Prosim o pomoc. Po nastartovani PC zustava cerna plocha bez nabehu tapety a ikon plus kurzor. Programy lze spoustet pres spravce uloh.
Vic poznatku bohuzel nemam. Jeste vcera nabehl PC OK a dnes toto. Dekuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2013-10-20 22:19:13
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 13 GB (8%) free of 153 GB
Total RAM: 4094 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:19:25, on 20.10.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\explorer.exe
C:\PROGRA~2\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... 2215a4c1bf
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: DocumentExporterIE - {e88d1d51-70d0-4a24-b58c-b509d39fdbb9} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Document Exporter - {da153d37-a57e-4f22-a649-6aeef4a10c28} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe -update plugin
O4 - Startup: RT-Updater.lnk = C:\ROSS-TECH\VCDS\VCDS.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - file://C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
O9 - Extra 'Tools' menuitem: Document Exporter Settings - {22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - file://C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Document Exporter Settings - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update Service (gupdate1c9f18fd65a1953) (gupdate1c9f18fd65a1953) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Quick PDF Tools Background Service (QuickPDFTCPService0719) - Debenu Pty Ltd - C:\Program Files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12633 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
taskeng.exe {460B8907-B9AC-468A-BB65-8C028F2442A8}
C:\Windows\System32\spoolsv.exe
taskeng.exe {8CF57622-98AA-47FF-8219-EE21BA330780}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {7B52731C-094B-4911-A625-937042E3FDBA}
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\MsgTranAgt64.exe"
"C:\Program Files\Wireless Console 2\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\P4G\\BatteryLife.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
Atouch64.exe
C:\Windows\System32\mobsync.exe -Embedding
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"Taskmgr.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe"
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -service
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Canon\CAL\CALMAIN.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
taskeng.exe {8C51F498-9F47-44EB-AA8E-EE4666F81DC8}
"C:\Windows\System32\explorer.exe" /select,"C:\Users\Owner\Desktop\RSITx64.exe"
"C:\Users\Owner\Desktop\RSITx64.exe"
C:\PROGRA~2\HEWLET~1\HPSHAR~1\hpgs2wnf.exe -Embedding
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652
"C:\Users\Owner\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\WmiApSrv.exe
======Scheduled tasks folder======
C:\Windows\tasks\AllmyappsUpdateTask.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 2766c3c7-98ad-4b74-81d7-68e2bb0b22e2.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task eb51b10d-9922-4c7b-b537-302a43fb2af5.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-01 553376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-01 211360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
DocumentExporterIE - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll [2010-02-25 664576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
DocumentExporterIE - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll [2010-02-25 466944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{da153d37-a57e-4f22-a649-6aeef4a10c28} - Document Exporter - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll [2010-02-25 664576]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{da153d37-a57e-4f22-a649-6aeef4a10c28} - Document Exporter - C:\Program Files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll [2010-02-25 466944]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2012-11-20 1696824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-10-20 6588144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe [2013-09-29 815496]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"=C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe [2008-07-25 2701880]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2012-12-05 597880]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RT-Updater.lnk - C:\ROSS-TECH\VCDS\VCDS.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-20 22:15:31 ----D---- C:\rsit
2013-10-20 21:24:15 ----D---- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-10-20 21:24:08 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-10-20 21:24:08 ----D---- C:\Program Files\SUPERAntiSpyware
2013-10-20 20:02:08 ----ASH---- C:\hiberfil.sys
2013-10-18 20:59:36 ----D---- C:\Users\Owner\AppData\Roaming\SmartInspect
2013-10-18 20:31:25 ----D---- C:\Users\Owner\AppData\Roaming\LogView
2013-10-18 20:21:40 ----D---- C:\Program Files (x86)\LogView V2
2013-10-18 20:10:22 ----D---- C:\Program Files (x86)\Silabs
2013-10-18 20:09:04 ----D---- C:\Windows\SYSWOW64\Silabs
2013-10-16 20:46:09 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-10-12 10:25:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-10-12 10:25:36 ----A---- C:\Windows\system32\mshtmled.dll
2013-10-12 10:25:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-10-12 10:25:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-12 10:25:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-10-12 10:25:33 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-12 10:25:33 ----A---- C:\Windows\system32\ieUnatt.exe
