Pomalý internet + PC - prosím o kontrolu

Zpráva

User78 · #1 Příspěvek od **User78** » 12 říj 2012 14:13

Zdravím,
chtěl bych poprosit jestli by se mi někdo nekoukl na můj log z RSIT. V poslední době se mi nějak zpomalila rychlost internetu a PC bych potřeboval zkontrolovat, Kdyby se vyskytly i jiné problémy a někdo by si s tím dal práci je vyřešit, byl bych mu moc vděčný.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tonda at 2012-10-12 14:59:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (18%) free of 100 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:47, on 12.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\VŠE\Programy\Microsoft Office 2010\Office14\ONENOTEM.EXE
C:\Users\Tonda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tonda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tonda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tonda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tonda\Downloads\RSIT.exe
C:\Program Files\trend micro\Tonda.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/lionskin/{425 ... 0018A41AFC}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Skin Pack Toolbar\tbhelper.dll (file missing)
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\VE9ED0~1\Programy\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\VE9ED0~1\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Skin Pack Toolbar\tbcore3.dll (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (file missing)
O3 - Toolbar: Skin Pack Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Skin Pack Toolbar\tbcore3.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [BCSSync] "D:\VŠE\Programy\Microsoft Office 2010\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [xwidget] C:\Windows\Lion Skin Pack\xwidget\xwidget.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = ?
O4 - Global Startup: DeskDrive.lnk = C:\Windows\Lion Skin Pack\DeskDrive\DeskDrive.exe
O4 - Global Startup: Finderbar.lnk = C:\Windows\Lion Skin Pack\Finderbar\Finderbar.exe
O4 - Global Startup: MacSearch.lnk = C:\Windows\Lion Skin Pack\MacSearch\MacSearch.exe
O4 - Global Startup: Refresh.lnk = ?
O4 - Global Startup: RocketDock.lnk = C:\Windows\Lion Skin Pack\RocketDock\RocketDock.exe
O4 - Global Startup: tClock.lnk = C:\Windows\Lion Skin Pack\tClock\Clock.exe
O4 - Global Startup: UberIcon.lnk = C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe
O4 - Global Startup: Winroll.lnk = C:\Windows\Lion Skin Pack\Winroll\winroll.exe
O4 - Global Startup: xwidget.lnk = C:\Windows\Lion Skin Pack\xwidget\xwidget.exe
O4 - Global Startup: YzShadow.lnk = C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\VŠE\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\VŠE\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\VŠE\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\VŠE\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... .110.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 11647 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000UA.job
C:\Windows\tasks\PC SpeedUp Service Deactivator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\VE9ED0~1\Programy\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-04 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\VE9ED0~1\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-04 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\Skin Pack Toolbar\tbcore3.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll []
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Skin Pack Toolbar - C:\Program Files\Skin Pack Toolbar\tbcore3.dll []
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=2 /w /h []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-08-21 4282728]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"BCSSync"=D:\VŠE\Programy\Microsoft Office 2010\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
"Google Update"=C:\Users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 136176]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []
"Steam"=C:\Program Files\Steam\steam.exe [2012-08-04 1353080]
"xwidget"=C:\Windows\Lion Skin Pack\xwidget\xwidget.exe []
"MobileDocuments"=C:\Program Files\Common Files\Apple\Internet Services\ubd.exe []
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2012-09-07 191856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DeskDrive.lnk - C:\Windows\Lion Skin Pack\DeskDrive\DeskDrive.exe
Finderbar.lnk - C:\Windows\Lion Skin Pack\Finderbar\Finderbar.exe
MacSearch.lnk - C:\Windows\Lion Skin Pack\MacSearch\MacSearch.exe
Refresh.lnk - C:\Windows\Lion Skin Pack\Tools\Refresh.cmd
RocketDock.lnk - C:\Windows\Lion Skin Pack\RocketDock\RocketDock.exe
tClock.lnk - C:\Windows\Lion Skin Pack\tClock\Clock.exe
UberIcon.lnk - C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe
Winroll.lnk - C:\Windows\Lion Skin Pack\Winroll\winroll.exe
xwidget.lnk - C:\Windows\Lion Skin Pack\xwidget\xwidget.exe
YzShadow.lnk - C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe

C:\Users\Tonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - D:\VŠE\Programy\Microsoft Office 2010\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\VE9ED0~1\Programy\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-12 14:59:15 ----D---- C:\Program Files\trend micro
2012-10-12 14:59:14 ----D---- C:\rsit
2012-10-11 18:54:03 ----D---- C:\Program Files\Zrychleni Pocitace
2012-10-11 09:17:44 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-10-11 08:04:40 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 08:04:33 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 08:04:15 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 08:04:14 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 08:04:14 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 08:04:14 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 08:04:13 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 08:04:12 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 08:04:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 08:04:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 08:04:09 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 08:04:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 08:04:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 08:04:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 08:03:42 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 08:03:41 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 08:03:41 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 08:03:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 08:03:28 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 08:03:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 08:03:22 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-09-26 12:08:14 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-22 20:58:16 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 20:58:16 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 20:58:15 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 20:58:14 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 20:58:14 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 20:58:14 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 20:58:12 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 20:58:12 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 20:58:11 ----A---- C:\Windows\system32\url.dll
2012-09-22 20:58:11 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 20:58:10 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 20:58:08 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 20:58:05 ----A---- C:\Windows\system32\ieframe.dll
2012-09-22 20:58:04 ----A---- C:\Windows\system32\mshtml.dll
2012-09-13 17:17:17 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2012-09-13 17:14:59 ----D---- C:\Program Files\iPod
2012-09-13 17:14:58 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-13 17:14:58 ----D---- C:\Program Files\iTunes

