problem z pc

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[erik182]

ComboFix 14-01-27.02 - Erik 29.01.14 19:54:33.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.6142.4353 [GMT 1:00]
Running from: c:\users\Erik\Desktop\ComboFix.exe
Command switches used :: c:\users\Erik\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((( Files Created from 2013-12-28 to 2014-01-29 )))))))))))))))))))))))))))))))
.
.
2014-01-29 19:03 . 2014-01-29 19:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-29 19:03 . 2014-01-29 19:03 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-01-29 19:03 . 2014-01-29 19:03 -------- d-----w- c:\users\TEMP.PC-Krtko\AppData\Local\temp
2014-01-29 19:03 . 2014-01-29 19:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-29 18:51 . 2014-01-22 14:52 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2014-01-29 18:51 . 2014-01-22 14:52 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-29 18:51 . 2014-01-22 14:52 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2014-01-29 18:51 . 2014-01-22 14:52 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-01-29 18:51 . 2014-01-22 14:52 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-29 18:51 . 2014-01-22 14:52 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-29 18:51 . 2014-01-22 14:52 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-29 18:47 . 2014-01-29 18:47 421704 ----a-w- c:\windows\system32\drivers\wbvaoudd.sys
2014-01-29 18:47 . 2014-01-29 18:47 421704 ----a-w- c:\windows\system32\drivers\vvjaennh.sys
2014-01-29 17:40 . 2014-01-22 14:52 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2014-01-29 17:40 . 2014-01-22 14:52 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-29 17:40 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-01-29 17:40 . 2014-01-22 14:52 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-01-29 17:40 . 2014-01-22 14:52 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-29 17:40 . 2014-01-22 14:51 295544 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-29 17:40 . 2014-01-22 14:51 41664 ----a-w- c:\windows\avastSS.scr
2014-01-29 17:40 . 2011-01-13 08:21 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2014-01-29 17:39 . 2014-01-29 17:39 -------- d-----w- C:\OETemp
2014-01-29 15:19 . 2014-01-29 17:49 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7AF4FDA8-69BD-416B-91DD-D10EC4043CF9}\offreg.dll
2014-01-29 14:45 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7AF4FDA8-69BD-416B-91DD-D10EC4043CF9}\mpengine.dll
2014-01-29 09:44 . 2014-01-29 09:44 -------- d-----w- c:\users\Erik\AppData\Local\Microsoft Games
2014-01-29 08:02 . 2014-01-29 08:02 -------- d-----w- c:\users\Erik\AppData\Roaming\NVIDIA
2014-01-29 07:59 . 2014-01-29 07:59 -------- d-----w- c:\users\UpdatusUser.PC-Krtko
2014-01-29 07:52 . 2013-01-18 15:00 6390048 ----a-w- c:\windows\system32\nvcpl.dll
2014-01-29 07:52 . 2013-01-18 15:00 3460896 ----a-w- c:\windows\system32\nvsvc64.dll
2014-01-29 07:52 . 2013-01-18 15:00 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2014-01-29 07:52 . 2013-01-18 15:00 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-01-29 07:52 . 2013-01-18 15:00 2953448 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-29 07:52 . 2013-01-18 15:00 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2014-01-29 07:52 . 2013-01-18 15:00 118560 ----a-w- c:\windows\system32\nvmctray.dll
2014-01-28 21:39 . 2014-01-28 21:39 -------- d-----w- C:\rsit
2014-01-28 15:43 . 2014-01-28 15:43 -------- d-----w- c:\users\Erik\AppData\Roaming\PDF Architect
2014-01-28 15:00 . 2014-01-28 17:55 -------- d-----w- C:\AdwCleaner
2014-01-28 14:55 . 2014-01-28 21:39 -------- d-----w- c:\program files\trend micro
2014-01-28 14:51 . 2014-01-28 14:51 -------- d-----w- c:\program files (x86)\PDF Architect
2014-01-28 14:51 . 2013-04-09 13:13 110264 ----a-w- c:\windows\system32\pdfcmon.dll
2014-01-28 14:51 . 2012-05-05 09:54 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2014-01-28 14:51 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2014-01-28 14:51 . 2014-01-28 14:54 -------- d-----w- c:\program files (x86)\PDFCreator
2014-01-28 14:51 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2014-01-27 23:28 . 2014-01-27 23:28 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-01-27 23:27 . 2014-01-27 23:27 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-01-27 21:52 . 2014-01-27 21:52 -------- d-----w- c:\users\Erik\AppData\Roaming\LavasoftStatistics
2014-01-27 21:44 . 2014-01-29 19:04 -------- d-----w- c:\programdata\Avira
2014-01-27 21:44 . 2014-01-29 19:04 -------- d-----w- c:\program files (x86)\Avira
2014-01-27 21:41 . 2014-01-27 21:41 -------- d-----w- c:\programdata\BitDefender
2014-01-27 21:22 . 2014-01-27 21:22 -------- d-----w- c:\program files\Lavasoft
2014-01-27 21:20 . 2014-01-27 21:20 -------- d-----w- c:\programdata\Lavasoft
2014-01-27 18:22 . 2014-01-27 18:22 -------- d-----w- c:\users\Erik\AppData\Roaming\GHISLER
2014-01-27 08:38 . 2014-01-27 08:38 -------- d-----w- c:\windows\system32\wbem\Framework\root\OpenHardwareMonitor
2014-01-26 12:16 . 2014-01-29 07:53 -------- d-----w- c:\users\Erik\AppData\Local\NVIDIA Corporation
2014-01-26 12:15 . 2014-01-26 12:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-22 11:26 . 2014-01-27 22:29 -------- d-----w- c:\program files\COMODO
2014-01-22 11:25 . 2014-01-22 11:29 -------- d-----w- c:\program files (x86)\Comodo
2014-01-21 15:44 . 2013-08-11 14:40 43520 --s-a-w- c:\windows\SysWow64\nircmdc.exe
2014-01-18 08:20 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 07:34 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 07:34 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 07:34 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 07:34 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 07:34 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 07:34 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 07:34 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 07:34 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 07:34 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-10 22:34 . 2014-01-10 22:34 -------- d-----w- c:\users\Erik\AppData\Local\WarThunder
2014-01-10 22:34 . 2014-01-10 22:34 -------- d-----w- c:\programdata\WarThunder
2014-01-10 15:30 . 2014-01-22 17:34 -------- d-----w- c:\users\Erik\AppData\Roaming\VSO
2014-01-10 15:30 . 2014-01-10 15:30 -------- d-----w- c:\users\Erik\AppData\Roaming\ObviousIdea
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-01-03 14:08 . 2014-01-03 14:08 1050112 ----a-w- c:\windows\core.exe
2014-01-03 09:46 . 2014-01-03 09:47 -------- d-----w- c:\program files (x86)\WYSIWYG Web Builder 9
2014-01-03 09:07 . 2014-01-03 09:45 -------- d-----w- c:\program files (x86)\WaveMaker
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-29 19:05 . 2011-02-19 13:18 25640 ----a-w- c:\windows\gdrv.sys
2014-01-21 19:34 . 2012-05-11 07:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-21 19:34 . 2011-06-09 13:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 22:27 . 2011-02-20 22:56 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-18 05:13 . 2011-02-19 13:20 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-28 16:03 . 2013-11-28 16:03 4346744 ----a-w- c:\windows\proxy.exe
