VIRY.CZ

Omlouvam se ale zase otravuji se stejnym PC...pocitac mi dela uplne to stejne co predtim vse se chova jako kdybych mel zmackli shift. na plose kdyz kliknu na vrchni ikonu a na spodni ikonu zamodri se vsechny to stejny i v pruzkumiku ...vzdycky kdyz chci aby problem na chvilku ustal musim pustit napriklad RSIT dat ze povoluji zmneny v pc a nechat nabehnout na tabulku exit continue pak se da vse doporadku to sami i s avirou kdyz zapnu tak prestane (scan zapnu) ... zacinam litovat ze jsem si tenhle pc nekoupil u normalniho obchodnika ale pres bazar jsem poucen a jeste jednou prosim i kdyz vim ze jsem byl pri minule pomoci upozornen na to ze v mem pc je plno cracku a takove haveti ... prosim jeste o nejakou sanci jsem z toho fakt zoufalej platby radsi nedelam pres net aby se mi neco nestalo s penezma ...mam strach a prosim o pomoc Prochyn davam log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Prochyn at 2012-08-20 20:19:47
Microsoft Windows 7 Ultimate
System drive C: has 51 GB (35%) free of 146 GB
Total RAM: 4095 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:53, on 20.8.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
G:\Hry+Programy\RSIT.exe
C:\Program Files (x86)\trend micro\Prochyn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111434 ... ffe37e8d75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2469519135-902021031-535114647-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2469519135-902021031-535114647-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Free YouTube Download - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7017 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default

prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss ... abTrack&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\extensions\
ffxtlbr@babylon.com
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-08-08 348664]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-20 20:19:47 ----D---- C:\rsit
2012-08-20 20:19:47 ----D---- C:\Program Files (x86)\trend micro
2012-08-19 21:25:03 ----A---- C:\Windows\ntbtlog.txt
2012-08-16 22:23:20 ----D---- C:\Program Files (x86)\Rockstar Games
2012-08-12 21:25:28 ----RHD---- C:\Users\Prochyn\AppData\Roaming\SecuROM
2012-08-12 21:24:57 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll
2012-08-12 21:23:03 ----D---- C:\Windows\SysWOW64\xlive
2012-08-12 21:23:03 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-08-05 22:23:49 ----D---- C:\Users\Prochyn\AppData\Roaming\vlc
2012-08-05 22:23:28 ----D---- C:\Program Files (x86)\VideoLAN
2012-07-31 22:42:20 ----D---- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers
2012-07-31 22:40:52 ----A---- C:\Windows\SysWOW64\Newtonsoft.Json.Net20.dll
2012-07-31 22:40:43 ----D---- C:\Program Files (x86)\DVDVideoSoft
2012-07-31 22:40:43 ----D---- C:\Program Files (x86)\Common Files\DVDVideoSoft
2012-07-31 22:40:08 ----D---- C:\Users\Prochyn\AppData\Roaming\DVDVideoSoft

======List of files/folders modified in the last 1 month======

2012-08-20 20:19:53 ----D---- C:\Windows\Prefetch
2012-08-20 20:19:52 ----D---- C:\Windows\Temp
2012-08-20 20:19:47 ----RD---- C:\Program Files (x86)
2012-08-20 20:13:35 ----D---- C:\Users\Prochyn\AppData\Roaming\Skype
2012-08-20 20:06:20 ----D---- C:\Windows\System32
2012-08-20 20:06:20 ----D---- C:\Windows\inf
2012-08-20 20:01:24 ----D---- C:\ProgramData\NVIDIA
2012-08-20 10:03:09 ----SHD---- C:\System Volume Information
2012-08-20 08:51:08 ----D---- C:\Users\Prochyn\AppData\Roaming\TS3Client
2012-08-19 21:30:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-19 21:29:42 ----SHD---- C:\Windows\Installer
2012-08-19 21:26:52 ----D---- C:\Windows
2012-08-19 21:21:37 ----D---- C:\Users\Prochyn\AppData\Roaming\BitTorrent
2012-08-19 21:17:52 ----D---- C:\Windows\Tasks
2012-08-19 21:16:43 ----D---- C:\Users\Prochyn\AppData\Roaming\DAEMON Tools Lite
2012-08-19 21:16:43 ----D---- C:\Users\Prochyn\AppData\Roaming\.minecraft
2012-08-19 21:16:19 ----D---- C:\Windows\registration
2012-08-19 21:16:12 ----D---- C:\Windows\AppCompat
2012-08-18 23:59:09 ----D---- C:\Windows\Panther
2012-08-18 23:59:08 ----D---- C:\Windows\Logs
2012-08-18 23:59:08 ----D---- C:\Windows\debug
2012-08-16 11:57:26 ----D---- C:\Windows\SysWOW64
2012-08-16 11:57:22 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2012-08-15 19:58:44 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-14 13:53:00 ----RD---- C:\Program Files
2012-08-12 21:25:03 ----HD---- C:\ProgramData
2012-08-12 21:24:33 ----D---- C:\Windows\winsxs
2012-08-12 21:23:49 ----RSD---- C:\Windows\assembly
2012-08-12 16:34:33 ----D---- C:\ProgramData\Skype
2012-08-12 16:34:26 ----RD---- C:\Program Files (x86)\Skype
2012-08-07 09:16:00 ----A---- C:\user.js
2012-08-07 09:15:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-08-07 09:01:24 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2012-07-31 22:40:43 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-07-05 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-06-01 736104]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Prosím moc pomozte mi....