======List of files/folders modified in the last 1 month======

2012-10-12 14:59:15 ----RD---- C:\Program Files
2012-10-12 14:58:59 ----D---- C:\Windows\Temp
2012-10-12 14:57:37 ----D---- C:\Windows\Tasks
2012-10-12 14:57:36 ----D---- C:\Program Files\Steam
2012-10-12 14:57:16 ----D---- C:\Windows
2012-10-12 14:57:16 ----A---- C:\Windows\KMSEmulator.exe
2012-10-12 12:37:11 ----D---- C:\Windows\system32\config
2012-10-11 18:54:07 ----D---- C:\Windows\system32\Tasks
2012-10-11 18:12:10 ----HD---- C:\ProgramData
2012-10-11 18:12:10 ----D---- C:\ProgramData\Origin
2012-10-11 17:29:27 ----D---- C:\Users\Tonda\AppData\Roaming\uTorrent
2012-10-11 17:29:27 ----D---- C:\Users\Tonda\AppData\Roaming\TS3Client
2012-10-11 17:27:11 ----D---- C:\Windows\inf
2012-10-11 17:27:07 ----D---- C:\Windows\Logs
2012-10-11 17:27:07 ----D---- C:\Windows\debug
2012-10-11 15:13:36 ----D---- C:\Windows\winsxs
2012-10-11 15:11:22 ----D---- C:\Windows\system32\cs-CZ
2012-10-11 15:11:22 ----D---- C:\Windows\System32
2012-10-11 15:11:20 ----D---- C:\Windows\system32\drivers
2012-10-11 09:21:41 ----SHD---- C:\Windows\Installer
2012-10-11 09:21:40 ----SHD---- C:\Config.Msi
2012-10-11 09:21:39 ----D---- C:\ProgramData\Microsoft Help
2012-10-11 09:18:29 ----SHD---- C:\System Volume Information
2012-10-11 09:18:11 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 08:41:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-11 08:03:20 ----D---- C:\Windows\system32\catroot2
2012-10-11 08:03:20 ----D---- C:\Windows\system32\catroot
2012-10-08 16:35:15 ----D---- C:\Users\Tonda\AppData\Roaming\Skype
2012-10-03 19:46:54 ----D---- C:\Windows\system32\wfp
2012-10-03 19:46:54 ----D---- C:\Windows\system32\DriverStore
2012-10-03 19:46:49 ----D---- C:\Windows\system32\wbem
2012-10-03 19:46:49 ----D---- C:\Windows\registration
2012-10-03 14:42:33 ----D---- C:\Windows\Prefetch
2012-09-23 12:23:49 ----D---- C:\Windows\system32\migration
2012-09-23 12:23:49 ----D---- C:\Program Files\Internet Explorer
2012-09-22 12:45:23 ----D---- C:\Users\Tonda\AppData\Roaming\.minecraft
2012-09-22 12:44:44 ----D---- C:\Users\Tonda\AppData\Roaming\Apple Computer
2012-09-17 18:36:35 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-09-13 17:17:17 ----DC---- C:\Windows\system32\DRVSTORE
2012-09-13 17:14:58 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-27 691696]
R0 viamraid;viamraid; C:\Windows\system32\DRIVERS\viamraid.sys [2004-07-06 60672]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-05-13 111808]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2003-09-06 6944]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-05-13 79488]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SMARTMouseFilterx86;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx86.sys [2011-01-25 11632]
S3 SMARTVHidMini2000x86;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys [2011-01-25 14704]
S3 SMARTVTabletPCx86;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx86.sys [2011-01-25 21872]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-08-21 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2012-09-07 292720]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-09-08 76888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-01 136176]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-01 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\VŠE\Programy\Microsoft Office 2010\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-02-27 4010312]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-08-06 529232]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-28 1343400]
S4 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 12 říj 2012 15:30

Zdravim a pekny den preji

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

User78 · #3 Příspěvek od **User78** » 12 říj 2012 15:39

Děkuji za Vaší rychlou reakci na můj problém. Soubor dávám do přílohy a také sem kopíruji.