2013-10-12 10:25:33 ----A---- C:\Windows\system32\ieui.dll
2013-10-12 10:25:32 ----A---- C:\Windows\SYSWOW64\url.dll
2013-10-12 10:25:32 ----A---- C:\Windows\system32\url.dll
2013-10-12 10:25:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-12 10:25:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-12 10:25:31 ----A---- C:\Windows\system32\wininet.dll
2013-10-12 10:25:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-12 10:25:30 ----A---- C:\Windows\system32\urlmon.dll
2013-10-12 10:25:29 ----A---- C:\Windows\system32\jscript9.dll
2013-10-12 10:25:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-12 10:25:28 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-12 10:25:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-12 10:25:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-12 10:25:25 ----A---- C:\Windows\system32\vbscript.dll
2013-10-12 10:25:25 ----A---- C:\Windows\system32\jscript.dll
2013-10-12 10:25:25 ----A---- C:\Windows\system32\iertutil.dll
2013-10-12 10:25:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-12 10:25:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-12 10:25:17 ----A---- C:\Windows\system32\mshtml.dll
2013-10-12 10:25:15 ----A---- C:\Windows\system32\ieframe.dll
2013-10-12 10:25:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 20:15:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 20:15:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 20:15:06 ----A---- C:\Windows\system32\cdd.dll
2013-10-10 20:13:51 ----A---- C:\Windows\system32\DWrite.dll
2013-10-10 20:13:50 ----A---- C:\Windows\system32\FntCache.dll
2013-10-10 20:13:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-10-10 20:13:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-10-10 20:13:48 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-10-10 20:13:48 ----A---- C:\Windows\system32\d3d10warp.dll
2013-10-10 20:13:48 ----A---- C:\Windows\system32\d3d10level9.dll
2013-10-10 20:13:48 ----A---- C:\Windows\system32\d2d1.dll
2013-10-10 20:13:47 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-10-10 20:13:47 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-10-10 20:13:47 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-10-10 20:13:46 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-10-10 20:13:46 ----A---- C:\Windows\system32\d3d10core.dll
2013-10-10 20:13:45 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-10-10 20:13:45 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-10-10 20:13:45 ----A---- C:\Windows\system32\d3d10_1.dll
2013-10-10 20:13:45 ----A---- C:\Windows\system32\d3d10.dll
2013-10-10 20:13:30 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 20:13:29 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 20:13:28 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 20:13:28 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 20:13:15 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 20:13:09 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 20:13:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 20:12:57 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 20:12:55 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 20:12:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 20:12:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-10 20:12:37 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-10 20:12:36 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-10 20:12:36 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-10 20:12:35 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-10 20:12:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-09-25 22:35:31 ----D---- C:\Users\Owner\AppData\Roaming\YouTube Downloader
2013-09-25 22:33:54 ----D---- C:\Program Files (x86)\YTD
2013-09-22 14:08:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-22 12:18:27 ----D---- C:\ProgramData\Freemake
2013-09-22 12:18:19 ----D---- C:\Program Files (x86)\Freemake
======List of files/folders modified in the last 1 month======
2013-10-20 22:19:20 ----D---- C:\Windows\Temp
2013-10-20 22:19:16 ----D---- C:\Program Files\trend micro
2013-10-20 22:05:39 ----D---- C:\Windows\System32
2013-10-20 22:05:39 ----D---- C:\Windows\inf
2013-10-20 22:05:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-20 22:04:14 ----D---- C:\Users\Owner\AppData\Roaming\Skype
2013-10-20 21:59:50 ----A---- C:\Windows\system32\acovcnt.exe
2013-10-20 21:24:25 ----D---- C:\Windows\Tasks
2013-10-20 21:24:25 ----D---- C:\Windows\system32\Tasks
2013-10-20 21:24:15 ----D---- C:\ProgramData
2013-10-20 21:24:08 ----RD---- C:\Program Files
2013-10-20 20:38:55 ----AD---- C:\Windows
2013-10-20 20:36:52 ----D---- C:\Windows\system32\Msdtc
2013-10-20 20:36:41 ----D---- C:\Windows\system32\wbem
2013-10-20 20:35:49 ----D---- C:\Windows\system32\config
2013-10-20 20:35:31 ----D---- C:\Windows\system32\spool
2013-10-20 20:35:31 ----D---- C:\Windows\system32\drivers
2013-10-20 20:35:31 ----D---- C:\Windows\system32\catroot2
2013-10-20 20:35:31 ----D---- C:\ProgramData\P4G
2013-10-20 20:35:30 ----D---- C:\Windows\registration
2013-10-20 20:35:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-20 20:17:50 ----D---- C:\Windows\Prefetch
2013-10-20 19:08:30 ----RSD---- C:\Windows\assembly
2013-10-20 19:07:32 ----D---- C:\Windows\Microsoft.NET
2013-10-18 20:21:40 ----RD---- C:\Program Files (x86)
2013-10-18 20:10:43 ----D---- C:\Windows\system32\catroot
2013-10-18 20:10:34 ----SHD---- C:\System Volume Information
2013-10-18 20:09:04 ----D---- C:\Windows\SysWOW64
2013-10-16 21:58:31 ----D---- C:\Users\Owner\AppData\Roaming\vlc
