Čas od času se mi, zejména při procházení webu (firefox) stane, že se počítač začne kousat, několik vteřin nereaguje, mění se náhodně ukazatele myši popřípadě se PC kousne natvrdo a pomůže jen tvrdý restart. Log přikládám.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Terazky at 2013-09-02 12:09:41
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 35 GB (61%) free of 57 GB
Total RAM: 8189 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:09:43, on 2.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\trend micro\Terazky.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-3953536690-1935048096-746356948-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3953536690-1935048096-746356948-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3953536690-1935048096-746356948-1001\..\RunOnce: [StartMSu] "C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe" /s (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3953536690-1935048096-746356948-1001\..\RunOnce: [InetReg] "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3953536690-1935048096-746356948-1001\..\RunOnce: [CTAutoUpdate] "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 9013 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
WLIDSvcM.exe 2196
taskeng.exe {3F695FA3-3549-4ADF-8368-70218F920554}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2084
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\System32\Ctxfihlp.exe"
"C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-3878526891785485079-1195600437-54017013-205627827308608842080782961-1872795757
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
taskeng.exe {F32F4303-835D-4742-8C48-6743EDF59506}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Terazky\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 3816157f-698a-47c3-a551-51eb92b3b457.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a64cb9f8-c719-43a2-a187-8601c2373a37.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-23 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-23 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-06-24 4761840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"CTxfiHlp"=CTXFIHLP.EXE []
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-12-06 180224]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMR311]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2013-09-02 12:06:40 ----D---- C:\rsit
2013-09-02 04:34:26 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2013-09-02 04:33:10 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-09-02 04:33:10 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-09-02 04:29:18 ----D---- C:\Program Files (x86)\AMD APP
2013-09-02 04:29:16 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-09-02 04:29:05 ----D---- C:\ProgramData\AMD
2013-09-02 04:29:05 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-09-02 04:28:55 ----D---- C:\Program Files (x86)\ATI Technologies
2013-09-02 04:28:12 ----D---- C:\Program Files\ATI Technologies
2013-09-02 04:26:30 ----A---- C:\Windows\system32\drivers\amd_xata.sys
2013-09-02 04:26:30 ----A---- C:\Windows\system32\drivers\amd_sata.sys
2013-08-29 15:04:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-08-29 15:04:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-08-28 19:08:05 ----D---- C:\ProgramData\Solid State Networks
2013-08-28 19:08:01 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-26 20:52:50 ----A---- C:\Windows\ntbtlog.txt
2013-08-25 15:06:15 ----D---- C:\Users\Terazky\AppData\Roaming\SUPERAntiSpyware.com
2013-08-25 15:05:56 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-08-25 15:05:56 ----D---- C:\Program Files\SUPERAntiSpyware
2013-08-24 17:36:54 ----SHD---- C:\$RECYCLE.BIN
2013-08-24 17:36:10 ----A---- C:\Windows\wininit.ini
2013-08-24 17:02:27 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-08-24 17:02:14 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-24 16:26:47 ----D---- C:\Windows\temp
2013-08-24 15:46:03 ----D---- C:\Windows\erdnt
2013-08-24 15:25:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-24 14:56:04 ----D---- C:\Users\Terazky\AppData\Roaming\Mozilla
2013-08-24 14:14:41 ----D---- C:\Program Files (x86)\MozBackup
2013-08-24 13:12:43 ----D---- C:\Users\Terazky\AppData\Roaming\Malwarebytes
2013-08-24 12:57:47 ----D---- C:\ProgramData\Downloaded Installations
2013-08-24 12:55:56 ----A---- C:\Windows\system32\drivers\gfibto.sys
2013-08-23 12:24:46 ----D---- C:\NvidiaLogging
2013-08-23 12:24:28 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-08-23 12:20:13 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvopencl.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvoglv64.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvinitx.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\NvIFR64.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvhdap64.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\NvFBC64.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvdispgenco6432049.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvdispco6432049.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvcuvid.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\nvcuda.dll
2013-08-23 12:20:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-08-23 12:20:13 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-08-23 12:20:12 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-08-23 12:20:12 ----A---- C:\Windows\system32\nvcompiler.dll
2013-08-23 11:39:40 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-08-23 11:39:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-08-23 11:39:38 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-08-23 11:39:38 ----A---- C:\Windows\SYSWOW64\java.exe
2013-08-23 11:39:34 ----D---- C:\Program Files (x86)\Java
2013-08-23 11:37:28 ----D---- C:\ProgramData\Sun
2013-08-23 11:37:20 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-08-23 11:37:20 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-08-17 02:13:31 ----D---- C:\Program Files (x86)\Dokan
2013-08-17 02:10:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-08-16 20:48:18 ----D---- C:\Program Files\Microsoft Silverlight
