Local\Windows Live
2011-12-22 14:55 . 2011-12-22 14:55 -------- d-----w- c:\users\zbynek\AppData\Local\HP
2011-12-22 14:54 . 2011-12-22 14:55 -------- d-----w- c:\users\zbynek\AppData\Roaming\HP
2011-12-22 14:54 . 2011-12-22 14:54 -------- d-----w- c:\programdata\WEBREG
2011-12-22 14:53 . 2011-12-22 14:53 -------- d-----w- c:\programdata\Hewlett-Packard
2011-12-22 14:53 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-12-22 14:50 . 2011-12-22 14:50 -------- d-----w- c:\programdata\HP Product Assistant
2011-12-22 14:48 . 2011-12-22 14:48 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-12-22 14:48 . 2011-12-22 14:48 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2011-12-22 14:48 . 2011-12-22 14:50 -------- d-----w- c:\program files (x86)\HP
2011-12-22 14:46 . 2011-12-30 16:34 -------- d-----w- c:\programdata\HP
2011-12-22 14:46 . 2009-07-08 10:51 861184 ----a-w- c:\windows\system32\hpowiax3.dll
2011-12-22 14:46 . 2009-07-08 10:51 729600 ----a-w- c:\windows\system32\hpotscl3.dll
2011-12-22 14:46 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll
2011-12-22 14:46 . 2009-07-08 10:51 540672 ----a-w- c:\windows\system32\hppldcoi.dll
2011-12-22 14:46 . 2009-07-08 10:51 497664 ----a-w- c:\windows\system32\hpovst10.dll
2011-12-22 13:29 . 2011-12-22 13:29 -------- d-----r- C:\MSOCache
2011-12-22 09:52 . 2011-12-22 09:52 -------- d-----w- c:\program files (x86)\Filzip
2011-12-22 08:22 . 2011-12-22 15:15 -------- d-----w- c:\users\zbynek\AppData\Roaming\Skype
2011-12-18 21:28 . 2011-12-18 21:28 -------- d-----w- c:\users\zbynek\AppData\Local\ArcSoft
2011-12-18 21:28 . 2011-12-18 21:28 -------- d-----w- c:\users\zbynek\AppData\Roaming\ArcSoft
2011-12-17 10:48 . 2011-12-20 21:33 -------- d-----w- c:\users\zbynek\AppData\Local\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-05 18:39 . 2011-12-05 18:39 356 ----a-w- c:\windows\system32\AF15IRTBL.bin
2011-12-05 18:39 . 2011-12-05 18:39 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2011-12-04 07:33 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-11-29 14:26 3908192 ----a-w- c:\program files (x86)\BS_Player\tbBS_P.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2010-11-29 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-29 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"="c:\program files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" [2010-03-06 286720]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-10 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 136176]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-31 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-31 75936]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-03-30 1021112]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:54]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-10 07:54]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\e85ae2qp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-13 12:55:41
ComboFix-quarantined-files.txt 2012-01-13 11:55
.
Před spuštěním: Volných bajtů: 428 231 172 096
Po spuštění: Volných bajtů: 427 727 159 296
.
- - End Of File - - 5A003ACE962743627602619DECC24B05

[Rudy]

Zdravím!
O těch řádcích v registry jste poskytl celkem povšechnou informaci. Nedokážu říci, zda tam patří, nebo ne. Máte tam ale dost zbytečností, které brzdí chod PC. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files (x86)\Conduit
c:\program files (x86)\Google\GoogleToolbarNotifier
c:\program files (x86)\Google\Update

Driver::
gupdate
gupdatem

Collect::
c:\program files (x86)\BS_Player\tbBS_P.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Registry::
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[jetrot]

Zdravím, takže ty retězce kde je "@" v "ZAMKNUTÉ KLÍČE V REGISTRU" jsou v pořádku?
A které věci brzdí počítač? Dá se s tím něco udělat?


Tady je log po akci s poznámkovým blokem.