PS. Přípona .txt není podporována, jestli je nutné, aby jste se na to podíval, mohu uploadnout na ulož.to

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 16:34:40
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Tonda - TONDA-PC
# Boot Mode : Normal
# Running from : C:\Users\Tonda\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : MyWebSearchService

***** [Files / Folders] *****

File Found : C:\Windows\system32\f3PSSavr.scr
Folder Found : C:\Program Files\Common Files\FreeCause
Folder Found : C:\Program Files\Conduit
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Tonda\AppData\Local\Conduit
Folder Found : C:\Users\Tonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Found : C:\Users\Tonda\AppData\Local\Minibar
Folder Found : C:\Users\Tonda\AppData\Local\OpenCandy
Folder Found : C:\Users\Tonda\AppData\Local\TempDir
Folder Found : C:\Users\Tonda\AppData\LocalLow\Conduit
Folder Found : C:\Users\Tonda\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Tonda\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Tonda\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Tonda\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Compete
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\CompeteInc
Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\MyWebSearch
Key Found : HKCU\Software\SMTTB2009
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKCU\Software\Surf Canyon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Found : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Found : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Found : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Found : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Found : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Found : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\Software\CompeteInc
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\FocusInteractive
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\Fun Web Products
Key Found : HKLM\Software\FunWebProducts
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Found : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Found : HKLM\Software\Minibar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Found : HKLM\Software\MyWebSearch
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Found : HKU\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/lionskin/{4252EA9F-5 ... 0018A41AFC}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/lionskin/{4252EA9F-5 ... src=newtab

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Tonda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [28833 octets] - [12/10/2012 16:34:40]

########## EOF - C:\AdwCleaner[R1].txt - [28894 octets] ##########

#4 Příspěvek od **vyosek** » 12 říj 2012 15:50

pripon txt neni podporovana umyslne, dle adminu je tam moznost zneuziti malwarem - povoleny jsou jen obrazky a komprimovane soubory

Takze logy normalne vkladejte tak jako ted

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

User78 · #5 Příspěvek od **User78** » 12 říj 2012 15:58

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 16:52:32
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Tonda - TONDA-PC
# Boot Mode : Normal
# Running from : C:\Users\Tonda\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : MyWebSearchService

***** [Files / Folders] *****

File Deleted : C:\Windows\system32\f3PSSavr.scr
Folder Deleted : C:\Program Files\Common Files\FreeCause
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Tonda\AppData\Local\Conduit
Folder Deleted : C:\Users\Tonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Deleted : C:\Users\Tonda\AppData\Local\Minibar
Folder Deleted : C:\Users\Tonda\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Tonda\AppData\Local\TempDir
Folder Deleted : C:\Users\Tonda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tonda\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Tonda\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Tonda\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Tonda\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\CompeteInc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\SMTTB2009
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\Software\FunWebProducts
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/lionskin/{4252EA9F-5 ... 0018A41AFC} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/lionskin/{4252EA9F-5 ... src=newtab --> hxxp://www.google.com

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Tonda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [28964 octets] - [12/10/2012 16:34:40]
AdwCleaner[S1].txt - [28937 octets] - [12/10/2012 16:52:32]

########## EOF - C:\AdwCleaner[S1].txt - [28998 octets] ##########

#6 Příspěvek od **vyosek** » 12 říj 2012 16:04

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

User78 · #7 Příspěvek od **User78** » 12 říj 2012 16:36

RKILL

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 05:10:44 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]