2013-08-16 20:48:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\url.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-08-16 20:45:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\wininet.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\urlmon.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 20:45:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-08-16 20:45:20 ----A---- C:\Windows\system32\msrating.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\msls31.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\iertutil.dll
2013-08-16 20:45:20 ----A---- C:\Windows\system32\elshyph.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\wextract.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\webcheck.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\vbscript.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\url.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\pngfilt.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\occache.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\mshtmler.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\mshtmled.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\mshtml.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\mshta.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\msfeedssync.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\licmgr10.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\jscript9.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\jscript.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\inseng.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\imgutil.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iexpress.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\ieUnatt.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\ieui.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iesetup.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iernonce.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iepeers.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\ieframe.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\iedkcs32.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\ieapfltr.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-16 20:45:19 ----A---- C:\Windows\system32\icardie.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\dxtrans.dll
2013-08-16 20:45:19 ----A---- C:\Windows\system32\dxtmsft.dll
2013-08-16 20:20:41 ----D---- C:\Program Files (x86)\NeoSmart Technologies
2013-08-14 03:01:10 ----D---- C:\Windows\system32\MRT
2013-08-14 02:30:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 02:30:42 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 02:30:42 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 02:30:41 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 02:30:41 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-14 02:30:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-14 02:30:41 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 02:30:41 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 02:30:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-14 02:30:38 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 02:30:37 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 02:30:36 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-14 02:30:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 02:30:36 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 02:30:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-14 02:30:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-14 02:30:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-14 02:30:34 ----A---- C:\Windows\system32\wow64.dll
2013-08-14 02:30:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 02:30:34 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 02:30:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-14 02:30:33 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-14 02:30:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-14 02:30:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-14 02:30:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-14 02:30:32 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 02:30:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-08 12:41:38 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
======List of files/folders modified in the last 1 months======
2013-09-02 12:09:43 ----D---- C:\Program Files\trend micro
2013-09-02 12:06:17 ----D---- C:\Program Files (x86)\SpeedFan
2013-09-02 12:06:09 ----D---- C:\ProgramData\NVIDIA
2013-09-02 12:05:05 ----D---- C:\Windows\system32\config
2013-09-02 10:43:37 ----D---- C:\Windows\System32
2013-09-02 10:43:37 ----D---- C:\Windows\inf
2013-09-02 10:43:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-02 04:39:11 ----D---- C:\Windows
2013-09-02 04:37:53 ----D---- C:\Windows\system32\catroot
2013-09-02 04:37:03 ----SHD---- C:\Windows\Installer
2013-09-02 04:36:41 ----SHD---- C:\System Volume Information
2013-09-02 04:35:22 ----D---- C:\Windows\system32\drivers
2013-09-02 04:34:40 ----D---- C:\Windows\system32\DriverStore
2013-09-02 04:34:40 ----D---- C:\Windows\system32\catroot2
2013-09-02 04:34:17 ----D---- C:\Windows\winsxs
2013-09-02 04:33:03 ----D---- C:\Program Files (x86)\Realtek
2013-09-02 04:29:18 ----RD---- C:\Program Files (x86)
2013-09-02 04:29:18 ----D---- C:\Windows\SysWOW64
2013-09-02 04:29:16 ----DC---- C:\Windows\system32\DRVSTORE
2013-09-02 04:29:05 ----D---- C:\ProgramData
2013-09-02 04:28:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-02 04:28:12 ----RD---- C:\Program Files
2013-09-01 05:43:34 ----D---- C:\Users\Terazky\AppData\Roaming\foobar2000
2013-08-29 19:58:19 ----RSD---- C:\Windows\Fonts
2013-08-29 19:55:13 ----SD---- C:\Users\Terazky\AppData\Roaming\Microsoft
2013-08-29 17:48:02 ----D---- C:\Users\Terazky\AppData\Roaming\vlc
2013-08-29 15:04:44 ----RSD---- C:\Windows\assembly
2013-08-29 15:04:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-28 19:07:33 ----D---- C:\Windows\Logs
2013-08-26 03:56:36 ----D---- C:\Windows\rescache
2013-08-25 18:48:56 ----D---- C:\Windows\system32\Tasks
2013-08-25 18:47:27 ----D---- C:\Program Files\Windows Sidebar
2013-08-25 18:47:27 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-08-25 18:46:06 ----D---- C:\Windows\debug
2013-08-25 18:34:24 ----D---- C:\Windows\Tasks
2013-08-25 18:34:24 ----D---- C:\Windows\system32\wfp
2013-08-25 18:34:23 ----D---- C:\Windows\system32\wbem
2013-08-25 18:33:41 ----D---- C:\Windows\SYSWOW64\wbem
2013-08-25 18:33:41 ----D---- C:\Windows\SYSWOW64\migration
2013-08-25 18:33:41 ----D---- C:\Windows\SYSWOW64\en-US