Zdravím,
Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

moc dekuji ze mi pomahate tu je log

ComboFix 12-08-20.02 - Prochyn 20.08.2012 23:00:14.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.4095.3083 [GMT 2:00]
Spuštěný z: c:\users\Prochyn\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-20 do 2012-08-20 )))))))))))))))))))))))))))))))
.
.
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- C:\rsit
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- c:\program files (x86)\trend micro
2012-08-16 20:23 . 2012-08-19 08:22 -------- d-----w- c:\program files (x86)\Rockstar Games
2012-08-14 11:53 . 2012-08-14 11:53 -------- d-----w- c:\program files\CCleaner
2012-08-12 19:25 . 2012-08-12 19:25 -------- d--h--r- c:\users\Prochyn\AppData\Roaming\SecuROM
2012-08-12 19:24 . 2012-08-12 19:24 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-08-07 07:02 . 2012-08-07 07:02 -------- d-----w- c:\program files\LucasArts
2012-08-07 07:01 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-08-07 07:01 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-08-07 07:01 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-08-07 07:01 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-08-05 20:23 . 2012-08-20 20:51 -------- d-----w- c:\users\Prochyn\AppData\Roaming\vlc
2012-08-05 20:23 . 2012-08-05 20:23 -------- d-----w- c:\program files (x86)\VideoLAN
2012-07-31 20:40 . 2012-07-12 15:13 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-31 20:40 . 2012-07-31 20:40 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-07-31 20:40 . 2012-07-31 20:40 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-07-31 20:40 . 2012-07-31 20:42 -------- d-----w- c:\users\Prochyn\AppData\Roaming\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 09:57 . 2012-07-05 09:09 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-16 09:57 . 2012-07-05 07:26 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-15 17:58 . 2012-07-05 06:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 17:58 . 2012-07-05 06:40 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-13 19:09 . 2012-07-05 07:26 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-12 11:58 . 2012-07-12 11:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-05 11:02 . 2012-07-05 07:26 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-05 07:47 . 2012-07-05 07:48 268720 ----a-w- c:\windows\system32\javaws.exe
2012-07-05 07:47 . 2012-07-05 07:47 189360 ----a-w- c:\windows\system32\javaw.exe
2012-07-05 07:47 . 2012-07-05 07:47 188840 ----a-w- c:\windows\system32\java.exe
2012-07-05 07:47 . 2012-07-05 07:48 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-05 07:47 . 2012-07-05 07:48 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 07:26 . 2012-07-05 07:26 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2012-06-18 01:12 . 2012-07-05 06:36 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D44BE3FF-F61E-4E8D-905A-0FB36E019BFD}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-06-01 736104]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d385dcb7-cbf0-11e1-9f9f-00248c4c098d}]
\shell\AutoRun\command - E:\Install.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-05 17:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=111434&tt=3212_5&babsrc=HP_ss&mntrId=24e1a91400000000000000ffe37e8d75
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24e1a91400000000000000ffe37e8d75&tlver=1.6.4.6&instlRef=sst&babTrack&q=
FF - user.js: extensions.BabylonToolbar_i.id - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar_i.hardId - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15529
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111434&tt=3212_5
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar.instlDay - 15559
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.69:15
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-4StoryPrePatch - c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\Software\SecuROM\License information*]
"datasecu"=hex:7b,a9,c3,55,da,50,b5,25,a8,54,7f,f3,35,2a,42,4f,93,92,7a,1e,c9,
02,bc,6d,e6,b5,84,29,c7,96,de,b7,c8,ea,86,2d,62,56,d6,cb,18,d6,7e,fd,bc,6a,\
"rkeysecu"=hex:c3,b2,b2,bd,28,31,6b,2d,45,da,b4,c9,4f,5b,91,4f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Celkový čas: 2012-08-20 23:12:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-20 21:12
.
Před spuštěním: Volných bajtů: 53 695 832 064
Po spuštění: Volných bajtů: 53 555 896 320
.
- - End Of File - - 562C8632AB7E3A6A16BD723C03BB8D9A

