VIRY.CZ

Stahnete SytemLook (viz muj podpis) a ulozte jej na plochu

• Do okna vlozte skript nize

• Kód: Vybrat vše

  :dir
  "%userprofile%\desktop /s

• Kliknete na Look
• Tlacitko Look se zmeni na Scanning a zsedne
• Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
• Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

zde je log: SystemLook 30.07.11 by jpshortstuff
Log created at 18:00 on 11/12/2011 by Mirek
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

"C:\Users\Mirek\desktop - Unable to find folder.

-= EOF =-

Pouzijte tuto verzi SL http://jpshortstuff.247fixes.com/SystemLook_x64.exe pro 64bit s nasledujicim skripten

zde je log:
SystemLook 30.07.11 by jpshortstuff
Log created at 18:09 on 11/12/2011 by Mirek
Administrator - Elevation successful

========== dir ==========

C:\Users\Mirek\Desktop - Parameters: "/s"

---Files---
ANNO 2070.lnk --a---- 658 bytes [08:22 04/12/2011] [08:22 04/12/2011]
desktop.ini --ahs-- 486 bytes [22:43 02/11/2010] [13:03 27/10/2011]
DxDiag.txt --a---- 29733 bytes [16:05 20/12/2010] [16:05 20/12/2010]
děepis - pomocné vědy.docx --a---- 15415 bytes [20:54 08/12/2011] [20:54 08/12/2011]
OTL.exe --a---- 584192 bytes [09:37 10/12/2011] [09:36 10/12/2011]
Počítač.lnk --a---- 359 bytes [16:06 03/11/2010] [16:06 03/11/2010]
SystemLook.txt --a---- 0 bytes [17:09 11/12/2011] [17:09 11/12/2011]
SystemLook_x64.exe --a---- 165376 bytes [17:08 11/12/2011] [17:08 11/12/2011]
The Settlers 6.lnk --a---- 1860 bytes [10:45 09/10/2011] [10:45 09/10/2011]
Wow.lnk --a---- 1482 bytes [16:22 23/10/2011] [16:22 23/10/2011]
WoWScrnShot_100211_202618.jpg --a---- 450806 bytes [15:31 15/10/2011] [18:26 02/10/2011]