2013-08-25 18:33:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-25 18:33:41 ----D---- C:\Windows\system32\migration
2013-08-25 18:33:41 ----D---- C:\Windows\system32\en-US
2013-08-25 18:33:41 ----D---- C:\Windows\system32\cs-CZ
2013-08-25 18:33:41 ----D---- C:\Windows\PolicyDefinitions
2013-08-25 18:33:41 ----D---- C:\Windows\Offline Web Pages
2013-08-25 18:33:41 ----D---- C:\Windows\Downloaded Program Files
2013-08-25 18:33:41 ----D---- C:\Program Files\Internet Explorer
2013-08-25 18:33:41 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-25 18:33:35 ----D---- C:\Windows\system32\drivers\etc
2013-08-25 18:33:35 ----D---- C:\Windows\system32\CodeIntegrity
2013-08-25 18:33:35 ----D---- C:\Users\Terazky\AppData\Roaming\IrfanView
2013-08-25 18:33:35 ----D---- C:\Users\Terazky\AppData\Roaming\GHISLER
2013-08-25 18:33:34 ----D---- C:\ProgramData\SystemExplorer
2013-08-25 18:33:30 ----D---- C:\Windows\registration
2013-08-25 18:11:14 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-08-25 18:11:14 ----D---- C:\Windows\system32\LogFiles
2013-08-25 17:42:38 ----D---- C:\Windows\SoftwareDistribution
2013-08-25 16:40:05 ----D---- C:\Windows\Panther
2013-08-25 14:39:43 ----SD---- C:\ProgramData\Microsoft
2013-08-24 16:41:56 ----D---- C:\Windows\Microsoft.NET
2013-08-24 16:25:49 ----N---- C:\Windows\system.ini
2013-08-24 16:24:23 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-24 16:24:23 ----D---- C:\Windows\AppPatch
2013-08-24 16:24:23 ----D---- C:\Program Files (x86)\Common Files
2013-08-24 15:36:33 ----SH---- C:\Program Files (x86)\desktop.ini
2013-08-24 15:36:33 ----RD---- C:\Users
2013-08-24 15:29:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-24 15:02:21 ----D---- C:\Program Files\Windows Media Player
2013-08-24 15:02:21 ----D---- C:\Program Files\DVD Maker
2013-08-24 14:42:45 ----D---- C:\Program Files\Recuva
2013-08-24 14:34:53 ----D---- C:\Program Files (x86)\Opera
2013-08-24 13:57:22 ----D---- C:\Windows\LiveKernelReports
2013-08-24 12:28:16 ----D---- C:\Program Files\PeerBlock
2013-08-23 12:24:38 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-23 12:24:07 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-14 03:01:08 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-08-24 14456]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-06-21 46792]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 120408]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 202840]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 684376]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 94808]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 213080]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 118360]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-08-07 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1561688]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 179288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-03-30 56448]
S3 BRDriver64;BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 202840]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 94808]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-05-04 25640]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-06 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-16 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-02-21 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-02-21 79360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravím, přes Odebrat programy odinstaluj Spybot SD.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Scan.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
P.S. ovladače ke grafice máš aktuální ?
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo dole klikni na Scan.
Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.
P.S. ovladače ke grafice máš aktuální ?
Re: Prosím o kontrolu logu
Hezký večer, děkuji, pročistil jsem PC CCleanerem. Spybot - už byl odinstalován, ale neumí sám sebe dobře odstranit, tak jsem zbytky smazal ručně. Ovladače grafiky nVidia mám aktuální WHQL, 320.49 a včera jsem nainstaloval i dostupné nejaktuálnější ovladače k mojí základní desce Gigabyte 990XA-UD3. Ještě upřesním, s těmito ovladači grafiky se mi občas stane, že přestanou správně fungovat a systém vypíše, že činnost byla obnovena po závažné chybě. Přetaktováno nic nemám a PC udržuji čisté stlačeným vzduchem. Ovladače k desce jsem updatoval i kvůli tomu, že se mi včera ve správci zařízení ukázal žlutý vykřičník u ovladače USB Etron. A nyní log z AdwCleaneru.
# AdwCleaner v3.002 - Report created 02/09/2013 at 22:50:55
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Terazky - TERAZKY-PC
# Running from : C:\Users\Terazky\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\prefs.js ]
*************************
AdwCleaner[R10].txt - [800 octets] - [02/09/2013 22:50:55]
########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [860 octets] ##########
# AdwCleaner v3.002 - Report created 02/09/2013 at 22:50:55
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Terazky - TERAZKY-PC
# Running from : C:\Users\Terazky\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\prefs.js ]
*************************
AdwCleaner[R10].txt - [800 octets] - [02/09/2013 22:50:55]
########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [860 octets] ##########
Re: Prosím o kontrolu logu
Znovu spusť AdwCleaner ale tentokrát klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té na Tebe opět vypadne log který mi sem zkopíruj.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosím o kontrolu logu
Hezký den, děkuji, zde jsou požadované logy.
# AdwCleaner v3.002 - Report created 05/09/2013 at 11:31:04
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Terazky - TERAZKY-PC
# Running from : C:\Users\Terazky\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\prefs.js ]
*************************
AdwCleaner[R10].txt - [940 octets] - [02/09/2013 22:50:55]
AdwCleaner[R11].txt - [916 octets] - [05/09/2013 11:30:31]
AdwCleaner[S6].txt - [839 octets] - [05/09/2013 11:31:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [898 octets] ##########
ComboFix 13-09-04.04 - Terazky 05.09.2013 11:34:51.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8189.6940 [GMT 2:00]
Spuštěný z: c:\users\Terazky\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
e:\temp\sfamcc00001.dll
e:\temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-05 do 2013-09-05 )))))))))))))))))))))))))))))))
.