ComboFix

ComboFix 12-10-12.01 - Tonda 12.10.2012 17:16:00.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1126 [GMT 2:00]
Spuštěný z: c:\users\Tonda\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\accessibilitycpl.dll.xpize
c:\windows\system32\ActionCenter.dll.xpize
c:\windows\system32\ActionCenterCPL.dll.xpize
c:\windows\system32\AuthFWGP.dll.xpize
c:\windows\system32\authui.dll.xpize
c:\windows\system32\autoplay.dll.xpize
c:\windows\system32\batmeter.dll.xpize
c:\windows\system32\browseui.dll.xpize
c:\windows\system32\comres.dll.xpize
c:\windows\system32\DDORes.dll.xpize
c:\windows\system32\DeviceCenter.dll.xpize
c:\windows\system32\devmgr.dll.xpize
c:\windows\system32\DiagCpl.dll.xpize
c:\windows\system32\Display.dll.xpize
c:\windows\system32\ExplorerFrame.dll.xpize
c:\windows\system32\filemgmt.dll.xpize
c:\windows\system32\FirewallControlPanel.dll.xpize
c:\windows\system32\fontext.dll.xpize
c:\windows\system32\gameux.dll.xpize
c:\windows\system32\hotplug.dll.xpize
c:\windows\system32\ieframe.dll.xpize
c:\windows\system32\imageres.dll.xpize
c:\windows\system32\imagesp1.dll.xpize
c:\windows\system32\iscsicpl.dll.xpize
c:\windows\system32\miguiresource.dll.xpize
c:\windows\system32\mmres.dll.xpize
c:\windows\system32\mycomput.dll.xpize
c:\windows\system32\mydocs.dll.xpize
c:\windows\system32\netcenter.dll.xpize
c:\windows\system32\NetProjW.dll.xpize
c:\windows\system32\netshell.dll.xpize
c:\windows\system32\networkexplorer.dll.xpize
c:\windows\system32\odbcint.dll.xpize
c:\windows\system32\OobeFldr.dll.xpize
c:\windows\system32\PerfCenterCPL.dll.xpize
c:\windows\system32\pmcsnap.dll.xpize
c:\windows\system32\pnidui.dll.xpize
c:\windows\system32\pnpui.dll.xpize
c:\windows\system32\powercpl.dll.xpize
c:\windows\system32\sdcpl.dll.xpize
c:\windows\system32\SensorsCpl.dll.xpize
c:\windows\system32\shell32.dll.xpize
c:\windows\system32\SndVolSSO.dll.xpize
c:\windows\system32\srchadmin.dll.xpize
c:\windows\system32\stobject.dll.xpize
c:\windows\system32\SyncCenter.dll.xpize
c:\windows\system32\taskbarcpl.dll.xpize
c:\windows\system32\themecpl.dll.xpize
c:\windows\system32\tmpEBB3.tmp
c:\windows\system32\tmpEBB4.tmp
c:\windows\system32\TSWorkspace.dll.xpize
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\usercpl.dll.xpize
c:\windows\system32\Vault.dll.xpize
c:\windows\system32\wdc.dll.xpize
c:\windows\system32\WFSR.dll.xpize
c:\windows\system32\wmploc.DLL.xpize
c:\windows\system32\wpccpl.dll.xpize
c:\windows\system32\wsecedit.dll.xpize
c:\windows\system32\wucltux.dll.xpize
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-12 do 2012-10-12 )))))))))))))))))))))))))))))))
.
.
2012-10-12 15:30 . 2012-10-12 15:30 -------- d-----w- c:\users\Tonda\AppData\Local\temp
2012-10-12 15:30 . 2012-10-12 15:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-12 15:17 . 2012-10-12 15:17 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89010963-7FA5-42A2-9161-F972A1318353}\offreg.dll
2012-10-12 12:59 . 2012-10-12 12:59 -------- d-----w- c:\program files\trend micro
2012-10-12 12:59 . 2012-10-12 12:59 -------- d-----w- C:\rsit
2012-10-12 10:00 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89010963-7FA5-42A2-9161-F972A1318353}\mpengine.dll
2012-10-11 15:18 . 2012-10-11 15:18 -------- d-----w- c:\users\Tonda\AppData\Local\Apps
2012-10-11 07:17 . 2012-10-11 07:17 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-10-11 06:03 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 06:03 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 06:03 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 06:03 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-11 06:03 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 06:03 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 06:03 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-26 10:08 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-13 15:17 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-13 15:14 . 2012-09-13 15:14 -------- d-----w- c:\program files\iPod
2012-09-13 15:14 . 2012-09-13 15:17 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-13 15:14 . 2012-09-13 15:17 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 14:54 . 2011-11-27 11:25 78848 ----a-w- c:\windows\KMSEmulator.exe
2012-10-12 14:41 . 2012-04-08 10:37 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-12 14:41 . 2011-06-09 16:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-17 16:36 . 2010-08-08 15:53 139424 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-09-17 16:36 . 2012-09-08 13:34 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-09-17 16:36 . 2012-09-07 16:30 282104 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-09-17 16:36 . 2012-09-07 16:30 234768 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-09-08 14:39 . 2012-09-07 16:30 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-09-08 14:29 . 2010-08-08 15:53 138056 ----a-w- c:\users\Tonda\AppData\Roaming\PnkBstrK.sys
