pro Motji

[W1ll.1.4M]

http://william.ic.cz/log.txt

[motji]

Něco tam vidím.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[W1ll.1.4M]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6117

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8080.16413

21.3.2011 15:39:02
mbam-log-2011-03-21 (15-38-54).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 483933
Uplynulý čas: 1 hodin, 36 minut, 19 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Expekt Poker (PUP.Casino) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Poker\expekt poker\_setupcasino_73de0.exe (PUP.Casino) -> No action taken.

Tudíž čisto...

[motji]

Smažte.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[W1ll.1.4M]

Bohužel, mám Windows 7 x64 Ultimate, tudíž s Combofixem se nemá rád.

[motji]

Ale má , copak Vám píše?
Na win7 64b už combofix nějakou chvíli běží.

[W1ll.1.4M]

Error - Win32 Only

Incompatible OS. ComboFix only works for workstations with Windows 2000 and XP.

[motji]

Zkuste ho spustit v komaptibilitě s xp, nebo ještě v nouzovém režimu, předtím ho přejmenujte na cokoliv.com

[W1ll.1.4M]

Jako .com se to nakonec povedlo:

ComboFix 11-03-21.02 - W1ll.1.4M 01.12.2010 13:49:22.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4094.2632 [GMT 1:00]
Spuštěný z: c:\users\W1ll.1.4M\Desktop\ComboFix.com
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Disabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-22 do 2011-03-22 )))))))))))))))))))))))))))))))
.
.
2011-03-22 12:54 . 2011-03-22 12:54 -------- d-----w- c:\users\W1LL1~1~4M\AppData\Local\temp
2011-03-22 12:54 . 2011-03-22 12:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-21 19:07 . 2011-01-13 01:20 7844688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-21 19:07 . 2011-02-10 22:31 7947600 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05034A6E-097E-4CFE-B886-B50439838D8C}\mpengine.dll
2011-03-21 19:06 . 2011-03-21 19:05 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E4A4973-306A-45F8-8A0D-C445939B9187}\gapaengine.dll
2011-03-21 19:02 . 2011-03-21 19:02 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-03-21 19:02 . 2011-03-21 19:02 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-21 13:02 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-21 13:01 . 2011-03-21 13:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-21 00:41 . 2011-03-22 01:43 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2011-03-20 19:28 . 2011-03-20 19:29 -------- d-----w- c:\program files\trend micro
2011-03-20 19:28 . 2011-03-20 19:28 -------- d-----w- C:\rsit
2011-03-20 14:43 . 2011-03-20 14:43 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\StokedBigAir
2011-03-19 18:51 . 2010-11-15 06:15 243216 ----a-w- c:\windows\system32\drivers\scrcamhrdrv_x64.sys
2011-03-19 18:39 . 2011-03-19 18:39 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\Vara Software
2011-03-19 18:39 . 2011-03-19 18:42 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\Wirecast
2011-03-19 18:39 . 2011-03-19 18:39 -------- d-----w- c:\programdata\Telestream
2011-03-19 18:39 . 2011-03-19 18:39 -------- d-----w- c:\programdata\eSellerate
2011-03-19 18:39 . 2011-03-19 18:39 -------- d-----w- c:\program files (x86)\Common Files\eSellerate
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-03-19 18:37 . 2011-03-19 18:37 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-03-19 18:36 . 2011-03-19 18:37 -------- d-----w- c:\program files (x86)\QuickTime
2011-03-19 18:36 . 2011-03-19 18:36 -------- d-----w- c:\programdata\Apple Computer
2011-03-19 18:36 . 2011-03-19 18:36 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-19 18:36 . 2011-03-19 18:36 -------- d-----w- c:\users\W1ll.1.4M\AppData\Local\Apple
2011-03-19 18:35 . 2011-03-19 18:35 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-19 18:35 . 2011-03-19 18:35 -------- d-----w- c:\programdata\Apple
2011-03-19 18:29 . 2011-03-19 18:55 -------- d-----w- c:\program files (x86)\ScreenCamera
2011-03-19 15:27 . 2011-03-19 15:27 -------- d-----w- c:\users\W1ll.1.4M\AppData\Local\3DMGAME
2011-03-18 13:14 . 2011-03-18 13:14 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\Kalypso Media
2011-03-16 23:29 . 2011-03-16 23:29 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\PunkBuster
2011-03-13 13:40 . 2006-11-01 23:30 87552 ----a-w- C:\BootSect.exe
2011-03-12 22:35 . 2011-03-12 22:35 -------- d-----w- c:\users\W1ll.1.4M\AppData\Local\Ubisoft