.
2013-09-05 09:37 . 2013-09-05 09:38 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-05 09:37 . 2013-09-05 09:37 -------- d-----w- c:\users\Terazky\AppData\Local\temp
2013-09-03 18:58 . 2013-09-03 19:05 -------- d-----w- c:\users\Terazky\AppData\Roaming\Runscanner.net
2013-09-03 12:29 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BDA7A3C-3939-4D37-9A9A-E6F9ACFCC552}\mpengine.dll
2013-09-03 11:35 . 2013-09-03 11:35 -------- d-----w- c:\windows\ERUNT
2013-09-02 21:41 . 2013-09-02 21:57 -------- d-----w- c:\users\Terazky\AppData\Roaming\vlc
2013-09-02 20:50 . 2013-09-05 09:31 -------- d-----w- C:\AdwCleaner
2013-09-02 20:48 . 2013-09-02 20:48 -------- d-----w- c:\program files\CCleaner
2013-09-02 10:06 . 2013-09-02 10:06 -------- d-----w- C:\rsit
2013-09-02 02:34 . 2012-08-07 07:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-09-02 02:33 . 2011-09-29 09:30 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-02 02:33 . 2011-09-29 09:30 646248 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\program files (x86)\AMD APP
2013-09-02 02:29 . 2012-03-30 14:49 56448 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\programdata\AMD
2013-09-02 02:29 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-09-02 02:28 . 2013-09-02 02:28 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-09-02 02:28 . 2013-09-02 02:29 -------- d-----w- c:\program files\ATI Technologies
2013-09-02 02:26 . 2012-04-11 01:40 82560 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2013-09-02 02:26 . 2012-04-11 01:40 42624 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2013-08-29 13:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-29 13:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\programdata\Solid State Networks
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-25 13:06 . 2013-08-25 13:06 -------- d-----w- c:\users\Terazky\AppData\Roaming\SUPERAntiSpyware.com
2013-08-25 13:05 . 2013-08-25 13:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-25 13:05 . 2013-08-25 13:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-24 13:18 . 2013-08-24 13:18 -------- d-----w- c:\users\Terazky\AppData\Local\Mozilla
2013-08-24 12:14 . 2013-08-24 12:14 -------- d-----w- c:\program files (x86)\MozBackup
2013-08-24 11:12 . 2013-08-25 16:33 -------- d-----w- c:\users\Terazky\AppData\Roaming\Malwarebytes
2013-08-24 10:57 . 2013-08-24 10:57 -------- d-----w- c:\programdata\Downloaded Installations
2013-08-24 10:55 . 2013-08-24 10:55 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- C:\NvidiaLogging
2013-08-23 10:24 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-23 09:39 . 2013-08-23 09:39 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Java
2013-08-23 09:37 . 2013-08-23 09:39 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-23 09:37 . 2013-08-23 09:39 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-17 00:13 . 2013-08-17 00:13 -------- d-----w- c:\program files (x86)\Dokan
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files\Microsoft Silverlight
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-08-16 18:22 . 2013-08-16 18:22 -------- d-----w- c:\users\Terazky\AppData\Local\NeoSmart_Technologies
2013-08-16 18:20 . 2013-08-16 18:20 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2013-08-14 01:01 . 2013-08-14 01:01 -------- d-----w- c:\windows\system32\MRT
2013-08-08 10:41 . 2013-08-09 04:30 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-07 11:07 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-07 11:07 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-02-20 20:30 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-02-20 20:30 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-02-20 20:30 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-02-20 20:30 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-02-20 20:30 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-02-20 20:30 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-02-20 20:29 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-02-20 20:30 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 01:01 . 2013-02-20 21:11 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-16 12:59 . 2013-02-20 20:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 12:59 . 2013-02-20 20:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 10:24 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-09 04:45 . 2013-08-14 00:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-21 12:06 . 2012-10-10 20:23 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2012-10-10 20:23 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2012-10-10 20:23 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-10-10 20:22 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-02-20 20:55 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-20 20:55 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-20 20:55 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-20 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-20 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-20 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-21 01:09 . 2013-06-21 01:09 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-06-21 01:07 . 2013-06-21 01:07 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-06-20 04:17 . 2013-02-20 20:55 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-24 4761840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"CTxfiHlp"=CTXFIHLP.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-20 12:59]
.
2013-09-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3816157f-698a-47c3-a551-51eb92b3b457.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a64cb9f8-c719-43a2-a187-8601c2373a37.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
TCP: DhcpNameServer = 89.190.64.20 89.190.65.200
FF - ProfilePath - c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-07-16 22:10; jsdeobfuscator@adblockplus.org; c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\extensions\jsdeobfuscator@adblockplus.org.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\SpeedFan\speedfan.exe
.