2013-11-26 16:12 . 2013-11-26 16:12 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 16:12 . 2013-11-26 16:12 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 16:12 . 2013-11-26 16:12 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 16:12 . 2013-11-26 16:12 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 16:12 . 2013-11-26 16:12 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 16:12 . 2013-11-26 16:12 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 16:12 . 2013-11-26 16:12 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 16:12 . 2013-11-26 16:12 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 16:12 . 2013-11-26 16:12 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 16:12 . 2013-11-26 16:12 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 16:12 . 2013-11-26 16:12 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 16:12 . 2013-11-26 16:12 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 16:12 . 2013-11-26 16:12 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 16:12 . 2013-11-26 16:12 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 16:12 . 2013-11-26 16:12 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-26 16:12 . 2013-11-26 16:12 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 16:12 . 2013-11-26 16:12 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 16:12 . 2013-11-26 16:12 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 16:12 . 2013-11-26 16:12 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 16:12 . 2013-11-26 16:12 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 16:12 . 2013-11-26 16:12 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-26 16:12 . 2013-11-26 16:12 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 16:12 . 2013-11-26 16:12 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 16:12 . 2013-11-26 16:12 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 16:12 . 2013-11-26 16:12 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 16:12 . 2013-11-26 16:12 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 16:12 . 2013-11-26 16:12 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 16:12 . 2013-11-26 16:12 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 16:12 . 2013-11-26 16:12 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 16:12 . 2013-11-26 16:12 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 16:12 . 2013-11-26 16:12 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 16:12 . 2013-11-26 16:12 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 16:12 . 2013-11-26 16:12 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 16:12 . 2013-11-26 16:12 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 16:12 . 2013-11-26 16:12 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 16:12 . 2013-11-26 16:12 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 16:12 . 2013-11-26 16:12 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 16:12 . 2013-11-26 16:12 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 16:12 . 2013-11-26 16:12 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 16:12 . 2013-11-26 16:12 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 16:12 . 2013-11-26 16:12 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 16:12 . 2013-11-26 16:12 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 16:12 . 2013-11-26 16:12 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 16:12 . 2013-11-26 16:12 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 16:12 . 2013-11-26 16:12 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 16:12 . 2013-11-26 16:12 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 16:12 . 2013-11-26 16:12 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 16:12 . 2013-11-26 16:12 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 16:12 . 2013-11-26 16:12 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 16:12 . 2013-11-26 16:12 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 16:12 . 2013-11-26 16:12 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 16:12 . 2013-11-26 16:12 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 16:12 . 2013-11-26 16:12 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 16:12 . 2013-11-26 16:12 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 16:12 . 2013-11-26 16:12 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 16:12 . 2013-11-26 16:12 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 16:12 . 2013-11-26 16:12 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 16:12 . 2013-11-26 16:12 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 16:12 . 2013-11-26 16:12 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 11:54 . 2013-12-11 22:22 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 22:22 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 22:22 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 22:22 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 22:22 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 22:22 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 22:22 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 22:22 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 22:22 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 22:22 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 22:22 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 22:22 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 22:22 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 22:22 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 22:22 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 22:22 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 22:22 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 22:22 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-11 22:22 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 22:22 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 22:22 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 22:22 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 22:22 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 22:22 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 19:06 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 19:06 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-21 21:45 . 2013-11-21 21:45 4422144 ----a-w- c:\windows\cuda.exe
2013-11-12 02:23 . 2013-12-11 19:06 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 19:06 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-14 15:54 220632 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-14 15:54 220632 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-14 15:54 220632 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-15 6563608]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-07-26 844656]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-07-18 578560]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Steam"="e:\games\Steam\Steam.exe" [2014-01-27 1815976]
"uTorrent"="c:\users\Erik\AppData\Roaming\uTorrent\uTorrent.exe" [2014-01-23 905296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2010-07-01 56064]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2014-01-22 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2013-6-22 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2013-7-10 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2013-7-10 675840]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS;c:\windows\SYSNATIVE\Drivers\NSHE.SYS [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys;c:\windows\SYSNATIVE\DRIVERS\snp325.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys;c:\windows\SYSNATIVE\drivers\aswFW.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe;c:\program files\Alwil Software\Avast5\afwServ.exe [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWFW
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 19:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-05 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
[HKEY_CLASSES_ROOT\tGBandObj.tGBandObjClass]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-14 15:54 244696 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-14 15:54 244696 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-14 15:54 244696 ----a-w- c:\users\Erik\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-22 14:51 133840 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{41BA7BDF-69D5-4B10-B9D1-F3A6E7EC3E68}: NameServer = 195.146.128.60,195.146.132.59
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\core.exe
c:\windows\proxy.exe
c:\program files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2014-01-29 20:20:37 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-29 19:20
ComboFix2.txt 2014-01-29 17:33
ComboFix3.txt 2014-01-28 22:44
.
Pre-Run: 353 998 442 496 bytes free
Post-Run: 354 134 704 128 bytes free
.
- - End Of File - - 4D9AFE553D969FB46ED1ED9A4488F9BF
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