2013-10-15 22:00:12 ----D---- C:\Windows\system32\WDI
2013-10-15 20:23:03 ----SHD---- C:\Windows\Installer
2013-10-14 20:37:24 ----D---- C:\ProgramData\Skype
2013-10-14 20:37:10 ----RD---- C:\Program Files (x86)\Skype
2013-10-12 19:28:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-12 19:28:25 ----D---- C:\Windows\SYSWOW64\migration
2013-10-12 19:28:23 ----D---- C:\Windows\system32\migration
2013-10-12 19:28:21 ----D---- C:\Program Files\Internet Explorer
2013-10-12 10:45:46 ----D---- C:\Windows\winsxs
2013-10-12 10:45:31 ----A---- C:\Windows\win.ini
2013-10-12 10:30:26 ----D---- C:\Windows\system32\MRT
2013-10-12 10:27:04 ----A---- C:\Windows\system32\mrt.exe
2013-09-29 19:25:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-22 13:38:54 ----D---- C:\Program Files (x86)\MediaCoder
2013-09-22 13:38:52 ----D---- C:\Users\Owner\AppData\Roaming\Broad Intelligence
2013-09-22 12:18:19 ----D---- C:\Users\Owner\AppData\Roaming\OpenCandy
2013-09-21 19:16:09 ----D---- C:\CalcRC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2007-08-11 34872]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-05-07 395288]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 16440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-02-22 868848]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2012-08-21 44272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 32200]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2007-02-20 65408]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-12-05 71032]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2007-03-06 314368]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2008-02-16 62976]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-27 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-28 57856]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-12-01 119744]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-09-18 1497112]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-19 59392]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 17464]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2006-10-27 13680]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys [2008-06-26 4735488]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 13187176]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-27 82816]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-08-06 174592]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 111104]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-04-01 1878440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 320048]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 58496]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 140160]
S3 AF9035BDA;GIGABYTE U7200 DVB-T Devices; C:\Windows\System32\Drivers\AF9035BDA.sys [2008-05-29 270080]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 48768]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 695296]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 35328]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ce6230;Intel CE6230 Standalone USB Driver; C:\Windows\system32\DRIVERS\CE6230StandaloneDriver.sys [2007-05-31 58624]
S3 ce6230BDACAP;Realfine CE6230 BDA Driver; C:\Windows\system32\DRIVERS\CE6230BDA.sys [2007-05-31 24960]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 DCamUSBSTK02H;STK02H Camera; C:\Windows\system32\DRIVERS\STK02HW2.sys [2007-03-21 106496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2007-06-27 63808]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2007-06-27 83776]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-06-13 663040]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 61568]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187.sys [2008-06-27 482816]
S3 RT-USB;Ross-Tech USB driver; C:\Windows\system32\drivers\RT-USB64.SYS [2010-06-16 70984]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 54840]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19456]
S3 USBCCID;Čtecí zařízení čipových karet USB; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 38400]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
S3 vzandnetadb;ADB Interface DriverNet for VZW; C:\Windows\System32\Drivers\lgvzandnetadb.sys [2012-03-12 31744]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2012-05-17 14464]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\winusb.sys [2009-07-14 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2007-03-12 120320]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-12-05 384888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 QuickPDFTCPService0719;Quick PDF Tools Background Service; C:\Program Files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe [2010-04-27 1899008]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2012-11-20 1696824]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 27648]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-12-05 393080]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-05-24 101888]
S2 gupdate1c9f18fd65a1953;Google Update Service (gupdate1c9f18fd65a1953); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-06 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-03-06 655624]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-11-15 68096]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-16 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2009-01-11 183112]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1022632]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Černá plocha po startu Windows Vista
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Zdravím!