**************************************************************************
.
Celkový čas: 2013-09-05 11:40:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-05 09:40
.
Před spuštěním: Volných bajtů: 36 470 652 928
Po spuštění: Volných bajtů: 36 366 409 728
.
- - End Of File - - 385356E51405FB4889D1D96117FB5170
A36C5E4F47E84449FF07ED3517B43A31
# AdwCleaner v3.002 - Report created 05/09/2013 at 11:31:04
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Terazky - TERAZKY-PC
# Running from : C:\Users\Terazky\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\prefs.js ]
*************************
AdwCleaner[R10].txt - [940 octets] - [02/09/2013 22:50:55]
AdwCleaner[R11].txt - [916 octets] - [05/09/2013 11:30:31]
AdwCleaner[S6].txt - [839 octets] - [05/09/2013 11:31:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [898 octets] ##########
ComboFix 13-09-04.04 - Terazky 05.09.2013 11:34:51.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8189.6940 [GMT 2:00]
Spuštěný z: c:\users\Terazky\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
e:\temp\sfamcc00001.dll
e:\temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-05 do 2013-09-05 )))))))))))))))))))))))))))))))
.
.
2013-09-05 09:37 . 2013-09-05 09:38 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-05 09:37 . 2013-09-05 09:37 -------- d-----w- c:\users\Terazky\AppData\Local\temp
2013-09-03 18:58 . 2013-09-03 19:05 -------- d-----w- c:\users\Terazky\AppData\Roaming\Runscanner.net
2013-09-03 12:29 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BDA7A3C-3939-4D37-9A9A-E6F9ACFCC552}\mpengine.dll
2013-09-03 11:35 . 2013-09-03 11:35 -------- d-----w- c:\windows\ERUNT
2013-09-02 21:41 . 2013-09-02 21:57 -------- d-----w- c:\users\Terazky\AppData\Roaming\vlc
2013-09-02 20:50 . 2013-09-05 09:31 -------- d-----w- C:\AdwCleaner
2013-09-02 20:48 . 2013-09-02 20:48 -------- d-----w- c:\program files\CCleaner
2013-09-02 10:06 . 2013-09-02 10:06 -------- d-----w- C:\rsit
2013-09-02 02:34 . 2012-08-07 07:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-09-02 02:33 . 2011-09-29 09:30 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-02 02:33 . 2011-09-29 09:30 646248 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\program files (x86)\AMD APP
2013-09-02 02:29 . 2012-03-30 14:49 56448 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\programdata\AMD
2013-09-02 02:29 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-09-02 02:28 . 2013-09-02 02:28 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-09-02 02:28 . 2013-09-02 02:29 -------- d-----w- c:\program files\ATI Technologies
2013-09-02 02:26 . 2012-04-11 01:40 82560 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2013-09-02 02:26 . 2012-04-11 01:40 42624 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2013-08-29 13:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-29 13:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\programdata\Solid State Networks
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-25 13:06 . 2013-08-25 13:06 -------- d-----w- c:\users\Terazky\AppData\Roaming\SUPERAntiSpyware.com
2013-08-25 13:05 . 2013-08-25 13:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-25 13:05 . 2013-08-25 13:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-24 13:18 . 2013-08-24 13:18 -------- d-----w- c:\users\Terazky\AppData\Local\Mozilla
2013-08-24 12:14 . 2013-08-24 12:14 -------- d-----w- c:\program files (x86)\MozBackup
2013-08-24 11:12 . 2013-08-25 16:33 -------- d-----w- c:\users\Terazky\AppData\Roaming\Malwarebytes
2013-08-24 10:57 . 2013-08-24 10:57 -------- d-----w- c:\programdata\Downloaded Installations
2013-08-24 10:55 . 2013-08-24 10:55 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- C:\NvidiaLogging
2013-08-23 10:24 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-23 09:39 . 2013-08-23 09:39 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Java
2013-08-23 09:37 . 2013-08-23 09:39 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-23 09:37 . 2013-08-23 09:39 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-17 00:13 . 2013-08-17 00:13 -------- d-----w- c:\program files (x86)\Dokan
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files\Microsoft Silverlight
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-08-16 18:22 . 2013-08-16 18:22 -------- d-----w- c:\users\Terazky\AppData\Local\NeoSmart_Technologies
2013-08-16 18:20 . 2013-08-16 18:20 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2013-08-14 01:01 . 2013-08-14 01:01 -------- d-----w- c:\windows\system32\MRT
2013-08-08 10:41 . 2013-08-09 04:30 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-07 11:07 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-07 11:07 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-02-20 20:30 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-02-20 20:30 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-02-20 20:30 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-02-20 20:30 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-02-20 20:30 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-02-20 20:30 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-02-20 20:29 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-02-20 20:30 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 01:01 . 2013-02-20 21:11 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-16 12:59 . 2013-02-20 20:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 12:59 . 2013-02-20 20:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 10:24 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-09 04:45 . 2013-08-14 00:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-21 12:06 . 2012-10-10 20:23 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2012-10-10 20:23 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2012-10-10 20:23 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-10-10 20:22 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-02-20 20:55 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-20 20:55 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-20 20:55 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-20 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-20 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-20 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-21 01:09 . 2013-06-21 01:09 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-06-21 01:07 . 2013-06-21 01:07 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-06-20 04:17 . 2013-02-20 20:55 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-24 4761840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"CTxfiHlp"=CTXFIHLP.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-20 12:59]
.