ComboFix 12-01-13.03 - zbynek 13.01.2012 19:41:08.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4044.2643 [GMT 1:00]
Spuštěný z: c:\users\zbynek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\zbynek\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-13 do 2012-01-13 )))))))))))))))))))))))))))))))
.
.
2012-01-13 18:44 . 2012-01-13 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-13 17:08 . 2012-01-13 17:08 -------- d-----w- c:\program files\trend micro
2012-01-13 17:08 . 2012-01-13 17:08 -------- d-----w- C:\rsit
2012-01-13 12:13 . 2012-01-13 12:15 -------- d-----w- c:\program files (x86)\totalcmd
2012-01-13 12:13 . 2012-01-13 12:14 -------- d-----w- c:\users\zbynek\AppData\Roaming\GHISLER
2012-01-13 12:13 . 2007-06-06 06:00 545 ----a-w- c:\windows\UC.PIF
2012-01-13 12:13 . 2007-06-06 06:00 545 ----a-w- c:\windows\RAR.PIF
2012-01-13 12:13 . 2007-06-06 06:00 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-01-13 12:13 . 2007-06-06 06:00 545 ----a-w- c:\windows\LHA.PIF
2012-01-13 12:13 . 2007-06-06 06:00 545 ----a-w- c:\windows\ARJ.PIF
2012-01-13 11:44 . 2012-01-13 11:44 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-13 10:38 . 2012-01-13 12:02 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-01-13 10:01 . 2012-01-13 10:01 -------- d-----w- c:\users\zbynek\AppData\Roaming\Malwarebytes
2012-01-13 10:01 . 2012-01-13 10:01 -------- d-----w- c:\programdata\Malwarebytes
2012-01-13 09:46 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{843F171E-FBB0-46CB-8943-93279D2D9E7E}\mpengine.dll
2012-01-13 09:46 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-13 09:46 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-13 09:46 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-13 09:46 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-13 09:45 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-13 09:45 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-13 09:45 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-13 09:45 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-13 09:44 . 2012-01-13 09:44 -------- d-----w- c:\users\zbynek\AppData\Local\Mozilla
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\users\zbynek\AppData\Roaming\Kastner software
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\programdata\KASTNER software
2011-12-26 19:29 . 2011-12-26 19:29 -------- d-----w- c:\program files (x86)\KASTNER software
2011-12-24 11:47 . 2011-12-24 15:11 -------- d-----w- c:\users\zbynek\AppData\Roaming\BSplayer
2011-12-24 11:47 . 2011-12-24 11:47 -------- d-----w- c:\users\zbynek\AppData\Roaming\BSplayer Pro
2011-12-24 11:47 . 2011-12-24 11:47 -------- d-----w- c:\program files (x86)\Webteh
2011-12-24 11:42 . 2011-12-24 11:42 -------- d-----w- c:\users\zbynek\AppData\Local\Windows Live
2011-12-22 14:55 . 2011-12-22 14:55 -------- d-----w- c:\users\zbynek\AppData\Local\HP
2011-12-22 14:54 . 2011-12-22 14:55 -------- d-----w- c:\users\zbynek\AppData\Roaming\HP
2011-12-22 14:54 . 2011-12-22 14:54 -------- d-----w- c:\programdata\WEBREG
2011-12-22 14:53 . 2011-12-22 14:53 -------- d-----w- c:\programdata\Hewlett-Packard
2011-12-22 14:53 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-12-22 14:50 . 2011-12-22 14:50 -------- d-----w- c:\programdata\HP Product Assistant
2011-12-22 14:48 . 2011-12-22 14:48 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-12-22 14:48 . 2011-12-22 14:48 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2011-12-22 14:48 . 2011-12-22 14:50 -------- d-----w- c:\program files (x86)\HP
2011-12-22 14:46 . 2011-12-30 16:34 -------- d-----w- c:\programdata\HP
2011-12-22 14:46 . 2009-07-08 10:51 861184 ----a-w- c:\windows\system32\hpowiax3.dll
2011-12-22 14:46 . 2009-07-08 10:51 729600 ----a-w- c:\windows\system32\hpotscl3.dll
2011-12-22 14:46 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll
2011-12-22 14:46 . 2009-07-08 10:51 540672 ----a-w- c:\windows\system32\hppldcoi.dll
2011-12-22 14:46 . 2009-07-08 10:51 497664 ----a-w- c:\windows\system32\hpovst10.dll
2011-12-22 13:29 . 2011-12-22 13:29 -------- d-----r- C:\MSOCache
2011-12-22 09:52 . 2011-12-22 09:52 -------- d-----w- c:\program files (x86)\Filzip
2011-12-22 08:22 . 2011-12-22 15:15 -------- d-----w- c:\users\zbynek\AppData\Roaming\Skype
2011-12-18 21:28 . 2011-12-18 21:28 -------- d-----w- c:\users\zbynek\AppData\Local\ArcSoft
2011-12-18 21:28 . 2011-12-18 21:28 -------- d-----w- c:\users\zbynek\AppData\Roaming\ArcSoft
2011-12-17 10:48 . 2011-12-20 21:33 -------- d-----w- c:\users\zbynek\AppData\Local\Microsoft Games
2011-12-15 03:59 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 03:59 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 03:59 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 03:59 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 03:59 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 03:59 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-05 18:39 . 2011-12-05 18:39 356 ----a-w- c:\windows\system32\AF15IRTBL.bin
2011-12-05 18:39 . 2011-12-05 18:39 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2011-12-04 07:33 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-17 06:35 . 2012-01-13 11:55 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:34 . 2012-01-13 11:55 224768 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-13_11.52.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-13 11:55 . 2011-11-17 05:28 96768 c:\windows\SysWOW64\sspicli.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 76800 c:\windows\SysWOW64\SetIEInstalledDate.exe
- 2010-11-21 03:24 . 2010-11-21 03:24 22016 c:\windows\SysWOW64\secur32.dll