C:\Users\Mirek\Desktop\Games dr----- [14:12 04/11/2010]
28 kviz.lnk --a---- 3063 bytes [17:30 11/05/2011] [17:30 11/05/2011]
Anno 1404.lnk --a---- 196 bytes [15:54 26/11/2010] [17:30 25/11/2010]
Bus Driver.lnk --a---- 1243 bytes [15:55 25/12/2010] [15:55 25/12/2010]
Cataclysm.lnk --a---- 1557 bytes [19:30 23/10/2011] [19:30 23/10/2011]
Cities In Motion.lnk --a---- 1027 bytes [12:41 05/05/2011] [12:41 05/05/2011]
Cities XL 2011.lnk --a---- 2285 bytes [18:45 07/05/2011] [18:45 07/05/2011]
Command & Conquer™ Red Alert™ 3 Uprising.lnk --a---- 2123 bytes [14:56 24/12/2010] [14:56 24/12/2010]
desktop.ini --ahs-- 115 bytes [16:27 05/11/2010] [16:27 05/11/2010]
Disciples III.lnk --a---- 1188 bytes [12:25 15/06/2011] [12:25 15/06/2011]
Euro Truck Simulator.lnk --a---- 1999 bytes [12:39 20/03/2011] [12:39 20/03/2011]
Gothic III.lnk --a---- 1898 bytes [14:26 04/11/2010] [14:26 04/11/2010]
Kolekce The Sims™ 3 Moje městečko.lnk --a---- 2342 bytes [09:14 02/08/2011] [09:14 02/08/2011]
Kolekce The Sims™ 3 Zahradní mejdan.lnk --a---- 2362 bytes [15:33 28/07/2011] [15:33 28/07/2011]
Kolekce The Sims™ 3 Na plný plyn.lnk --a---- 2332 bytes [14:34 04/12/2010] [14:34 04/12/2010]
Need for Speed™ Undercover.lnk --a---- 2094 bytes [19:37 29/12/2010] [19:37 29/12/2010]
Stronghold 2.lnk --a---- 2158 bytes [08:13 23/07/2011] [12:15 26/07/2011]
The Sims 2 Noční život.lnk --a---- 2258 bytes [21:37 10/12/2010] [21:37 10/12/2010]
The Sims 2 Univerzita.lnk --a---- 2249 bytes [21:22 10/12/2010] [21:22 10/12/2010]
The Sims 2 Ve světě podnikání.lnk --a---- 2321 bytes [21:43 10/12/2010] [21:43 10/12/2010]
The Sims 2.lnk --a---- 2125 bytes [21:08 10/12/2010] [21:08 10/12/2010]
The Sims™ 2 H&M® Móda Kolekce.lnk --a---- 2312 bytes [09:19 11/12/2010] [09:19 11/12/2010]
The Sims™ 2 IKEA® Domov Kolekce.lnk --a---- 2355 bytes [16:51 12/12/2010] [16:51 12/12/2010]
The Sims™ 2 Mazlíčci.lnk --a---- 2231 bytes [17:43 14/12/2010] [17:43 14/12/2010]
The Sims™ 2 Pro luxusní život - Kolekce.lnk --a---- 2402 bytes [22:15 10/12/2010] [22:15 10/12/2010]
The Sims™ 2 Roční období.lnk --a---- 2267 bytes [22:20 10/12/2010] [22:20 10/12/2010]
The Sims™ 2 Volný čas.lnk --a---- 2265 bytes [22:27 10/12/2010] [22:27 10/12/2010]
The Sims™ 2 Šťastnou cestu.lnk --a---- 2310 bytes [22:07 10/12/2010] [22:07 10/12/2010]
The Sims™ 2 Život v bytě.lnk --a---- 2292 bytes [09:25 11/12/2010] [09:25 11/12/2010]
The Sims™ 3 Cestovní horečka.lnk --a---- 2274 bytes [15:58 24/11/2010] [15:58 24/11/2010]
The Sims™ 3 Hrátky osudu.lnk --a---- 2252 bytes [17:48 27/07/2011] [17:48 27/07/2011]
The Sims™ 3 Luxusní bydlení – Kolekce.lnk --a---- 2364 bytes [19:11 28/11/2010] [19:11 28/11/2010]
The Sims™ 3 Povolání snů.lnk --a---- 2252 bytes [18:48 03/12/2010] [18:48 03/12/2010]
The Sims™ 3.lnk --a---- 2086 bytes [12:43 20/11/2010] [12:43 20/11/2010]
The Sims™ 3 Po setmění.lnk --a---- 2232 bytes [12:54 26/07/2011] [12:54 26/07/2011]
Traktor 2.lnk --a---- 783 bytes [16:27 16/06/2011] [16:27 16/06/2011]