2013-09-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3816157f-698a-47c3-a551-51eb92b3b457.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a64cb9f8-c719-43a2-a187-8601c2373a37.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
TCP: DhcpNameServer = 89.190.64.20 89.190.65.200
FF - ProfilePath - c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-07-16 22:10; jsdeobfuscator@adblockplus.org; c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\extensions\jsdeobfuscator@adblockplus.org.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\SpeedFan\speedfan.exe
.
**************************************************************************
.
Celkový čas: 2013-09-05 11:40:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-05 09:40
.
Před spuštěním: Volných bajtů: 36 470 652 928
Po spuštění: Volných bajtů: 36 366 409 728
.
- - End Of File - - 385356E51405FB4889D1D96117FB5170
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím o kontrolu logu
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Prosím o kontrolu logu
Děkuji, zde je log.
ComboFix 13-09-04.04 - Terazky 06.09.2013 0:17.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8189.6893 [GMT 2:00]
Spuštěný z: c:\users\Terazky\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Terazky\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\temp\sfamcc00001.dll
e:\temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-05 do 2013-09-05 )))))))))))))))))))))))))))))))
.
.
2013-09-05 22:20 . 2013-09-05 22:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-05 22:20 . 2013-09-05 22:20 -------- d-----w- c:\users\Terazky\AppData\Local\temp
2013-09-03 18:58 . 2013-09-03 19:05 -------- d-----w- c:\users\Terazky\AppData\Roaming\Runscanner.net
2013-09-03 12:29 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BDA7A3C-3939-4D37-9A9A-E6F9ACFCC552}\mpengine.dll
2013-09-03 11:35 . 2013-09-03 11:35 -------- d-----w- c:\windows\ERUNT
2013-09-02 21:41 . 2013-09-02 21:57 -------- d-----w- c:\users\Terazky\AppData\Roaming\vlc
2013-09-02 20:50 . 2013-09-05 09:31 -------- d-----w- C:\AdwCleaner
2013-09-02 20:48 . 2013-09-02 20:48 -------- d-----w- c:\program files\CCleaner
2013-09-02 10:06 . 2013-09-02 10:06 -------- d-----w- C:\rsit
2013-09-02 02:34 . 2012-08-07 07:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-09-02 02:33 . 2011-09-29 09:30 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-02 02:33 . 2011-09-29 09:30 646248 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\program files (x86)\AMD APP
2013-09-02 02:29 . 2012-03-30 14:49 56448 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\programdata\AMD
2013-09-02 02:29 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-09-02 02:28 . 2013-09-02 02:28 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-09-02 02:28 . 2013-09-02 02:29 -------- d-----w- c:\program files\ATI Technologies
2013-09-02 02:26 . 2012-04-11 01:40 82560 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2013-09-02 02:26 . 2012-04-11 01:40 42624 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2013-08-29 13:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-29 13:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\programdata\Solid State Networks
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-25 13:06 . 2013-08-25 13:06 -------- d-----w- c:\users\Terazky\AppData\Roaming\SUPERAntiSpyware.com
2013-08-25 13:05 . 2013-08-25 13:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-25 13:05 . 2013-08-25 13:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-24 13:18 . 2013-08-24 13:18 -------- d-----w- c:\users\Terazky\AppData\Local\Mozilla
2013-08-24 12:14 . 2013-08-24 12:14 -------- d-----w- c:\program files (x86)\MozBackup
2013-08-24 11:12 . 2013-08-25 16:33 -------- d-----w- c:\users\Terazky\AppData\Roaming\Malwarebytes
2013-08-24 10:57 . 2013-08-24 10:57 -------- d-----w- c:\programdata\Downloaded Installations
2013-08-24 10:55 . 2013-08-24 10:55 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-08-23 10:24 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-23 09:39 . 2013-08-23 09:39 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Java
2013-08-23 09:37 . 2013-08-23 09:39 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-23 09:37 . 2013-08-23 09:39 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-17 00:13 . 2013-08-17 00:13 -------- d-----w- c:\program files (x86)\Dokan
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files\Microsoft Silverlight
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-08-16 18:22 . 2013-08-16 18:22 -------- d-----w- c:\users\Terazky\AppData\Local\NeoSmart_Technologies
2013-08-16 18:20 . 2013-08-16 18:20 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2013-08-14 01:01 . 2013-08-14 01:01 -------- d-----w- c:\windows\system32\MRT
2013-08-08 10:41 . 2013-08-09 04:30 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-07 11:07 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-07 11:07 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-02-20 20:30 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-02-20 20:30 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-02-20 20:30 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-02-20 20:30 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-02-20 20:30 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-02-20 20:30 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-02-20 20:29 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-02-20 20:30 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 01:01 . 2013-02-20 21:11 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-16 12:59 . 2013-02-20 20:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 12:59 . 2013-02-20 20:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 10:24 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-09 04:45 . 2013-08-14 00:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-21 12:06 . 2012-10-10 20:23 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2012-10-10 20:23 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2012-10-10 20:23 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-10-10 20:22 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-02-20 20:55 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-20 20:55 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-20 20:55 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-20 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-20 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-20 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-21 01:09 . 2013-06-21 01:09 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-06-21 01:07 . 2013-06-21 01:07 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-06-20 04:17 . 2013-02-20 20:55 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-24 4761840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"CTxfiHlp"=CTXFIHLP.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-20 12:59]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3816157f-698a-47c3-a551-51eb92b3b457.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a64cb9f8-c719-43a2-a187-8601c2373a37.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
TCP: DhcpNameServer = 89.190.64.20 89.190.65.200
FF - ProfilePath - c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-07-16 22:10; jsdeobfuscator@adblockplus.org; c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\extensions\jsdeobfuscator@adblockplus.org.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\SpeedFan\speedfan.exe
.