2012-09-07 16:30 . 2011-06-06 15:34 669184 ----a-w- c:\windows\system32\pbsvc.exe
2012-09-04 13:24 . 2012-09-04 13:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-04 13:24 . 2011-07-20 13:51 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-22 17:16 . 2012-09-12 06:58 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 06:59 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 06:58 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 06:58 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 11:01 . 2011-01-09 15:16 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-21 09:13 . 2011-04-13 15:02 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-04-13 15:02 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-04-13 15:02 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-03-24 14:18 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-04-13 15:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-04-13 15:02 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-06-04 08:41 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-04-13 15:01 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 16:57 . 2012-09-12 06:58 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-18 17:47 . 2012-08-18 12:08 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\steam.exe" [2012-08-04 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="d:\vše\Programy\Microsoft Office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.872" [?]
.
c:\users\Tonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - d:\vše\Programy\Microsoft Office 2010\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DeskDrive.lnk - c:\windows\Lion Skin Pack\DeskDrive\DeskDrive.exe [N/A]
Finderbar.lnk - c:\windows\Lion Skin Pack\Finderbar\Finderbar.exe [N/A]
MacSearch.lnk - c:\windows\Lion Skin Pack\MacSearch\MacSearch.exe [N/A]
Refresh.lnk - c:\windows\Lion Skin Pack\Tools\Refresh.cmd [N/A]
RocketDock.lnk - c:\windows\Lion Skin Pack\RocketDock\RocketDock.exe [N/A]
tClock.lnk - c:\windows\Lion Skin Pack\tClock\Clock.exe [N/A]
UberIcon.lnk - c:\windows\Lion Skin Pack\UberIcon\UberIcon.exe [N/A]
Winroll.lnk - c:\windows\Lion Skin Pack\Winroll\winroll.exe [N/A]
xwidget.lnk - c:\windows\Lion Skin Pack\xwidget\xwidget.exe [N/A]
YzShadow.lnk - c:\windows\Lion Skin Pack\YzShadow\YzShadow.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\vše\Programy\Microsoft Office 2010\Office14\GROOVE.EXE [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx86.sys [x]
R3 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMini2000x86.sys [x]
R3 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx86.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 14:41]
.
2012-10-12 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2011-11-27 11:26]
.
2012-10-12 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2011-11-27 11:26]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-01 16:05]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-01 16:05]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000Core.job
- c:\users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 14:16]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000UA.job
- c:\users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 14:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-xwidget - c:\windows\Lion Skin Pack\xwidget\xwidget.exe
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
AddRemove-ObjectDock Plus 2 - c:\programdata\{0F4A7EFE-5950-4389-BF36-1E625D72456B}\shareware.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{338B4DFE-2E2C-4338-9E41-E176D497299E}"=hex:51,66,7a,6c,4c,1d,38,12,90,4e,98,
37,1e,60,56,06,e1,57,a2,36,d1,c9,6d,8a
"{00A6FAF1-072E-44CF-8957-5838F569A31D}"=hex:51,66,7a,6c,4c,1d,38,12,9f,f9,b5,
04,1c,49,a1,01,f6,41,1b,78,f0,37,e7,09
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FCBCCB87-9224-4B8D-B117-F56D924BEB18}"=hex:51,66,7a,6c,4c,1d,38,12,e9,c8,af,
f8,16,dc,e3,0e,ce,01,b6,2d,97,15,af,0c
"{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}"=hex:51,66,7a,6c,4c,1d,38,12,49,e1,1e,
1a,d6,12,cd,0b,d4,1a,c8,43,e4,f4,32,a8
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:fd,f1,b5,83,a7,03,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,22,e9,bf,10,8a,ed,45,b9,a4,6a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,22,e9,bf,10,8a,ed,45,b9,a4,6a,\
.
[HKEY_USERS\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\SecuROM\License information*]
"datasecu"=hex:81,cc,f6,a7,49,e6,18,28,7d,30,fc,72,7a,2a,88,0a,a7,e0,4d,5e,b0,
fc,3d,1a,47,78,c3,80,db,c2,ef,42,c5,c0,70,5c,7e,89,c0,72,71,47,d6,22,76,4e,\
"rkeysecu"=hex:2c,f1,96,fa,42,be,40,03,51,56,6d,e3,c5,02,8f,4c
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-10-12 17:34:17
ComboFix-quarantined-files.txt 2012-10-12 15:34
.
Před spuštěním: Volných bajtů: 18 602 061 824
Po spuštění: Volných bajtů: 18 269 282 304
.
- - End Of File - - 8C6A56D037E952A125FB7013D33A986A