Nouz. režim naběhne normálně, nebo jen do černé plochy?
Nouz. režim naběhne normálně, nebo jen do černé plochy?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá plocha po startu Windows Vista
Dobry vecer,
taktez v nouzovem rezimu je cerna plocha a kurzor a jen v rozich obrazovky jsou navic napisy NOUZOVY REZIM
taktez v nouzovem rezimu je cerna plocha a kurzor a jen v rozich obrazovky jsou navic napisy NOUZOVY REZIM
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Pokud se dostanete do příkazového řádku, spusťte obnovu systému podle návodu: http://windows.microsoft.com/cs-cz/wind ... and-prompt a obnovte systém k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá plocha po startu Windows Vista
Vcera jsem zkousel obnovu k 18.10 a bohuzel porad stejne (cerna plocha) a ted jsem zkusil jeste starsi a to k 15.10 a kupodivu plocha po obnove a restartu nabehla. Dekuji 
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Chtělo by to ještě provést hloubkovou kontrolu na viry. Tento problém mohl způsobit virus. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá plocha po startu Windows Vista
Dokonceno ... zde je log 
ComboFix 13-10-21.01 - Owner 21.10.2013 19:14:53.5.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2315 [GMT 2:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdate.log
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\users\Owner\AppData\Roaming\vso_ts_preview.xml
c:\windows\msvcr71.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-21 do 2013-10-21 )))))))))))))))))))))))))))))))
.
.
2013-10-21 17:35 . 2013-10-21 17:41 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-10-21 17:35 . 2013-10-21 17:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-21 17:35 . 2013-10-21 17:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 16:47 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B5BA74D-D052-42B8-AA44-E6A0B818C148}\mpengine.dll
2013-10-20 20:15 . 2013-10-20 20:15 -------- d-----w- C:\rsit
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-10-20 19:24 . 2013-10-21 16:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-10-18 18:59 . 2013-10-18 18:59 -------- d-----w- c:\users\Owner\AppData\Roaming\SmartInspect
2013-10-18 18:31 . 2013-10-18 19:32 -------- d-----w- c:\users\Owner\AppData\Roaming\LogView
2013-10-18 18:21 . 2013-10-18 18:21 -------- d-----w- c:\program files (x86)\LogView V2
2013-10-16 18:46 . 2013-10-16 18:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird(3)
2013-10-10 18:15 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys
2013-10-10 18:15 . 2013-08-01 04:10 901568 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 18:15 . 2013-08-01 03:37 47104 ----a-w- c:\windows\system32\cdd.dll
2013-10-10 18:12 . 2013-07-04 04:13 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 18:12 . 2013-07-04 04:21 532480 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 18:12 . 2013-06-26 23:00 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 18:12 . 2013-06-29 02:25 274944 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 18:12 . 2013-06-29 02:25 95744 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 18:12 . 2013-06-29 02:25 259584 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 18:12 . 2013-06-29 02:25 7552 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 18:12 . 2011-05-05 14:17 49664 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 18:12 . 2011-05-05 14:17 29184 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-25 20:35 . 2013-10-13 21:23 -------- d-----w- c:\users\Owner\AppData\Roaming\YouTube Downloader
2013-09-25 20:33 . 2013-09-25 21:03 -------- d-----w- c:\program files (x86)\YTD
2013-09-22 10:23 . 2013-10-21 16:29 -------- d-----w- c:\users\Owner\AppData\Local\Pokki
2013-09-22 10:18 . 2013-09-22 10:19 -------- d-----w- c:\programdata\Freemake
2013-09-22 10:18 . 2013-09-22 10:18 -------- d-----w- c:\program files (x86)\Freemake
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 17:38 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-10-12 08:27 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe
2013-09-29 17:25 . 2012-04-27 17:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-29 17:25 . 2011-10-14 19:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 12:35 . 2009-10-02 20:02 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 14:06 . 2013-08-29 20:29 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-02 04:09 . 2013-08-29 20:29 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2012-12-05 597880]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RT-Updater.lnk - c:\ross-tech\VCDS\VCDS.EXE Update [2010-6-30 899656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 10:13]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 10:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2012-11-20 1696824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2010-08-15 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Pokki - %LOCALAPPDATA%\Pokki\Engine\Launcher.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:54,eb,5c,79,f9,2c,c1,88,86,27,22,ff,a6,fb,4a,fe,27,5f,e7,1f,18,37,37,