**************************************************************************
.
Celkový čas: 2013-09-06 00:22:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-05 22:22
ComboFix2.txt 2013-09-05 09:40
.
Před spuštěním: Volných bajtů: 36 310 282 240
Po spuštění: Volných bajtů: 36 073 308 160
.
- - End Of File - - 0D11D2616CC5D5A0D10927DB411819C8
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-09-04.04 - Terazky 06.09.2013 0:17.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8189.6893 [GMT 2:00]
Spuštěný z: c:\users\Terazky\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Terazky\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\temp\sfamcc00001.dll
e:\temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-05 do 2013-09-05 )))))))))))))))))))))))))))))))
.
.
2013-09-05 22:20 . 2013-09-05 22:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-05 22:20 . 2013-09-05 22:20 -------- d-----w- c:\users\Terazky\AppData\Local\temp
2013-09-03 18:58 . 2013-09-03 19:05 -------- d-----w- c:\users\Terazky\AppData\Roaming\Runscanner.net
2013-09-03 12:29 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BDA7A3C-3939-4D37-9A9A-E6F9ACFCC552}\mpengine.dll
2013-09-03 11:35 . 2013-09-03 11:35 -------- d-----w- c:\windows\ERUNT
2013-09-02 21:41 . 2013-09-02 21:57 -------- d-----w- c:\users\Terazky\AppData\Roaming\vlc
2013-09-02 20:50 . 2013-09-05 09:31 -------- d-----w- C:\AdwCleaner
2013-09-02 20:48 . 2013-09-02 20:48 -------- d-----w- c:\program files\CCleaner
2013-09-02 10:06 . 2013-09-02 10:06 -------- d-----w- C:\rsit
2013-09-02 02:34 . 2012-08-07 07:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-09-02 02:33 . 2011-09-29 09:30 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-02 02:33 . 2011-09-29 09:30 646248 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\program files (x86)\AMD APP
2013-09-02 02:29 . 2012-03-30 14:49 56448 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-09-02 02:29 . 2013-09-02 02:29 -------- d-----w- c:\programdata\AMD
2013-09-02 02:29 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-09-02 02:28 . 2013-09-02 02:28 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-09-02 02:28 . 2013-09-02 02:29 -------- d-----w- c:\program files\ATI Technologies
2013-09-02 02:26 . 2012-04-11 01:40 82560 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2013-09-02 02:26 . 2012-04-11 01:40 42624 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2013-08-29 13:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-29 13:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\programdata\Solid State Networks
2013-08-28 17:08 . 2013-08-28 17:08 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-25 13:06 . 2013-08-25 13:06 -------- d-----w- c:\users\Terazky\AppData\Roaming\SUPERAntiSpyware.com
2013-08-25 13:05 . 2013-08-25 13:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-25 13:05 . 2013-08-25 13:05 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-24 13:18 . 2013-08-24 13:18 -------- d-----w- c:\users\Terazky\AppData\Local\Mozilla
2013-08-24 12:14 . 2013-08-24 12:14 -------- d-----w- c:\program files (x86)\MozBackup
2013-08-24 11:12 . 2013-08-25 16:33 -------- d-----w- c:\users\Terazky\AppData\Roaming\Malwarebytes
2013-08-24 10:57 . 2013-08-24 10:57 -------- d-----w- c:\programdata\Downloaded Installations
2013-08-24 10:55 . 2013-08-24 10:55 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-08-23 10:24 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-23 10:24 . 2013-08-23 10:24 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-23 09:39 . 2013-08-23 09:39 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-23 09:39 . 2013-08-23 09:39 -------- d-----w- c:\program files (x86)\Java
2013-08-23 09:37 . 2013-08-23 09:39 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-23 09:37 . 2013-08-23 09:39 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-17 00:13 . 2013-08-17 00:13 -------- d-----w- c:\program files (x86)\Dokan
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files\Microsoft Silverlight
2013-08-16 18:48 . 2013-08-17 16:51 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-08-16 18:22 . 2013-08-16 18:22 -------- d-----w- c:\users\Terazky\AppData\Local\NeoSmart_Technologies
2013-08-16 18:20 . 2013-08-16 18:20 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2013-08-14 01:01 . 2013-08-14 01:01 -------- d-----w- c:\windows\system32\MRT