Já tu nick špatného nevidím. Změnilo se něco po použití combofixu?

Dekuju zatim vse bezi jak ma ... xD

Ještě se zeptám - tuto stránku používáte dobrovolně nebo ji můžu odmazat?
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss ... abTrack&q=

Stranka me ponekud stve xD uz sem odinstaloval jeji toolbary atak... drive se ukazovala v kazdem nove otevrenem panelu ted se po ni slehla zem xD

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Jelikoz sem byl chvilku mimo tento pocitac....nestihl sem odpovidat za to se moc omlouvam ,ale neudelal jsem nic podle posledniho navodu....protoze jak jsem se k pc dostal z5 bylo to vsechno na novo....potreboval jsem se dostat na net jelikoz mi vzdycky pomohlo jedine to ze jsem treba zapl combofix na tu tabulku s potvrzenim toho ze jsem administrator tak jsem ho zapl a omylem sem nechal projet combofix znovu posilam z nej aspon ten log....

ComboFix 12-08-30.05 - Prochyn 31.08.2012 19:04:42.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.4095.3016 [GMT 2:00]
Spuštěný z: c:\users\Prochyn\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-31 )))))))))))))))))))))))))))))))
.
.
2012-08-31 17:10 . 2012-08-31 17:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-08-31 17:10 . 2012-08-31 17:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-29 14:47 . 2012-08-29 14:47 -------- d-----w- c:\users\Prochyn\AppData\Roaming\Kalydo
2012-08-29 14:38 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-08-29 14:38 . 2012-08-29 14:38 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-08-25 10:01 . 2012-08-25 10:01 -------- d-----w- c:\users\Prochyn\AppData\Local\Adobe
2012-08-25 09:59 . 2012-08-25 09:59 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-08-24 17:56 . 2012-08-31 17:10 -------- d-----w- c:\users\Prochyn\AppData\Local\LogMeIn Hamachi
2012-08-24 11:58 . 2012-08-24 11:58 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-08-24 11:57 . 2012-08-24 11:57 -------- d-----w- c:\windows\PCHEALTH
2012-08-24 11:57 . 2012-08-24 11:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-08-24 11:55 . 2012-08-24 11:55 -------- d-----w- c:\program files\Microsoft Office
2012-08-24 11:55 . 2012-08-24 11:55 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-08-24 11:54 . 2012-08-24 11:54 -------- d-----w- c:\users\Prochyn\AppData\Local\Microsoft Help
2012-08-24 11:54 . 2012-08-24 12:00 -------- d-----w- c:\programdata\Microsoft Help
2012-08-21 21:15 . 2012-08-21 21:37 -------- d-----w- c:\users\Prochyn\AppData\Roaming\.techniclauncher
2012-08-21 20:02 . 2012-08-25 11:16 -------- d-----w- c:\users\Prochyn\AppData\Roaming\.minecraft
2012-08-21 11:07 . 2012-08-21 12:05 -------- d-----w- c:\users\Prochyn\AppData\Local\PMB Files
2012-08-21 11:07 . 2012-08-21 11:13 -------- d-----w- c:\programdata\PMB Files
2012-08-21 11:06 . 2012-08-21 11:06 -------- d-----w- c:\program files (x86)\Pando Networks
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- C:\rsit
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- c:\program files (x86)\trend micro
2012-08-16 20:23 . 2012-08-19 08:22 -------- d-----w- c:\program files (x86)\Rockstar Games
2012-08-14 11:53 . 2012-08-14 11:53 -------- d-----w- c:\program files\CCleaner
2012-08-12 19:25 . 2012-08-12 19:25 -------- d--h--r- c:\users\Prochyn\AppData\Roaming\SecuROM
2012-08-12 19:24 . 2012-08-12 19:24 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-08-07 07:02 . 2012-08-07 07:02 -------- d-----w- c:\program files\LucasArts
2012-08-07 07:01 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-08-07 07:01 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-08-07 07:01 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-08-07 07:01 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-08-05 20:23 . 2012-08-20 20:51 -------- d-----w- c:\users\Prochyn\AppData\Roaming\vlc
2012-08-05 20:23 . 2012-08-05 20:23 -------- d-----w- c:\program files (x86)\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-26 08:35 . 2012-07-05 09:09 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-26 08:35 . 2012-07-05 07:26 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-26 08:34 . 2012-07-05 07:26 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-15 17:58 . 2012-07-05 06:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 17:58 . 2012-07-05 06:40 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 15:13 . 2012-07-31 20:40 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-12 11:58 . 2012-07-12 11:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-05 11:02 . 2012-07-05 07:26 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-05 07:47 . 2012-07-05 07:48 268720 ----a-w- c:\windows\system32\javaws.exe
2012-07-05 07:47 . 2012-07-05 07:47 189360 ----a-w- c:\windows\system32\javaw.exe
2012-07-05 07:47 . 2012-07-05 07:47 188840 ----a-w- c:\windows\system32\java.exe
2012-07-05 07:47 . 2012-07-05 07:48 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-05 07:47 . 2012-07-05 07:48 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 07:26 . 2012-07-05 07:26 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2012-06-18 01:12 . 2012-07-05 06:36 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D44BE3FF-F61E-4E8D-905A-0FB36E019BFD}\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-20_21.07.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-07-24 08:50 . 2006-07-24 08:50 47920 c:\windows\SysWOW64\VBAME.DLL
+ 2006-07-24 08:50 . 2006-07-24 08:50 39728 c:\windows\SysWOW64\SCP32.DLL
+ 2006-10-26 11:10 . 2006-10-26 11:10 33088 c:\windows\SysWOW64\FM20ENU.DLL