+ 2012-01-13 11:55 . 2011-11-17 05:34 22016 c:\windows\SysWOW64\secur32.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 74752 c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 54272 c:\windows\SysWOW64\pngfilt.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 48640 c:\windows\SysWOW64\mshtmler.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 72704 c:\windows\SysWOW64\mshtmled.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 11776 c:\windows\SysWOW64\mshta.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 10752 c:\windows\SysWOW64\msfeedssync.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 41472 c:\windows\SysWOW64\msfeedsbs.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 23552 c:\windows\SysWOW64\licmgr10.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 78848 c:\windows\SysWOW64\inseng.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 35840 c:\windows\SysWOW64\imgutil.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 86528 c:\windows\SysWOW64\iesysprep.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 74752 c:\windows\SysWOW64\iesetup.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 31744 c:\windows\SysWOW64\iernonce.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 74240 c:\windows\SysWOW64\ie4uinit.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 66048 c:\windows\SysWOW64\icardie.dll
+ 2012-01-13 18:45 . 2012-01-13 18:45 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-01-13 11:28 . 2012-01-13 11:28 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-01-13 11:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-13 16:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-13 16:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-13 11:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-13 16:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-13 11:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-01-13 16:51 49244 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-13 16:51 34702 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-11-21 03:24 . 2010-11-21 03:24 29184 c:\windows\system32\sspisrv.dll
+ 2012-01-13 11:55 . 2011-11-17 06:35 29184 c:\windows\system32\sspisrv.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 91648 c:\windows\system32\SetIEInstalledDate.exe
- 2010-11-21 03:24 . 2010-11-21 03:24 28160 c:\windows\system32\secur32.dll
+ 2012-01-13 11:55 . 2011-11-17 06:35 28160 c:\windows\system32\secur32.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 89088 c:\windows\system32\RegisterIEPKEYs.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 65024 c:\windows\system32\pngfilt.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 48640 c:\windows\system32\mshtmler.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 96256 c:\windows\system32\mshtmled.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 12288 c:\windows\system32\mshta.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 10752 c:\windows\system32\msfeedssync.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 55296 c:\windows\system32\msfeedsbs.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-01-13 11:55 . 2011-11-17 06:33 31232 c:\windows\system32\lsass.exe
- 2009-07-13 23:20 . 2009-07-14 01:39 31232 c:\windows\system32\lsass.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 30720 c:\windows\system32\licmgr10.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 85504 c:\windows\system32\jsproxy.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 49664 c:\windows\system32\imgutil.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 85504 c:\windows\system32\iesetup.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 39936 c:\windows\system32\iernonce.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 89088 c:\windows\system32\ie4uinit.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 82432 c:\windows\system32\icardie.dll
+ 2012-01-13 11:55 . 2011-11-17 06:49 95600 c:\windows\system32\drivers\ksecdd.sys
+ 2011-11-26 17:31 . 2012-01-13 16:47 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-26 17:31 . 2012-01-13 11:44 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-26 17:31 . 2012-01-13 16:47 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-11-26 17:31 . 2012-01-13 11:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-13 16:47 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-13 11:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-01-13 16:52 96720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2012-01-13 11:46 96720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-11-27 21:29 . 2012-01-13 16:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-27 21:29 . 2012-01-13 11:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-27 21:29 . 2012-01-13 16:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-11-27 21:29 . 2012-01-13 11:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-06 11:55 . 2011-06-06 11:55 73624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\wow_helper.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\ViewerPS.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\reader_sl.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 88992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\PDFPrevHndlr.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\eula.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 64952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\armsvc.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\acrotextextractor.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroRd32Info.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 63912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\acroiehelpershim.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroIEHelper.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\Acrofx32.dll