User78 · #8 Příspěvek od **User78** » 12 říj 2012 18:14

Mohu poprosit, zda by se mi ještě někdo na tyhle logy kouknul ?

#9 Příspěvek od **vyosek** » 12 říj 2012 22:17

Omlouvam se, ale mel jsem nejake soukrome aktivity - my jsme tu zdarma a ve svem volnem case

Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu

Do okna vlozte skript nize
Kód: Vybrat vše
```
:filefind
*.xpize
```
Kliknete na Look
Tlacitko Look se zmeni na Scanning a zsedne
Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

User78 · #10 Příspěvek od **User78** » 13 říj 2012 11:47

Log ze SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 12:40 on 13/10/2012 by Tonda
Administrator - Elevation successful

========== filefind ==========

Searching for "*.xpize"
C:\Program Files\Common Files\microsoft shared\ink\mip.exe.xpize --a---- 1221632 bytes [16:06 15/11/2011] [12:17 20/11/2010] 7B554081A0A80B14F1E5D06441DBAF58
C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe.xpize --a---- 600576 bytes [16:06 15/11/2011] [01:14 14/07/2009] 5BCB0EB1A8EC016C03375E5C87344400
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe.xpize --a---- 181760 bytes [16:06 15/11/2011] [01:14 14/07/2009] 21E01FD4147EA1B952E4CD9928B879B8
C:\Program Files\DVD Maker\DVDMaker.exe.xpize --a---- 1971200 bytes [16:06 15/11/2011] [01:14 14/07/2009] 5A8EBF167F36A7C0D6E9BDD027D55EEB
C:\Program Files\Internet Explorer\iexplore.exe.xpize --a---- 748336 bytes [16:06 15/11/2011] [14:09 04/04/2011] 904E13BA41AF2E353A32CF351CA53639
C:\Program Files\Windows Defender\MsMpRes.dll.xpize --a---- 487424 bytes [16:05 15/11/2011] [01:15 14/07/2009] EFD4E29FED530564BE4C3076C806FB65
C:\Program Files\Windows Journal\Journal.exe.xpize --a---- 1785344 bytes [16:06 15/11/2011] [12:17 20/11/2010] 5AF22331F2CA24D7688DE5C374519BA3
C:\Program Files\Windows Media Player\wmplayer.exe.xpize --a---- 164864 bytes [16:06 15/11/2011] [12:17 20/11/2010] A80C173AC5C75706BB74AE4D78F2A53D
C:\Program Files\Windows NT\Accessories\wordpad.exe.xpize --a---- 4247040 bytes [16:06 15/11/2011] [12:17 20/11/2010] B3DD214F23037E3D3C27D6C9447B40B5
C:\Program Files\Windows Sidebar\sidebar.exe.xpize --a---- 1174016 bytes [16:06 15/11/2011] [12:17 20/11/2010] DCCA4B04AF87E52EF9EAA2190E06CBAC
C:\Windows\explorer.exe.xpize --a---- 2616320 bytes [16:06 15/11/2011] [05:30 25/02/2011] 8B88EBBB05A0E56B7DCC708498C02B3E
C:\Windows\Branding\Basebrd\basebrd.dll.xpize --a---- 817664 bytes [16:05 15/11/2011] [01:09 14/07/2009] 059D344145BA103135E6989C03C37BE0
C:\Windows\Branding\ShellBrd\shellbrd.dll.xpize --a---- 1596928 bytes [16:05 15/11/2011] [01:09 14/07/2009] A9CE22E1F0437825070BFFD52AF7E201
C:\Windows\System32\calc.exe.xpize --a---- 776192 bytes [16:06 15/11/2011] [12:16 20/11/2010] 60B7C0FEAD45F2066E5B805A91F4F0FC
C:\Windows\System32\charmap.exe.xpize --a---- 155136 bytes [16:06 15/11/2011] [01:14 14/07/2009] ACA7A810549BD74EB1643BAAF0971EFC
C:\Windows\System32\cleanmgr.exe.xpize --a---- 212480 bytes [16:06 15/11/2011] [01:14 14/07/2009] 500CA0B50ED17BD76F60085F97885AD1
C:\Windows\System32\colorcpl.exe.xpize --a---- 86016 bytes [16:06 15/11/2011] [01:14 14/07/2009] 031183B7923637CBB3E99CBBE5E821CA
C:\Windows\System32\control.exe.xpize --a---- 113152 bytes [16:06 15/11/2011] [01:14 14/07/2009] 9130377F87A2153FEAB900A00EA1EBFF
C:\Windows\System32\dfrgui.exe.xpize --a---- 586752 bytes [16:06 15/11/2011] [12:17 20/11/2010] FB036244DBD2FADC225AD8650886B641
C:\Windows\System32\DisplaySwitch.exe.xpize --a---- 522752 bytes [16:06 15/11/2011] [01:14 14/07/2009] BA4E1A60BD20CA7978C76D79F19E37F0
C:\Windows\System32\eudcedit.exe.xpize --a---- 288256 bytes [16:06 15/11/2011] [12:17 20/11/2010] 050A774CF85E04EE4387515994B8455D
C:\Windows\System32\inetcpl.cpl.xpize --a---- 1427456 bytes [16:06 15/11/2011] [14:09 04/04/2011] 11086A81EB001967452FF9EC8B926613