cb,1f,09,49,2e,85,59,d7,b1,bb,68,84,c4,2a,54,8b,e2,2c,08,51,50,f8,b8,ae,78,\
"??"=hex:ac,19,66,f0,6e,52,7d,ae,72,cb,c2,0b,13,03,0b,9a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Applications\dreamweaver.exe\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{84d4e968-0688-4b4d-9659-fb4c4e611232}\Implemented Categories\{71B2D918-2983-47B3-8337-9BEA15F184DA}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Edit]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.10\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Adobe\\Adobe Photoshop CS3\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.11\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Adobe Photoshop CS4 (64 Bit)\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{004BB91A-98DA-406F-BBBF-7A9F122A3AC2}\1.0\0\win32]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Common Files\\Adobe\\Linguistics\\Providers\\Plugins\\WRLiloPlugin1.0\\WRLiloPlugin.dll"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe
c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\program files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
.
**************************************************************************
.
Celkový čas: 2013-10-21 19:50:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-21 17:50
ComboFix2.txt 2011-12-28 10:31
.
Před spuštěním: Volných bajtů: 15 453 712 384
Po spuštění: Volných bajtů: 18 143 059 968
.
- - End Of File - - 89017A64274ADCB231A69F45B26B74C3
64B1E91C5C6C2157642651010728F90F
ComboFix 13-10-21.01 - Owner 21.10.2013 19:14:53.5.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2315 [GMT 2:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdate.log
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\users\Owner\AppData\Roaming\vso_ts_preview.xml
c:\windows\msvcr71.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-21 do 2013-10-21 )))))))))))))))))))))))))))))))
.
.
2013-10-21 17:35 . 2013-10-21 17:41 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-10-21 17:35 . 2013-10-21 17:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-21 17:35 . 2013-10-21 17:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 16:47 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B5BA74D-D052-42B8-AA44-E6A0B818C148}\mpengine.dll
2013-10-20 20:15 . 2013-10-20 20:15 -------- d-----w- C:\rsit
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-10-20 19:24 . 2013-10-21 16:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-10-18 18:59 . 2013-10-18 18:59 -------- d-----w- c:\users\Owner\AppData\Roaming\SmartInspect
2013-10-18 18:31 . 2013-10-18 19:32 -------- d-----w- c:\users\Owner\AppData\Roaming\LogView
2013-10-18 18:21 . 2013-10-18 18:21 -------- d-----w- c:\program files (x86)\LogView V2
2013-10-16 18:46 . 2013-10-16 18:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird(3)
2013-10-10 18:15 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys
2013-10-10 18:15 . 2013-08-01 04:10 901568 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 18:15 . 2013-08-01 03:37 47104 ----a-w- c:\windows\system32\cdd.dll
2013-10-10 18:12 . 2013-07-04 04:13 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 18:12 . 2013-07-04 04:21 532480 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 18:12 . 2013-06-26 23:00 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 18:12 . 2013-06-29 02:25 274944 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 18:12 . 2013-06-29 02:25 95744 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 18:12 . 2013-06-29 02:25 259584 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 18:12 . 2013-06-29 02:25 7552 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 18:12 . 2011-05-05 14:17 49664 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 18:12 . 2011-05-05 14:17 29184 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-25 20:35 . 2013-10-13 21:23 -------- d-----w- c:\users\Owner\AppData\Roaming\YouTube Downloader
2013-09-25 20:33 . 2013-09-25 21:03 -------- d-----w- c:\program files (x86)\YTD
2013-09-22 10:23 . 2013-10-21 16:29 -------- d-----w- c:\users\Owner\AppData\Local\Pokki
2013-09-22 10:18 . 2013-09-22 10:19 -------- d-----w- c:\programdata\Freemake
2013-09-22 10:18 . 2013-09-22 10:18 -------- d-----w- c:\program files (x86)\Freemake
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 17:38 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-10-12 08:27 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe
2013-09-29 17:25 . 2012-04-27 17:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-29 17:25 . 2011-10-14 19:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 12:35 . 2009-10-02 20:02 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 14:06 . 2013-08-29 20:29 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-02 04:09 . 2013-08-29 20:29 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2012-12-05 597880]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RT-Updater.lnk - c:\ross-tech\VCDS\VCDS.EXE Update [2010-6-30 899656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 10:13]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-20 10:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2012-11-20 1696824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2010-08-15 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Pokki - %LOCALAPPDATA%\Pokki\Engine\Launcher.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:54,eb,5c,79,f9,2c,c1,88,86,27,22,ff,a6,fb,4a,fe,27,5f,e7,1f,18,37,37,
cb,1f,09,49,2e,85,59,d7,b1,bb,68,84,c4,2a,54,8b,e2,2c,08,51,50,f8,b8,ae,78,\
"??"=hex:ac,19,66,f0,6e,52,7d,ae,72,cb,c2,0b,13,03,0b,9a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Applications\dreamweaver.exe\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{84d4e968-0688-4b4d-9659-fb4c4e611232}\Implemented Categories\{71B2D918-2983-47B3-8337-9BEA15F184DA}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Edit]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.10\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Adobe\\Adobe Photoshop CS3\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.11\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Adobe Photoshop CS4 (64 Bit)\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{004BB91A-98DA-406F-BBBF-7A9F122A3AC2}\1.0\0\win32]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\Common Files\\Adobe\\Linguistics\\Providers\\Plugins\\WRLiloPlugin1.0\\WRLiloPlugin.dll"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe
c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\program files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
.
**************************************************************************
.
Celkový čas: 2013-10-21 19:50:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-21 17:50
ComboFix2.txt 2011-12-28 10:31
.
Před spuštěním: Volných bajtů: 15 453 712 384
Po spuštění: Volných bajtů: 18 143 059 968
.
- - End Of File - - 89017A64274ADCB231A69F45B26B74C3
64B1E91C5C6C2157642651010728F90F
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Ještě dočistíme. Otevřte poznámkový bloka zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\program files (x86)\YTD
Collect:.
c:\windows\system32\acovcnt.exe
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Firefox::
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
Regnull::
[HKEY_USERS\S-1-5-21-3470727687-1027406370-3241345228-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Applications\dreamweaver.exe\shell\Open]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{84d4e968-0688-4b4d-9659-fb4c4e611232}\Implemented Categories\{71B2D918-2983-47B3-8337-9BEA15F184DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Edit]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Open]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.10\protocol\StdFileEditing\server]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.11\protocol\StdFileEditing\server]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{004BB91A-98DA-406F-BBBF-7A9F122A3AC2}\1.0\0\win32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá plocha po startu Windows Vista
ComboFix 13-10-21.01 - Owner 21.10.2013 22:21:33.6.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2340 [GMT 2:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Owner\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\YTD
c:\program files (x86)\YTD\doc\changelog.cz.txt
c:\program files (x86)\YTD\doc\changelog.en.txt
c:\program files (x86)\YTD\doc\license.txt
c:\program files (x86)\YTD\doc\providers.txt
c:\program files (x86)\YTD\doc\ytd.cz.txt
c:\program files (x86)\YTD\doc\ytd.en.txt
c:\program files (x86)\YTD\locale\cs\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\locale\ru\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\locale\sk\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\msdl_dll.dll
c:\program files (x86)\YTD\rtmpdump_dll.dll
c:\program files (x86)\YTD\setup.exe
c:\program files (x86)\YTD\ytd.exe
c:\program files (x86)\YTD\ytd.exe.manifest
c:\program files (x86)\YTD\ytd.xml
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-21 do 2013-10-21 )))))))))))))))))))))))))))))))
.
.