+ 2011-11-26 17:42 . 2012-01-13 16:51 7956 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-913590003-3989541995-3223138248-1000_UserData.bin
+ 2012-01-13 16:39 . 2012-01-13 16:49 4398 c:\windows\SoftwareDistribution\EventCache\{449BE0D1-DBC1-4AB1-B204-AD22924111B2}.bin
- 2012-01-13 11:43 . 2012-01-13 11:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-13 18:45 . 2012-01-13 18:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-13 11:43 . 2012-01-13 11:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-13 18:45 . 2012-01-13 18:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-13 16:47 . 2012-01-13 16:47 152064 c:\windows\SysWOW64\wextract.exe
- 2010-11-21 03:23 . 2010-11-21 03:23 314880 c:\windows\SysWOW64\webio.dll
+ 2012-01-13 11:55 . 2011-11-17 05:35 314880 c:\windows\SysWOW64\webio.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 203776 c:\windows\SysWOW64\webcheck.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 420864 c:\windows\SysWOW64\vbscript.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 231936 c:\windows\SysWOW64\url.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 123392 c:\windows\SysWOW64\occache.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 162304 c:\windows\SysWOW64\msrating.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 161792 c:\windows\SysWOW64\msls31.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 580608 c:\windows\SysWOW64\msfeeds.dll
- 2012-01-13 09:46 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 150528 c:\windows\SysWOW64\iexpress.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 176640 c:\windows\SysWOW64\ieui.dll
- 2011-12-15 03:59 . 2011-11-11 05:40 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 118784 c:\windows\SysWOW64\iepeers.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 353584 c:\windows\SysWOW64\iedkcs32.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 434176 c:\windows\SysWOW64\ieapfltr.dll
- 2009-07-13 23:42 . 2009-07-14 01:05 163840 c:\windows\SysWOW64\ieakui.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 163840 c:\windows\SysWOW64\ieakui.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 227840 c:\windows\SysWOW64\ieaksie.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 130560 c:\windows\SysWOW64\ieakeng.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 110592 c:\windows\SysWOW64\IEAdvpack.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 223232 c:\windows\SysWOW64\dxtrans.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 353792 c:\windows\SysWOW64\dxtmsft.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 101888 c:\windows\SysWOW64\admparse.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 160256 c:\windows\system32\wextract.exe
+ 2012-01-13 11:55 . 2011-11-17 06:35 395776 c:\windows\system32\webio.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 395776 c:\windows\system32\webio.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 249344 c:\windows\system32\webcheck.dll
+ 2011-11-26 20:01 . 2012-01-13 14:26 232686 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-01-13 16:47 . 2012-01-13 16:47 603648 c:\windows\system32\vbscript.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 237056 c:\windows\system32\url.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 136192 c:\windows\system32\sspicli.dll
+ 2012-01-13 11:55 . 2011-11-17 06:35 136192 c:\windows\system32\sspicli.dll
- 2009-07-14 02:36 . 2012-01-13 11:51 652812 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-13 16:54 652812 c:\windows\system32\perfh009.dat
- 2011-02-14 20:16 . 2012-01-13 11:51 667108 c:\windows\system32\perfh005.dat
+ 2011-02-14 20:16 . 2012-01-13 16:54 667108 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-01-13 16:54 121486 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-01-13 11:51 121486 c:\windows\system32\perfc009.dat
- 2011-02-14 20:16 . 2012-01-13 11:51 140514 c:\windows\system32\perfc005.dat
+ 2011-02-14 20:16 . 2012-01-13 16:54 140514 c:\windows\system32\perfc005.dat
+ 2012-01-13 16:47 . 2012-01-13 16:47 149504 c:\windows\system32\occache.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 197120 c:\windows\system32\msrating.dll
- 2009-07-13 23:39 . 2009-07-14 01:41 222208 c:\windows\system32\msls31.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 222208 c:\windows\system32\msls31.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 697344 c:\windows\system32\msfeeds.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 818688 c:\windows\system32\jscript.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 103936 c:\windows\system32\inseng.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 165888 c:\windows\system32\iexpress.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 173056 c:\windows\system32\ieUnatt.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 248320 c:\windows\system32\ieui.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 111616 c:\windows\system32\iesysprep.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 145920 c:\windows\system32\iepeers.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 403248 c:\windows\system32\iedkcs32.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 534528 c:\windows\system32\ieapfltr.dll
- 2009-07-13 23:58 . 2009-07-14 01:27 163840 c:\windows\system32\ieakui.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 163840 c:\windows\system32\ieakui.dll