C:\Windows\System32\intl.cpl.xpize --a---- 345088 bytes [16:06 15/11/2011] [12:16 20/11/2010] 0FE24BD8E67F3A6757A5D193A7A9B287
C:\Windows\System32\Magnify.exe.xpize --a---- 629760 bytes [16:06 15/11/2011] [01:14 14/07/2009] E62BF5A49D8023F2384AB7F31031535B
C:\Windows\System32\main.cpl.xpize --a---- 516096 bytes [16:06 15/11/2011] [12:16 20/11/2010] BA2B249CD7C8CE15E1A8D69ECAEE5FA3
C:\Windows\System32\mblctr.exe.xpize --a---- 941568 bytes [16:06 15/11/2011] [12:17 20/11/2010] B5FFA9977015ED3E1B2C3FF266A1BEB9
C:\Windows\System32\MdSched.exe.xpize --a---- 132608 bytes [16:06 15/11/2011] [12:17 20/11/2010] 4D05BDE56A7116B744B04192173A0122
C:\Windows\System32\mmsys.cpl.xpize --a---- 905216 bytes [16:06 15/11/2011] [12:16 20/11/2010] 53E054880ADBB856ECE6EB10EDBB8A32
C:\Windows\System32\mobsync.exe.xpize --a---- 101376 bytes [16:06 15/11/2011] [12:17 20/11/2010] CCA67BD391CFC9F036323B2522887A6A
C:\Windows\System32\msconfig.exe.xpize --a---- 233984 bytes [16:06 15/11/2011] [12:17 20/11/2010] A00075951E38A73FE2F9D8384311710A
C:\Windows\System32\msinfo32.exe.xpize --a---- 303104 bytes [16:06 15/11/2011] [12:17 20/11/2010] 5F2122888583347C9B81724CF169EFC6
C:\Windows\System32\mspaint.exe.xpize --a---- 6376960 bytes [16:06 15/11/2011] [01:14 14/07/2009] E97295DE2A9FDE547FEAB4FE41DF16CA
C:\Windows\System32\msra.exe.xpize --a---- 536576 bytes [16:06 15/11/2011] [01:14 14/07/2009] 4AC5B4A0B8D22185C09EE5584BF1CFB5
C:\Windows\System32\mstsc.exe.xpize --a---- 1049600 bytes [16:06 15/11/2011] [12:17 20/11/2010] 68B4A549D0B56A4DD9A488751037CF09
C:\Windows\System32\Narrator.exe.xpize --a---- 1077248 bytes [16:06 15/11/2011] [12:36 20/11/2010] 95DE3CF54E0A360EED766DBDDF152F0D
C:\Windows\System32\notepad.exe.xpize --a---- 179712 bytes [16:06 15/11/2011] [01:14 14/07/2009] D378BFFB70923139D6A4F546864AA61C
C:\Windows\System32\osk.exe.xpize --a---- 646144 bytes [16:06 15/11/2011] [01:14 14/07/2009] F0CE586AEAF318BDDD443651A2E672E7
C:\Windows\System32\recdisc.exe.xpize --a---- 210432 bytes [16:06 15/11/2011] [12:17 20/11/2010] 7635B6502882E4B1713F049FD8FD2EA4
C:\Windows\System32\rstrui.exe.xpize --a---- 262656 bytes [16:06 15/11/2011] [12:17 20/11/2010] 78079EB83665E1AC18AC9C5E273845BF
C:\Windows\System32\SndVol.exe.xpize --a---- 314368 bytes [16:06 15/11/2011] [12:17 20/11/2010] 2305BFF2966D73694972FD7531BC5BAA
C:\Windows\System32\SnippingTool.exe.xpize --a---- 396288 bytes [16:06 15/11/2011] [01:14 14/07/2009] 32BE4A1FAFCCD5CA9AB0CE772C43D5E2
C:\Windows\System32\SoundRecorder.exe.xpize --a---- 125952 bytes [16:06 15/11/2011] [01:14 14/07/2009] 2A40F6AD59D3E598ECDAA6CAB90360A4
C:\Windows\System32\StikyNot.exe.xpize --a---- 354304 bytes [16:06 15/11/2011] [01:14 14/07/2009] 2F0EAAF91FC7A5C70D1F4BE9B18A1CF5
C:\Windows\System32\taskmgr.exe.xpize --a---- 227328 bytes [16:06 15/11/2011] [12:17 20/11/2010] 545BF7EAA24A9E062857D0742EC0B28A
C:\Windows\System32\telephon.cpl.xpize --a---- 106496 bytes [16:06 15/11/2011] [01:14 14/07/2009] 0386FF59D0F5C1CDE453A3780353069F
C:\Windows\System32\timedate.cpl.xpize --a---- 478720 bytes [16:06 15/11/2011] [12:16 20/11/2010] 83C9840CF87A0CA55526327801716D27
C:\Windows\System32\xpsrchvw.exe.xpize --a---- 3405312 bytes [16:06 15/11/2011] [01:14 14/07/2009] 59B7280D73906B43B13B273A1F9CC3DD
C:\Windows\System32\migwiz\migwiz.exe.xpize --a---- 429056 bytes [16:06 15/11/2011] [01:14 14/07/2009] AF2340DC7B439FC3429DA92E8EA35750
C:\Windows\System32\migwiz\PostMig.exe.xpize --a---- 636416 bytes [16:06 15/11/2011] [01:14 14/07/2009] 66DAA4B08C56D44A2FB154357C2FF364
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe.xpize --a---- 452608 bytes [16:06 15/11/2011] [01:14 14/07/2009] 92F44E405DB16AC55D97E3BFE3B132FA
C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe.xpize --a---- 204800 bytes [16:06 15/11/2011] [01:23 14/07/2009] B3CC5F3514BF58EE55153795CF183754