2013-10-21 20:38 . 2013-10-21 20:42 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-10-21 20:38 . 2013-10-21 20:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-21 20:38 . 2013-10-21 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 16:47 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B5BA74D-D052-42B8-AA44-E6A0B818C148}\mpengine.dll
2013-10-20 20:15 . 2013-10-20 20:15 -------- d-----w- C:\rsit
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-10-20 19:24 . 2013-10-21 16:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-10-18 18:59 . 2013-10-18 18:59 -------- d-----w- c:\users\Owner\AppData\Roaming\SmartInspect
2013-10-18 18:31 . 2013-10-18 19:32 -------- d-----w- c:\users\Owner\AppData\Roaming\LogView
2013-10-18 18:21 . 2013-10-18 18:21 -------- d-----w- c:\program files (x86)\LogView V2
2013-10-16 18:46 . 2013-10-16 18:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird(3)
2013-10-10 18:15 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys
2013-10-10 18:15 . 2013-08-01 04:10 901568 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 18:15 . 2013-08-01 03:37 47104 ----a-w- c:\windows\system32\cdd.dll
2013-10-10 18:12 . 2013-07-04 04:13 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 18:12 . 2013-07-04 04:21 532480 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 18:12 . 2013-06-26 23:00 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 18:12 . 2013-06-29 02:25 274944 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 18:12 . 2013-06-29 02:25 95744 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 18:12 . 2013-06-29 02:25 259584 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 18:12 . 2013-06-29 02:25 7552 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 18:12 . 2011-05-05 14:17 49664 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 18:12 . 2011-05-05 14:17 29184 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-25 20:35 . 2013-10-13 21:23 -------- d-----w- c:\users\Owner\AppData\Roaming\YouTube Downloader
2013-09-22 10:23 . 2013-10-21 16:29 -------- d-----w- c:\users\Owner\AppData\Local\Pokki
2013-09-22 10:18 . 2013-09-22 10:19 -------- d-----w- c:\programdata\Freemake
2013-09-22 10:18 . 2013-09-22 10:18 -------- d-----w- c:\program files (x86)\Freemake
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 20:40 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-10-12 08:27 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe
2013-09-29 17:25 . 2012-04-27 17:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-29 17:25 . 2011-10-14 19:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 12:35 . 2009-10-02 20:02 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 14:06 . 2013-08-29 20:29 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-02 04:09 . 2013-08-29 20:29 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2012-12-05 597880]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RT-Updater.lnk - c:\ross-tech\VCDS\VCDS.EXE Update [2010-6-30 899656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2012-11-20 1696824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2010-08-15 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe
c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\program files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
.
**************************************************************************
.
Celkový čas: 2013-10-21 22:54:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-21 20:54
ComboFix2.txt 2013-10-21 17:50
.
Před spuštěním: Volných bajtů: 17 894 236 160
Po spuštění: Volných bajtů: 17 341 132 800
.
- - End Of File - - 867445314C633E436356F0B97A0E972A
64B1E91C5C6C2157642651010728F90F
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2340 [GMT 2:00]
Spuštěný z: c:\users\Owner\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Owner\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\YTD
c:\program files (x86)\YTD\doc\changelog.cz.txt
c:\program files (x86)\YTD\doc\changelog.en.txt
c:\program files (x86)\YTD\doc\license.txt
c:\program files (x86)\YTD\doc\providers.txt
c:\program files (x86)\YTD\doc\ytd.cz.txt
c:\program files (x86)\YTD\doc\ytd.en.txt
c:\program files (x86)\YTD\locale\cs\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\locale\ru\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\locale\sk\LC_MESSAGES\default.mo
c:\program files (x86)\YTD\msdl_dll.dll
c:\program files (x86)\YTD\rtmpdump_dll.dll
c:\program files (x86)\YTD\setup.exe
c:\program files (x86)\YTD\ytd.exe
c:\program files (x86)\YTD\ytd.exe.manifest
c:\program files (x86)\YTD\ytd.xml
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-21 do 2013-10-21 )))))))))))))))))))))))))))))))
.
.