2013-08-08 10:41 . 2013-08-09 04:30 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-07 11:07 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-07 11:07 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-02-20 20:30 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-02-20 20:30 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-02-20 20:30 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-02-20 20:30 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-02-20 20:30 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-02-20 20:30 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-02-20 20:29 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-02-20 20:30 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 01:01 . 2013-02-20 21:11 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-16 12:59 . 2013-02-20 20:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 12:59 . 2013-02-20 20:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-10 10:24 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-09 04:45 . 2013-08-14 00:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-21 12:06 . 2012-10-10 20:23 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2012-10-10 20:23 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2012-10-10 20:23 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-10-10 20:22 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-02-20 20:55 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-20 20:55 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-20 20:55 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-20 20:55 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-20 20:55 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-20 20:55 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-21 01:09 . 2013-06-21 01:09 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-06-21 01:07 . 2013-06-21 01:07 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-06-20 04:17 . 2013-02-20 20:55 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-24 4761840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"CTxfiHlp"=CTXFIHLP.EXE
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys;c:\windows\SYSNATIVE\drivers\dokan.sys [x]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-20 12:59]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3816157f-698a-47c3-a551-51eb92b3b457.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
2013-09-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a64cb9f8-c719-43a2-a187-8601c2373a37.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
TCP: DhcpNameServer = 89.190.64.20 89.190.65.200
FF - ProfilePath - c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-07-16 22:10; jsdeobfuscator@adblockplus.org; c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\ehf77j45.default\extensions\jsdeobfuscator@adblockplus.org.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\SpeedFan\speedfan.exe
.
**************************************************************************
.
Celkový čas: 2013-09-06 00:22:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-05 22:22
ComboFix2.txt 2013-09-05 09:40
.
Před spuštěním: Volných bajtů: 36 310 282 240
Po spuštění: Volných bajtů: 36 073 308 160
.
- - End Of File - - 0D11D2616CC5D5A0D10927DB411819C8
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím o kontrolu logu
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
Re: Prosím o kontrolu logu
Děkuji. Provedl jsem a po zhruba půl hodině práce ve Firefoxu se objevil opět onen problém - nejdříve se u ukazatele myši roztočí modré kolečko, jako kdyby se na pozadí spouštěl nějaký program a poté dojde ke kousnutí prohlížeče a spolu s ním k tvrdému kousnutí celého PC. Stává se mi to na stránkách iDnes. Přeinstalovávat systém se mi nechce, ale už jsem z toho zoufalý. V žádném jiném programu, krom firefoxu a běžného prohlížení stránek se počítač takto nechová.
Re: Prosím o kontrolu logu
Tak idnes jsou celkem náročné stránky, ale ne natolik aby kvůli tomu zamrzlo PC.
Tak mě napadá, máš aktuální flash ?
Pak se koukni do Zásuvných modulů Firefoxu a zakaž vše krom Javy a Flashe.
Tak mě napadá, máš aktuální flash ?
Pak se koukni do Zásuvných modulů Firefoxu a zakaž vše krom Javy a Flashe.
Re: Prosím o kontrolu logu
Všechny programy i pluginy mám aktuální, stejně tak všechny aktualizace. Vypínání doplňků a rozšíření nepomohlo - i holý Firefox se choval tak, jak jsem výš popsal. Pomohlo až nainstalování VMware a virtuálního OS, kde Firefox funguje korektně i se všemi doplňky.
Re: Prosím o kontrolu logu
Dobrý den, ozývám se po delší době. Modem jsem resetoval a používal Internet Explorer. V něm se zmíněný problém nevyskytuje a nadále přetrvává pouze ve Firefoxu, pokud jej použiji přímo z Windows 7. Zřejmě nějaký konflikt s ovladači grafické karty, někdy nedojde k tvrdému "kousnutí", ale objeví se hláška, nevím jestli ji napíši přesně, "ovladač grafické karty přestal reagovat a jeho činnost byla po závažné chybě obnovena". Bohužel pak musí následovat restart, protože počítač se chová jako by to byla stará 286, zadrhává a nahazuje nesmyslné ukazatele myši. Nechci už dál zkoumat, proč se to děje a proč zrovna v kombinaci s Firefoxem, který funguje korektně ve virtuálním OS a tímto tento problém ze svého pohledu vidím jako vyřešený. Děkují za spolupráci a prosím zamknout téma.
Přispějete na provoz fóra?