+ 2012-07-05 09:33 . 2012-08-29 14:39 22542 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-31 16:57 32526 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-08-24 12:00 . 2006-10-26 17:56 67408 c:\windows\system32\spool\drivers\x64\msonpui.dll
- 2009-07-14 05:30 . 2012-07-12 11:59 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-08-31 16:53 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-03-18 15:35 . 2009-03-18 15:35 33856 c:\windows\system32\drivers\hamachi.sys
+ 2012-07-05 07:36 . 2012-08-31 16:53 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-05 07:36 . 2012-08-16 20:23 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-05 07:36 . 2012-08-16 20:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-07-05 07:36 . 2012-08-31 16:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-16 20:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-31 16:53 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-08-25 09:55 71944 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-07-05 12:07 . 2012-08-31 17:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-05 12:07 . 2012-08-20 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-07-05 12:07 . 2012-08-31 17:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-07-05 12:07 . 2012-08-20 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-08-24 12:00 . 2012-08-24 12:00 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-08-24 11:58 . 2012-08-24 11:58 39624 c:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 72472 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 39704 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 39712 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 60200 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 39728 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 43840 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 16384 c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 11544 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12080 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12104 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12104 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12632 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12104 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12616 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 12616 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 12096 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 12104 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 64288 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 13312 c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 20280 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 35648 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 17208 c:\windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 88896 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 80696 c:\windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 16712 c:\windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 31560 c:\windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2012-08-24 11:58 . 2012-08-24 11:58 82784 c:\windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 65536 c:\windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2012-07-04 22:46 . 2012-08-31 16:57 8200 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2469519135-902021031-535114647-1000_UserData.bin
- 2012-08-20 21:07 . 2012-08-20 21:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-31 17:11 . 2012-08-31 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-31 17:11 . 2012-08-31 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-20 21:07 . 2012-08-20 21:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-24 11:58 . 2012-08-24 11:58 4096 c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 4608 c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2006-10-26 11:45 . 2006-10-26 11:45 293376 c:\windows\SysWOW64\WISPTIS.EXE
+ 2006-07-24 08:50 . 2006-07-24 08:50 125744 c:\windows\SysWOW64\MSSTDFMT.DLL
+ 2012-07-05 04:55 . 2012-08-31 14:30 245230 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-08-24 12:00 . 2006-10-26 17:56 864080 c:\windows\system32\spool\drivers\x64\msonpdrv.dll
- 2009-07-14 02:36 . 2012-08-20 18:06 607190 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-31 17:00 607190 c:\windows\system32\perfh009.dat
+ 2012-07-06 08:01 . 2012-08-31 17:00 622660 c:\windows\system32\perfh005.dat
- 2012-07-06 08:01 . 2012-08-20 18:06 622660 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-08-20 18:06 103568 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-08-31 17:00 103568 c:\windows\system32\perfc009.dat
- 2012-07-06 08:01 . 2012-08-20 18:06 118810 c:\windows\system32\perfc005.dat
+ 2012-07-06 08:01 . 2012-08-31 17:00 118810 c:\windows\system32\perfc005.dat
+ 2009-07-14 04:45 . 2012-08-31 17:11 417632 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:30 . 2012-07-12 11:59 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-08-31 16:53 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:12 . 2012-07-18 10:49 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-08-23 19:20 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-08-31 16:54 401880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-08-24 11:53 . 2012-08-24 11:53 847872 c:\windows\Installer\3c9a12b.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 505856 c:\windows\Installer\3c9a10c.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 507904 c:\windows\Installer\3c9a106.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 515072 c:\windows\Installer\3c9a0ff.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 508928 c:\windows\Installer\3c9a0f9.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 507392 c:\windows\Installer\3c9a0f3.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 507392 c:\windows\Installer\3c9a0ed.msi