2013-10-21 20:38 . 2013-10-21 20:42 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-10-21 20:38 . 2013-10-21 20:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-21 20:38 . 2013-10-21 20:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 16:47 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B5BA74D-D052-42B8-AA44-E6A0B818C148}\mpengine.dll
2013-10-20 20:15 . 2013-10-20 20:15 -------- d-----w- C:\rsit
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2013-10-20 19:24 . 2013-10-21 16:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-10-20 19:24 . 2013-10-20 19:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-10-18 18:59 . 2013-10-18 18:59 -------- d-----w- c:\users\Owner\AppData\Roaming\SmartInspect
2013-10-18 18:31 . 2013-10-18 19:32 -------- d-----w- c:\users\Owner\AppData\Roaming\LogView
2013-10-18 18:21 . 2013-10-18 18:21 -------- d-----w- c:\program files (x86)\LogView V2
2013-10-16 18:46 . 2013-10-16 18:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird(3)
2013-10-10 18:15 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys
2013-10-10 18:15 . 2013-08-01 04:10 901568 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 18:15 . 2013-08-01 03:37 47104 ----a-w- c:\windows\system32\cdd.dll
2013-10-10 18:12 . 2013-07-04 04:13 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 18:12 . 2013-07-04 04:21 532480 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 18:12 . 2013-06-26 23:00 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 18:12 . 2013-06-29 02:25 274944 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 18:12 . 2013-06-29 02:25 95744 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 18:12 . 2013-06-29 02:25 259584 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 18:12 . 2013-06-29 02:25 7552 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 18:12 . 2011-05-05 14:17 49664 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 18:12 . 2011-05-05 14:17 29184 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-25 20:35 . 2013-10-13 21:23 -------- d-----w- c:\users\Owner\AppData\Roaming\YouTube Downloader
2013-09-22 10:23 . 2013-10-21 16:29 -------- d-----w- c:\users\Owner\AppData\Local\Pokki
2013-09-22 10:18 . 2013-09-22 10:19 -------- d-----w- c:\programdata\Freemake
2013-09-22 10:18 . 2013-09-22 10:18 -------- d-----w- c:\program files (x86)\Freemake
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 20:40 . 2008-10-31 11:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-10-12 08:27 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe
2013-09-29 17:25 . 2012-04-27 17:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-29 17:25 . 2011-10-14 19:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 12:35 . 2009-10-02 20:02 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 14:06 . 2013-08-29 20:29 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-02 04:09 . 2013-08-29 20:29 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:58 466944 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll" [2010-02-25 466944]
.
[HKEY_CLASSES_ROOT\clsid\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
[HKEY_CLASSES_ROOT\DocumentExporterIE.DEIE]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2008-07-25 2701880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2012-12-05 597880]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
RT-Updater.lnk - c:\ross-tech\VCDS\VCDS.EXE Update [2010-6-30 899656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AF9035BDA;GIGABYTE U7200 DVB-T Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e88d1d51-70d0-4a24-b58c-b509d39fdbb9}]
2010-02-25 08:59 664576 ----a-w- c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da153d37-a57e-4f22-a649-6aeef4a10c28}"= "c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader64.dll" [2010-02-25 664576]
.
[HKEY_CLASSES_ROOT\CLSID\{da153d37-a57e-4f22-a649-6aeef4a10c28}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2012-11-20 1696824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{22B54AE0-66FC-4D7E-83F8-4ECE0C335344} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\DocumentExporterIE.IEModule.18796293.js
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - {98B1071E-3F73-40C1-9F04-256AE8C7B5DF} - c:\program files (x86)\AssistMyTeam\Document Exporter for Internet Explorer\adxloader.dll
TCP: DhcpNameServer = 217.117.209.1 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9qqpuh0e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2010-08-15 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files (x86)\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe
c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
c:\program files (x86)\Canon\CAL\CALMAIN.exe
c:\program files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
.
**************************************************************************
.
Celkový čas: 2013-10-21 22:54:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-21 20:54
ComboFix2.txt 2013-10-21 17:50
.
Před spuštěním: Volných bajtů: 17 894 236 160
Po spuštění: Volných bajtů: 17 341 132 800
.
- - End Of File - - 867445314C633E436356F0B97A0E972A
64B1E91C5C6C2157642651010728F90F
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe . Pc se stále po té obnově chová tak, jak má?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Černá plocha po startu Windows Vista
Odinstalace provedena.
Ano, PC nabehne vcetne kompletni plochy vcetne vsech nalezitosti Dokonce je start PC rychlejsi.
Moc dekuji za pomoc
Ano, PC nabehne vcetne kompletni plochy vcetne vsech nalezitosti
Dokonce je start PC rychlejsi.Moc dekuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Černá plocha po startu Windows Vista
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?