- 2009-07-13 23:58 . 2009-07-14 01:41 267776 c:\windows\system32\ieaksie.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 267776 c:\windows\system32\ieaksie.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 160256 c:\windows\system32\ieakeng.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 135168 c:\windows\system32\IEAdvpack.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 282112 c:\windows\system32\dxtrans.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 452608 c:\windows\system32\dxtmsft.dll
+ 2012-01-13 11:55 . 2011-11-17 06:49 152432 c:\windows\system32\drivers\ksecpkg.sys
+ 2012-01-13 11:55 . 2011-11-17 06:44 459232 c:\windows\system32\drivers\cng.sys
+ 2012-01-13 16:47 . 2012-01-13 16:47 114176 c:\windows\system32\admparse.dll
- 2009-07-14 05:01 . 2012-01-13 11:28 303540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-13 18:45 303540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-13 16:49 . 2012-01-13 18:45 414204 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-913590003-3989541995-3223138248-1000-12288.dat
+ 2011-06-06 11:55 . 2011-06-06 11:55 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\sqlite.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 394136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\pdfshell.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 183696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\nppdf32.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AiodLite.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 102808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroRdIF.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 755088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroPDF.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 296344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\acrobroker.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\a3dutils.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 1127424 c:\windows\SysWOW64\wininet.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 1103360 c:\windows\SysWOW64\urlmon.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 1798144 c:\windows\SysWOW64\jscript9.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 1792000 c:\windows\SysWOW64\iertutil.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 9705472 c:\windows\SysWOW64\ieframe.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 3695416 c:\windows\SysWOW64\ieapfltr.dat
+ 2012-01-13 16:47 . 2012-01-13 16:47 1390080 c:\windows\system32\wininet.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 1345536 c:\windows\system32\urlmon.dll
+ 2009-07-14 02:34 . 2012-01-13 16:48 9961472 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-01-13 11:43 9961472 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-01-13 11:55 . 2011-11-17 06:35 1447936 c:\windows\system32\lsasrv.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 1447936 c:\windows\system32\lsasrv.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 2309120 c:\windows\system32\jscript9.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 2144256 c:\windows\system32\iertutil.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 3695416 c:\windows\system32\ieapfltr.dat
- 2009-07-14 04:45 . 2012-01-13 11:46 7294260 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-01-13 16:52 7294260 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-11-26 18:16 . 2012-01-13 16:33 4389700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-913590003-3989541995-3223138248-1000-8192.dat
+ 2011-06-06 11:55 . 2011-06-06 11:55 2215312 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\rt3d.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\JSByteCodeWin.bin
+ 2011-06-06 11:55 . 2011-06-06 11:55 6543768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\authplay.dll
+ 2011-06-06 11:55 . 2011-06-06 11:55 1240992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AdobeCollabSync.exe
+ 2011-06-06 11:55 . 2011-06-06 11:55 1480600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroRd32.exe
+ 2012-01-13 16:47 . 2012-01-13 16:47 12279808 c:\windows\SysWOW64\mshtml.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 17786368 c:\windows\system32\mshtml.dll
+ 2012-01-13 16:47 . 2012-01-13 16:47 10886656 c:\windows\system32\ieframe.dll
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\2df5e.msp
+ 2011-06-06 11:55 . 2011-06-06 11:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroRd32.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"="c:\program files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" [2010-03-06 286720]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-03-30 1021112]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-31 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-31 75936]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\zbynek\AppData\Roaming\Mozilla\Firefox\Profiles\e85ae2qp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Celkový čas: 2012-01-13 19:50:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-13 18:50
ComboFix2.txt 2012-01-13 11:55
.
Před spuštěním: Volných bajtů: 427 010 478 080
Po spuštění: Volných bajtů: 426 943 283 200
.
- - End Of File - - 9F12723BED818B9A34DF4933C5D0B030

[Rudy]

Zdravím, takže ty retězce kde je "@" v "ZAMKNUTÉ KLÍČE V REGISTRU" jsou v pořádku?

Mohou být i nemusí. Mám je v registry rovněž. Z logu rozhodně nevyplývá, že by mohly patřit k něčemu nelegitimnímu.

A které věci brzdí počítač? Dá se s tím něco udělat?

Různé toolbary a updatery. Akcí s CFScript jsme je smazali. Log již vypadá OK.

[jetrot]

Tak tedy děkuju

[Rudy]

Rádo se stalo!