+ 2012-08-24 11:54 . 2012-08-24 11:54 217864 c:\windows\Installer\{90120000-006E-0405-0000-0000000FF1CE}\misc.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2012-08-24 11:58 . 2012-08-24 11:58 330520 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 105248 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 211736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 609104 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 367400 c:\windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 118112 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 416544 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2012-08-24 11:58 . 2012-08-24 11:58 229376 c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2012-08-24 11:57 . 2012-08-24 11:57 371496 c:\windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 781104 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 232248 c:\windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 248632 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 920376 c:\windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 146232 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 404296 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 150320 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 110592 c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2006-10-26 12:10 . 2006-10-26 12:10 1190688 c:\windows\SysWOW64\FM20.DLL
+ 2009-07-14 02:34 . 2012-08-25 14:22 9437184 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-08-19 21:38 9437184 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 04:45 . 2012-08-14 13:26 3606945 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-08-24 16:30 3606945 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-08-29 14:38 . 2012-08-29 14:38 3881472 c:\windows\Installer\f920.msi
+ 2011-06-06 20:43 . 2011-06-06 20:43 2328064 c:\windows\Installer\a8eeb.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1645056 c:\windows\Installer\3c9a124.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1658368 c:\windows\Installer\3c9a11e.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1658368 c:\windows\Installer\3c9a118.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1657856 c:\windows\Installer\3c9a112.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 2348544 c:\windows\Installer\3c9a0e7.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1652736 c:\windows\Installer\3c9a0e1.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1646592 c:\windows\Installer\3c9a0db.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 2028544 c:\windows\Installer\3c9a0d5.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 1718784 c:\windows\Installer\3c9a0cf.msi
+ 2012-08-24 11:53 . 2012-08-24 11:53 2397184 c:\windows\Installer\3c9a0c9.msi
+ 2012-08-24 12:00 . 2012-08-24 12:00 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2012-08-24 12:00 . 2012-08-24 12:00 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-08-24 11:57 . 2012-08-24 11:57 1276720 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2012-08-24 11:57 . 2012-08-24 11:57 1612592 c:\windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 8007680 c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2012-08-24 11:58 . 2012-08-24 11:58 1215328 c:\windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
+ 2012-07-05 09:21 . 2012-08-31 16:54 42398988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2469519135-902021031-535114647-1000-8192.dat
+ 2012-08-24 11:53 . 2012-08-24 11:53 18183680 c:\windows\Installer\3c9a134.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe" [2012-05-08 327680]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-05 17:58]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=111434&tt=3212_5&babsrc=HP_ss&mntrId=24e1a91400000000000000ffe37e8d75
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24e1a91400000000000000ffe37e8d75&tlver=1.6.4.6&instlRef=sst&babTrack&q=
FF - user.js: extensions.BabylonToolbar_i.id - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar_i.hardId - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15529
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111434&tt=3212_5
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 24e1a91400000000000000ffe37e8d75
FF - user.js: extensions.BabylonToolbar.instlDay - 15559
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.69:15
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Minecraft Cracked - c:\users\Prochyn\AppData\Roaming\.minecraft\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\Software\SecuROM\License information*]
"datasecu"=hex:7b,a9,c3,55,da,50,b5,25,a8,54,7f,f3,35,2a,42,4f,93,92,7a,1e,c9,
02,bc,6d,e6,b5,84,29,c7,96,de,b7,c8,ea,86,2d,62,56,d6,cb,18,d6,7e,fd,bc,6a,\
"rkeysecu"=hex:c3,b2,b2,bd,28,31,6b,2d,45,da,b4,c9,4f,5b,91,4f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
.
**************************************************************************
.
Celkový čas: 2012-08-31 19:16:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-31 17:16
ComboFix2.txt 2012-08-20 21:12
.
Před spuštěním: Volných bajtů: 45 696 028 672
Po spuštění: Volných bajtů: 45 646 671 872
.
- - End Of File - - 35B1D8B1A49C1022E13B3B9F0EDA9A43