2011-03-11 23:29 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-03-11 23:29 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-03-11 23:29 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-03-11 23:29 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-11 23:29 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-03-11 08:38 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-11 08:38 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-11 08:38 . 2010-12-23 10:42 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-11 08:38 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-11 08:38 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-11 08:38 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-11 08:38 . 2010-12-23 05:54 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-11 08:38 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-11 08:34 . 2011-03-16 14:26 -------- d-----w- c:\program files (x86)\nLite
2011-03-08 16:09 . 2011-03-08 16:09 -------- d-----w- c:\program files (x86)\directx
2011-03-08 15:26 . 2011-03-08 15:58 -------- d-----w- c:\users\W1ll.1.4M\AppData\Roaming\Gearbox Software
2011-03-07 18:58 . 2011-03-07 19:26 -------- d-----w- c:\programdata\BioWare
2011-03-07 18:54 . 2011-03-22 01:42 -------- d-----w- c:\programdata\Media Center Programs
2011-03-05 13:55 . 2011-03-05 13:55 -------- d-----w- c:\users\W1ll.1.4M\AppData\Local\EA Games
2011-03-03 18:28 . 2011-03-03 18:28 -------- d-----w- c:\windows\Saints Row 2 Update 2
2011-03-03 17:52 . 2011-03-03 17:52 -------- d-----w- C:\_Supernatural
2011-03-03 17:51 . 2011-03-03 17:51 43168 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-03-03 17:51 . 2011-03-03 17:51 311968 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\SysWow64\xfcodec.dll
2011-02-26 01:19 . 2011-02-26 01:19 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2011-02-24 15:06 . 2011-02-24 15:06 -------- d-----w- c:\windows\system32\SPReview
2011-02-24 15:04 . 2011-02-24 15:04 -------- d-----w- c:\windows\system32\EventProviders
2011-02-24 15:00 . 2010-11-20 13:27 750080 ----a-w- c:\windows\system32\TSWorkspace.dll
2011-02-24 14:59 . 2010-11-20 13:32 2217856 ----a-w- c:\windows\system32\bootres.dll
2011-02-24 14:58 . 2010-11-20 13:02 7168 ----a-w- c:\windows\system32\KBDUS.DLL
2011-02-24 14:57 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-02-24 14:57 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-02-24 14:57 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-02-24 14:56 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-02-24 14:56 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-02-24 14:56 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-02-24 14:56 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-02-23 11:45 . 2011-02-23 11:45 -------- d-----w- c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2011-02-23 11:31 . 2011-01-07 12:17 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 11:31 . 2011-01-07 12:17 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 11:31 . 2011-01-07 07:46 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 11:31 . 2011-01-07 07:46 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-20 19:02 . 2011-02-20 19:02 -------- d-----w- c:\programdata\ATI
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-21 17:31 . 2011-03-21 17:31 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-03-21 17:31 . 2011-03-21 17:31 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-03-17 12:16 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-16 23:29 . 2010-01-07 15:15 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-16 23:29 . 2010-01-07 15:15 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-12 21:55 . 2010-02-05 00:43 219128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-02-24 15:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-24 15:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-02 20:40 . 2010-05-25 14:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-26 23:00 . 2010-11-21 03:19 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-01-26 22:59 . 2009-12-11 20:34 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-26 22:54 . 2009-11-25 03:15 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-26 22:53 . 2009-11-25 03:15 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-01-26 22:49 . 2010-11-21 03:19 4105728 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-01-26 22:40 . 2009-11-25 03:04 4847616 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-26 22:20 . 2009-12-11 20:11 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:12 . 2009-12-11 19:50 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-26 22:12 . 2010-11-21 03:19 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-01-26 22:12 . 2010-11-21 03:19 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-26 22:12 . 2010-11-21 03:19 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-01-11 20:21 . 2010-06-01 17:00 362784 ----a-w- c:\windows\system32\guard64.dll