-= EOF =-

User78 · #11 Příspěvek od **User78** » 14 říj 2012 10:56

Můžu poprosit, aby mi někdo zkontroloval log. Díky

#12 Příspěvek od **vyosek** » 14 říj 2012 11:01

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Windows\System32\taskmgr.exe.xpize
C:\Windows\System32\notepad.exe.xpize
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

User78 · #13 Příspěvek od **User78** » 14 říj 2012 12:22

C:\Windows\System32\taskmgr.exe.xpize :

https://www.virustotal.com/file/50f2abb ... 350213530/

C:\Windows\System32\notepad.exe.xpize :

https://www.virustotal.com/file/c4232dd ... 350213652/

#14 Příspěvek od **vyosek** » 14 říj 2012 17:51

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"iTunesHelper"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-

Driver::
gupdate
gupdatem

Collect::
c:\windows\AutoKMS.exe
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\AutoKMSDaily.job

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000UA.job

RegNull::
[HKEY_USERS\S-1-5-21-4006872256-4244566213-3281827725-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

User78 · #15 Příspěvek od **User78** » 15 říj 2012 14:54

Vše proběhlo úspěšně:

ComboFix 12-10-14.03 - Tonda 15.10.2012 15:22:21.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1195 [GMT 2:00]
Spuštěný z: c:\users\Tonda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tonda\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000UA.job"
.
file zipped: c:\windows\AutoKMS.exe
file zipped: c:\windows\Tasks\AutoKMS.job
file zipped: c:\windows\Tasks\AutoKMSDaily.job
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-15 do 2012-10-15 )))))))))))))))))))))))))))))))
.
.
2012-10-15 13:38 . 2012-10-15 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-13 14:08 . 2012-10-15 13:27 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89010963-7FA5-42A2-9161-F972A1318353}\offreg.dll
2012-10-13 14:07 . 2012-10-13 14:07 625089 ----a-w- c:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2012-10-13 14:06 . 2012-10-13 14:06 -------- d-----w- c:\program files\Common Files\Thraex Software
2012-10-12 12:59 . 2012-10-12 12:59 -------- d-----w- c:\program files\trend micro
2012-10-12 12:59 . 2012-10-12 12:59 -------- d-----w- C:\rsit
2012-10-12 10:00 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89010963-7FA5-42A2-9161-F972A1318353}\mpengine.dll
2012-10-11 15:18 . 2012-10-11 15:18 -------- d-----w- c:\users\Tonda\AppData\Local\Apps
2012-10-11 07:17 . 2012-10-11 07:17 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-10-11 06:03 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 06:03 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 06:03 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 06:03 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-11 06:03 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 06:03 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 06:03 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-26 10:08 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 13:16 . 2011-11-27 11:25 78848 ----a-w- c:\windows\KMSEmulator.exe
2012-10-12 14:41 . 2012-04-08 10:37 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-12 14:41 . 2011-06-09 16:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-17 16:36 . 2010-08-08 15:53 139424 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-09-17 16:36 . 2012-09-08 13:34 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-09-17 16:36 . 2012-09-07 16:30 282104 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-09-17 16:36 . 2012-09-07 16:30 234768 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-09-08 14:39 . 2012-09-07 16:30 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-09-08 14:29 . 2010-08-08 15:53 138056 ----a-w- c:\users\Tonda\AppData\Roaming\PnkBstrK.sys
2012-09-07 16:30 . 2011-06-06 15:34 669184 ----a-w- c:\windows\system32\pbsvc.exe
2012-09-04 13:24 . 2012-09-04 13:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-04 13:24 . 2011-07-20 13:51 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-22 17:16 . 2012-09-12 06:58 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 06:59 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 06:58 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 06:58 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 11:01 . 2012-09-13 15:17 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-01-09 15:16 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-21 09:13 . 2011-04-13 15:02 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-04-13 15:02 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-04-13 15:02 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-03-24 14:18 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-04-13 15:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-04-13 15:02 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-06-04 08:41 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-04-13 15:01 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 16:57 . 2012-09-12 06:58 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-18 17:47 . 2012-08-18 12:08 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"BCSSync"="d:\vše\Programy\Microsoft Office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
.
c:\users\Tonda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - d:\vše\Programy\Microsoft Office 2010\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DeskDrive.lnk - c:\windows\Lion Skin Pack\DeskDrive\DeskDrive.exe [N/A]
Finderbar.lnk - c:\windows\Lion Skin Pack\Finderbar\Finderbar.exe [N/A]
MacSearch.lnk - c:\windows\Lion Skin Pack\MacSearch\MacSearch.exe [N/A]
Refresh.lnk - c:\windows\Lion Skin Pack\Tools\Refresh.cmd [N/A]
RocketDock.lnk - c:\windows\Lion Skin Pack\RocketDock\RocketDock.exe [N/A]
tClock.lnk - c:\windows\Lion Skin Pack\tClock\Clock.exe [N/A]
UberIcon.lnk - c:\windows\Lion Skin Pack\UberIcon\UberIcon.exe [N/A]
Winroll.lnk - c:\windows\Lion Skin Pack\Winroll\winroll.exe [N/A]
xwidget.lnk - c:\windows\Lion Skin Pack\xwidget\xwidget.exe [N/A]
YzShadow.lnk - c:\windows\Lion Skin Pack\YzShadow\YzShadow.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 CFcatchme;CFcatchme;c:\users\Tonda\AppData\Local\Temp\CFcatchme.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\vše\Programy\Microsoft Office 2010\Office14\GROOVE.EXE [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx86.sys [x]
R3 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMini2000x86.sys [x]
R3 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx86.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 14:41]
.
2012-10-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2011-11-27 13:21]
.
2012-10-15 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2011-11-27 13:21]
.
2012-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-01 16:05]
.
2012-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-01 16:05]
.
2012-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000Core.job
- c:\users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 14:16]
.
2012-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4006872256-4244566213-3281827725-1000UA.job
- c:\users\Tonda\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-27 14:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\vc:\Program Files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
.
**************************************************************************
.
Celkový čas: 2012-10-15 15:46:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-15 13:46
ComboFix2.txt 2012-10-12 15:34
.
Před spuštěním: Volných bajtů: 18 512 564 224
Po spuštění: Volných bajtů: 17 972 637 696
.
- - End Of File - - 27E154C09F450719E982C714F0AD578A
Nahr nˇ probŘhlo ŁspŘçnŘ

VIRY.CZ

Pomalý internet + PC - prosím o kontrolu

Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu

Re: Pomalý internet + PC - prosím o kontrolu