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

ComboFix 12-08-31.02 - Prochyn 31.08.2012 23:35:15.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.4095.2878 [GMT 2:00]
Spuštěný z: c:\users\Prochyn\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Prochyn\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-31 )))))))))))))))))))))))))))))))
.
.
2012-08-31 21:40 . 2012-08-31 21:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-08-31 21:40 . 2012-08-31 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-29 14:47 . 2012-08-29 14:47 -------- d-----w- c:\users\Prochyn\AppData\Roaming\Kalydo
2012-08-29 14:38 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-08-29 14:38 . 2012-08-29 14:38 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-08-25 10:01 . 2012-08-25 10:01 -------- d-----w- c:\users\Prochyn\AppData\Local\Adobe
2012-08-25 09:59 . 2012-08-25 09:59 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-08-24 17:56 . 2012-08-31 21:40 -------- d-----w- c:\users\Prochyn\AppData\Local\LogMeIn Hamachi
2012-08-24 11:58 . 2012-08-24 11:58 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-08-24 11:57 . 2012-08-24 11:57 -------- d-----w- c:\windows\PCHEALTH
2012-08-24 11:57 . 2012-08-24 11:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-08-24 11:55 . 2012-08-24 11:55 -------- d-----w- c:\program files\Microsoft Office
2012-08-24 11:55 . 2012-08-24 11:55 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-08-24 11:54 . 2012-08-24 11:54 -------- d-----w- c:\users\Prochyn\AppData\Local\Microsoft Help
2012-08-24 11:54 . 2012-08-24 12:00 -------- d-----w- c:\programdata\Microsoft Help
2012-08-21 21:15 . 2012-08-21 21:37 -------- d-----w- c:\users\Prochyn\AppData\Roaming\.techniclauncher
2012-08-21 20:02 . 2012-08-25 11:16 -------- d-----w- c:\users\Prochyn\AppData\Roaming\.minecraft
2012-08-21 11:07 . 2012-08-21 12:05 -------- d-----w- c:\users\Prochyn\AppData\Local\PMB Files
2012-08-21 11:07 . 2012-08-21 11:13 -------- d-----w- c:\programdata\PMB Files
2012-08-21 11:06 . 2012-08-21 11:06 -------- d-----w- c:\program files (x86)\Pando Networks
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- C:\rsit
2012-08-20 18:19 . 2012-08-20 18:19 -------- d-----w- c:\program files (x86)\trend micro
2012-08-16 20:23 . 2012-08-19 08:22 -------- d-----w- c:\program files (x86)\Rockstar Games
2012-08-14 11:53 . 2012-08-14 11:53 -------- d-----w- c:\program files\CCleaner
2012-08-12 19:25 . 2012-08-12 19:25 -------- d--h--r- c:\users\Prochyn\AppData\Roaming\SecuROM
2012-08-12 19:24 . 2012-08-12 19:24 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-12 19:23 . 2012-08-12 19:23 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-08-07 07:02 . 2012-08-07 07:02 -------- d-----w- c:\program files\LucasArts
2012-08-07 07:01 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-08-07 07:01 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-08-07 07:01 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-08-07 07:01 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-08-05 20:23 . 2012-08-20 20:51 -------- d-----w- c:\users\Prochyn\AppData\Roaming\vlc
2012-08-05 20:23 . 2012-08-05 20:23 -------- d-----w- c:\program files (x86)\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-26 08:35 . 2012-07-05 09:09 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-26 08:35 . 2012-07-05 07:26 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-26 08:34 . 2012-07-05 07:26 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-15 17:58 . 2012-07-05 06:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 17:58 . 2012-07-05 06:40 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 15:13 . 2012-07-31 20:40 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-12 11:58 . 2012-07-12 11:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-05 11:02 . 2012-07-05 07:26 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-05 07:47 . 2012-07-05 07:48 268720 ----a-w- c:\windows\system32\javaws.exe
2012-07-05 07:47 . 2012-07-05 07:47 189360 ----a-w- c:\windows\system32\javaw.exe