2011-01-11 20:21 . 2010-06-01 17:00 285480 ----a-w- c:\windows\SysWow64\guard32.dll
2011-01-11 20:21 . 2010-06-01 17:00 89840 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-11 20:21 . 2010-06-01 17:00 39888 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-11 20:21 . 2010-06-04 09:55 250008 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-11 20:21 . 2010-06-01 17:00 14184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-07 12:14 . 2011-02-09 21:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 09:20 . 2011-02-09 21:39 366592 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 07:45 . 2011-02-09 21:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:43 . 2011-02-09 21:39 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:56 . 2011-02-09 21:40 3129344 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDDHealth"="c:\program files (x86)\HDD Health\hddhealth.exe" [2008-06-15 1692672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Core Temp"="c:\users\W1ll.1.4M\Desktop\CoreTemp64\Core Temp.exe" [2009-08-05 472592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
.
c:\users\W1ll.1.4M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2011-2-26 3502992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R1 sensorsview;sensorsview;c:\program files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [x]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Desura\Desura\desura_service.exe [2011-02-08 820032]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
R3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Filetrace;FileTrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 iaStorV;Intel RAID Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [x]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
R3 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 PCWinSoft;ScreenCamera HR;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [x]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [x]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
R4 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 dk3drv;DK3 Windows NT Driver;c:\windows\SYSTEM32\Drivers\dk3drv64.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [x]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [x]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-22 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-08-23 13:11]
.
2011-03-22 c:\windows\Tasks\AWC Startup.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2010-08-23 15:19]
.
2011-03-16 c:\windows\Tasks\AWC Update.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-08-23 14:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 13:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-26 8866120]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/skins7/
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.64.0.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.27.2.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
AddRemove-BattlEye - d:\arma 2 operation arrowheadexpansion\BattlEye\UnInstallBE.exe
AddRemove-Expekt Poker - c:\poker\Expekt Poker\_SetupCasino_73de0.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\W1ll.1.4M\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1552257933-2295933713-556497643-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e2,c2,18,72,4f,d5,35,78,c6,f7,c5,79,7f,d7,43,d9,ea,cd,f4,8c,1c,d6,dd,
f4,db,72,9f,d7,e9,fa,c5,a5,1c,9a,91,5d,c8,ca,25,6f,81,fb,80,18,06,74,34,98,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-1552257933-2295933713-556497643-1000\Software\SecuROM\License information*]
"datasecu"=hex:45,56,a9,2d,7d,3e,4e,91,18,e8,04,b0,7a,e5,30,0b,75,19,c8,c8,d4,
dd,cc,cd,c8,a8,36,51,a2,8c,48,3c,57,1f,5b,14,a9,ce,ab,f0,cf,ad,13,93,ec,c8,\
"rkeysecu"=hex:57,47,1d,98,5e,db,a8,64,f9,4b,d5,a8,0b,c1,b5,85
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-22 13:57:14
ComboFix-quarantined-files.txt 2011-03-22 12:57
.
Před spuštěním: Volných bajtů: 21 041 557 504
Po spuštění: Volných bajtů: 21 845 336 064
.
- - End Of File - - C3DA0F456C70B51BFF49EC0E4F255D74

[motji]

Co počítač?

[W1ll.1.4M]

Žádné příznaky nebyly ani předtím, takže pořád stejně OK.

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[W1ll.1.4M]

Hotovo, Ccleaner používám čas od času, tempy taky mažu. Díky

Jinak registry mi tuším čistí Advanced System Care, co tu mám.

[motji]

ASC bych na registry moc nepoužívala, občas maže co nemá.
Ještě poprosím o ten log ze rsitu.

[W1ll.1.4M]

Tak se u mě z ničeho nic objevil problém.

Po nabootování Windows se mi objeví Welcome, dál už jenom černá obrazovka a pohyblivý kurzor. Včera jsem počítač normálně vypnul, dneska tohle. Funguje mi jen Safe Mode.

EDIT: Už ani safe mode, tudíž asi reinstall.