[erik182]

nie nenastala pokial bezi taskman vsetko je ok akonahle ho vypnem cele sa to zacne sekat

[Rudy]

Co jste instaloval těsně před tím, než se problém objevil?

[erik182]

aktualizoval som ovladace k grafickej karte ale boli stahovane z oficialnej stranky nvidia

[erik182]

a sestra si stahovala subor vraj to mala byt zoskenovana knizka alebo nieco take ale ten ja som to hned odinstaloval a smazal
http://www.ulozto.sk/xsJjtetg/media-a-s ... va-pdf-zip

[Rudy]

Ano, je to nějaká kniha. Co s tím mám dělat. Log to není a virus také ne. Virový problém to není. Zkuste ta ovladače ještě jednou přeinstalovat.

[erik182]

to som uz skusal preinstalovat tie drivery za starsie co tam boli predtym
... ten subor neni knizka je tam v tom zipe nejaky exe subor

[Rudy]

Tím se to pravděpodobně otevírá. Pokud nebyl otevřen, nemohl jste PC zavirovat, i kdyby to virus byl.

[erik182]

praveze byl otevren a ten program nainstalovan pak zamnou prisla a vravela ze jej to nejde ... tak som to odinstaloval a zmazal

[Rudy]

ComobFix nic neukázal (kromě několika alternate data streams, které odstranil). V dočištění jsme jen odemkli zamčené klíče. V PC by neměl virus být. Který proces nejvíce PC zatěžuje?

[erik182]

praveze toto nemozem zistit lebo ked spustiim taskmanager tak problem prestane a nezatazuje tak procesor ako grafiku aj ked nic grafickeho nebezi hned od startu systemu

[Rudy]

Stáhněte, nainstalujte a spusťte ProcessExplorer: http://www.stahuj.centrum.cz/utility_a_ ... -explorer/ . Je to sofistikovanější taskmanager a lze z něj určit kromě zátěže, ještě další věci. Z něj pak vyčtěte inkriminovaný proces.