2012-07-05 07:47 . 2012-07-05 07:47 188840 ----a-w- c:\windows\system32\java.exe
2012-07-05 07:47 . 2012-07-05 07:48 955840 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-05 07:47 . 2012-07-05 07:48 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 07:26 . 2012-07-05 07:26 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2012-06-18 01:12 . 2012-07-05 06:36 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D44BE3FF-F61E-4E8D-905A-0FB36E019BFD}\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-08-31_17.12.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-05 09:33 . 2012-08-31 21:00 22974 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-08-31 16:57 32526 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-31 21:00 32526 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-07-05 12:07 . 2012-08-31 21:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-05 12:07 . 2012-08-31 17:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-05 12:07 . 2012-08-31 17:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-05 12:07 . 2012-08-31 21:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-05 09:21 . 2012-08-31 20:57 3032 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-07-04 22:46 . 2012-08-31 17:13 8224 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2469519135-902021031-535114647-1000_UserData.bin
+ 2012-08-31 21:42 . 2012-08-31 21:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-31 17:11 . 2012-08-31 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-31 21:42 . 2012-08-31 21:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-31 17:11 . 2012-08-31 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-08-31 17:00 607190 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-31 21:13 607190 c:\windows\system32\perfh009.dat
+ 2012-07-06 08:01 . 2012-08-31 21:13 622660 c:\windows\system32\perfh005.dat
- 2012-07-06 08:01 . 2012-08-31 17:00 622660 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-08-31 17:00 103568 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-08-31 21:13 103568 c:\windows\system32\perfc009.dat
+ 2012-07-06 08:01 . 2012-08-31 21:13 118810 c:\windows\system32\perfc005.dat
- 2012-07-06 08:01 . 2012-08-31 17:00 118810 c:\windows\system32\perfc005.dat
- 2009-07-14 04:45 . 2012-08-31 17:11 417632 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-08-31 21:42 417632 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:01 . 2012-08-31 16:54 401880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-31 21:40 401880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-05 10:37 . 2012-08-31 20:57 3143000 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2469519135-902021031-535114647-1000-12288.dat
+ 2012-07-05 09:21 . 2012-08-31 21:40 42420521 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2469519135-902021031-535114647-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe" [2012-05-08 327680]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-05 17:58]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Prochyn\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Prochyn\AppData\Roaming\Mozilla\Firefox\Profiles\6njvaud2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2469519135-902021031-535114647-1000\Software\SecuROM\License information*]
"datasecu"=hex:7b,a9,c3,55,da,50,b5,25,a8,54,7f,f3,35,2a,42,4f,93,92,7a,1e,c9,
02,bc,6d,e6,b5,84,29,c7,96,de,b7,c8,ea,86,2d,62,56,d6,cb,18,d6,7e,fd,bc,6a,\
"rkeysecu"=hex:c3,b2,b2,bd,28,31,6b,2d,45,da,b4,c9,4f,5b,91,4f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Celkový čas: 2012-08-31 23:46:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-31 21:46
ComboFix2.txt 2012-08-31 17:16
ComboFix3.txt 2012-08-20 21:12
.
Před spuštěním: Volných bajtů: 45 839 659 008
Po spuštění: Volných bajtů: 45 747 286 016
.
- - End Of File - - 3FB1893FBCE71A39589054E2620D2ABD

Co počítač?

Staci pocitat restartovat a zase vse odznova....navic mi nejdou psat velke pismena pri zmacknuti shift ale jen nektere zde jsem je vypsal...y,x,c,v,t,z ? co s tim provedeme ? xD

Počkejte, kontrkétně zlobí co? Kromě těch písmen.