C:\Users\Mirek\Desktop\Programy dr----- [18:44 04/11/2010]
1-Click Cleaner.lnk --a---- 1986 bytes [05:48 16/09/2011] [05:48 16/09/2011]
Adobe Photoshop CS5 (64 Bit).lnk --a---- 1079 bytes [14:37 18/08/2011] [14:37 18/08/2011]
Adobe Reader 9.lnk --a---- 2018 bytes [11:59 30/06/2011] [11:59 30/06/2011]
Allok Video to MP4 Converter.lnk --a---- 1147 bytes [16:04 16/08/2011] [16:04 16/08/2011]
Audacity.lnk --a---- 947 bytes [19:59 16/02/2011] [19:59 16/02/2011]
Canon Easy-PrintToolBox.lnk --a---- 2088 bytes [15:15 05/11/2010] [15:15 05/11/2010]
Canon IJ Poznámky pro Windows Vista.lnk --a---- 2280 bytes [15:14 05/11/2010] [15:14 05/11/2010]
CCleaner.lnk --a---- 1021 bytes [12:10 25/11/2011] [10:54 25/11/2011]
DAEMON Tools Lite.lnk --a---- 1954 bytes [15:43 05/11/2010] [15:43 05/11/2010]
Defraggler.lnk --a---- 1728 bytes [14:04 15/09/2011] [14:04 15/09/2011]
desktop.ini --ahs-- 115 bytes [16:28 05/11/2010] [16:28 05/11/2010]
DivX Movies.lnk --a---- 1575 bytes [07:29 25/11/2011] [07:29 25/11/2011]
DivX Plus Converter.lnk --a---- 2120 bytes [07:27 25/11/2011] [07:29 25/11/2011]
DivX Plus Player.lnk --a---- 1116 bytes [07:27 25/11/2011] [07:27 25/11/2011]
Driver Genius Professional Edition.lnk --a---- 1115 bytes [10:13 04/08/2011] [10:13 04/08/2011]
EA Download Manager.lnk --a---- 1262 bytes [10:46 20/11/2010] [12:54 20/11/2010]
Easy-PhotoPrint.lnk --a---- 2061 bytes [15:15 05/11/2010] [15:15 05/11/2010]
Format Factory.lnk --a---- 1071 bytes [15:32 16/08/2011] [15:32 16/08/2011]
GameSpy Arcade.lnk --a---- 1000 bytes [10:41 23/01/2011] [10:41 23/01/2011]
Google Chrome.lnk --a---- 2278 bytes [18:42 04/11/2010] [18:42 04/11/2010]
Google Earth.lnk --a---- 2216 bytes [14:11 21/11/2011] [14:11 21/11/2011]
HD Tune.lnk --a---- 930 bytes [18:36 07/10/2011] [18:36 07/10/2011]
ICQ7.6.lnk --a---- 1828 bytes [09:17 05/11/2011] [09:17 05/11/2011]
iP1800 series Příručka online.lnk --a---- 2332 bytes [15:14 05/11/2010] [15:14 05/11/2010]
iTunes.lnk --a---- 1787 bytes [09:02 27/07/2011] [09:02 27/07/2011]
MacX HD Video Converter Pro For Windows.lnk --a---- 1514 bytes [16:35 05/11/2011] [16:35 05/11/2011]
Mozilla Firefox.lnk --a---- 1943 bytes [18:45 22/11/2010] [18:45 22/11/2010]
Nero StartSmart.lnk --a---- 2762 bytes [18:18 21/03/2011] [18:18 21/03/2011]
Online Video Hunter Pro.lnk --a---- 1299 bytes [17:03 25/11/2010] [17:03 25/11/2010]
PDFCreator.lnk --a---- 1035 bytes [11:52 30/06/2011] [11:52 30/06/2011]
QuickTime Player.lnk --a---- 1849 bytes [20:14 13/11/2011] [20:14 13/11/2011]
Samsung New PC Studio.lnk --a---- 2162 bytes [14:47 05/11/2010] [14:47 05/11/2010]
Samsung S5230 Wallpaper Creator.lnk --a---- 3071 bytes [16:57 10/11/2010] [16:57 10/11/2010]
Skype.lnk --a---- 2533 bytes [07:31 01/09/2011] [07:59 01/09/2011]
Stellarium.lnk --a---- 1931 bytes [18:14 14/11/2011] [18:14 14/11/2011]
TeamSpeak 3 Client.lnk --a---- 1173 bytes [09:44 13/02/2011] [09:44 13/02/2011]
vegas90 – zástupce.lnk --a---- 1601 bytes [19:56 21/12/2010] [19:56 21/12/2010]
VLC media player.lnk --a---- 1070 bytes [19:03 28/11/2010] [19:03 28/11/2010]
Windows 7 Manager.lnk --a---- 1945 bytes [05:48 16/09/2011] [05:48 16/09/2011]
YouTube Downloader.lnk --a---- 1126 bytes [15:52 21/05/2011] [15:52 21/05/2011]
µTorrent.lnk --a---- 947 bytes [14:11 05/11/2010] [14:12 05/11/2010]

-= EOF =-

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

zde je log:

ComboFix 11-12-10.01 - Mirek 11.12.2011 18:42:45.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3956.2541 [GMT 1:00]
Spuštěný z: c:\users\Mirek\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-11 do 2011-12-11 )))))))))))))))))))))))))))))))
.
.
2011-12-11 17:52 . 2011-12-11 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-11 17:01 . 2011-12-11 17:01 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4881F7E5-04FC-4B5E-8CAD-FBF1AEF2F764}\offreg.dll
2011-12-11 09:55 . 2011-12-11 09:55 -------- d-----w- C:\_OTL
2011-12-11 09:46 . 2011-12-11 09:46 -------- d-----w- C:\568349b535d02d81eb2633cc56ab5d
2011-12-10 11:32 . 2008-07-10 15:33 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2011-12-10 11:30 . 2011-12-10 11:31 -------- d-----w- c:\program files\Microsoft SQL Server
2011-12-10 11:30 . 2011-12-10 11:30 -------- d-----w- c:\windows\SysWow64\1033
2011-12-10 11:30 . 2011-12-10 11:30 -------- d-----w- c:\windows\system32\1033
2011-12-10 11:26 . 2011-12-10 11:26 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2011-12-10 11:25 . 2011-12-10 11:25 -------- d-----w- c:\program files\Microsoft SDKs
2011-12-10 11:25 . 2011-12-10 11:25 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2011-12-10 10:58 . 2008-07-10 15:33 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2011-12-10 10:53 . 2011-12-10 11:30 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2011-12-10 10:50 . 2011-12-10 11:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2011-12-09 20:51 . 2011-12-09 20:51 -------- d-----w- c:\users\Mirek\AppData\Local\SKIDROW
2011-12-09 14:39 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4881F7E5-04FC-4B5E-8CAD-FBF1AEF2F764}\mpengine.dll
2011-11-25 07:30 . 2011-11-25 07:30 -------- d-----w- c:\users\Mirek\AppData\Local\DDMSettings
2011-11-24 17:55 . 2011-11-24 17:55 -------- d-----w- c:\users\Mirek\AppData\Roaming\VitySoft
2011-11-22 16:50 . 2011-11-22 16:50 -------- d-----w- c:\program files\iPod
2011-11-22 16:50 . 2011-11-22 16:51 -------- d-----w- c:\program files\iTunes
2011-11-22 16:50 . 2011-11-22 16:51 -------- d-----w- c:\program files (x86)\iTunes
2011-11-14 18:15 . 2011-11-14 18:15 -------- d-----w- c:\users\Mirek\AppData\Local\stellarium
2011-11-14 18:14 . 2011-11-14 18:15 -------- d-----w- c:\users\Mirek\AppData\Roaming\Stellarium
2011-11-14 18:14 . 2011-11-14 18:14 -------- d-----w- c:\program files (x86)\Stellarium
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-11 10:04 . 2010-12-01 13:34 44544 ----a-w- c:\windows\SysWow64\agremove.exe
2011-12-11 09:56 . 2010-08-02 04:51 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2011-11-28 18:01 . 2011-05-07 18:53 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-05-07 18:53 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-05-07 18:54 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-05-07 18:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-05-07 18:54 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-05-07 18:54 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-05-07 18:54 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-05-07 18:54 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-05-07 18:54 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 14:21 . 2010-11-03 04:08 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2011-10-10 17:01 . 2011-08-04 10:30 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-10-05 05:10 . 2011-05-21 07:39 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 03:06 . 2010-11-07 18:25 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 16:37 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 04:03 . 2011-11-09 16:37 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 2 (0x2)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-04 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-04 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AntUpdaterService;Ant Toolbar updater service;c:\program files (x86)\Ant.com\IE add-on\AntUpdaterService.exe [2011-06-29 520216]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-04 520760]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-06-10 324608]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 2107176]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-08-28 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page =
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - c:\program files (x86)\Ant.com\IE add-on\download.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\zk3xes55.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2E924F4F-67F0-4BD8-9560-49F468E843D2}"=hex:51,66,7a,6c,4c,1d,38,12,21,4c,81,
2a,c2,29,b6,0e,ea,76,0a,b4,6d,b6,07,c6
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{346FDE31-DFF9-418A-90C8-BA31DC9FF2EF}"=hex:51,66,7a,6c,4c,1d,38,12,5f,dd,7c,
30,cb,91,e4,04,ef,de,f9,71,d9,c1,b6,fb
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:52,fb,24,61,7f,36,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,35,40,55,6d,1a,00,6d,4f,b8,72,e7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,35,40,55,6d,1a,00,6d,4f,b8,72,e7,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-12-11 18:55:07
ComboFix-quarantined-files.txt 2011-12-11 17:55
.
Před spuštěním: Volných bajtů: 237 012 963 328
Po spuštění: Volných bajtů: 236 884 480 000
.
- - End Of File - - 2A6A94FF1ECFF92C72780C2BEF6DA5AF

Otestujte disk pomoci HD Tune co tam mate

a co potom?

Jak disk dopadl? Nejaka zluta\cervena polozka v casti Health? ci nejake cervene policko v casti Error Scan

ne, jen zelena policka, zbytek take v poradku, ale ten start počítače je hrozný pořád černé obrazovky a potom se nejdřív načte spodní lišta, pak pozadí a pak ikony s rozestupem několika desítek sekund možná i munut.

Start do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) je jaky

Je to stejně pomalé, a prosím abych už nemusel restartovávat počítač, každý strat je pomalejší než ten předchozí. Díky

To vypada na poskozenou HW cast - deska, RAMky

Jak se to mohlo stát a co mám dělat?

Co je pricinou se na dalku tezko zjistuje, mohlo byt poskozeno napajeni - zahaprovalo napajeni v siti, vytekl nejaky kondenzator atd atd atd...moznosti je spousty...

Zrejme nezbyde nez navsteva odborneho servisu