Problém při obnovení systému win7

[spajkovec]

Dobrý den chtěl bych se zeptat.Chtěl jsem dnes spustit obnovení systému.Vše šlo jak má.Ale na konci, když se mi spustila plocha naskočila tabulka, kde bylo napsáno obnovení nebylo úspěšné. Nevíte co s tím ??? Předem děkuji za odpovědi

[stell]

Zdravim
Tam mas to napisane, pretoze nedoslo k zmene v systeme, system windows nema co obnovovat.
TJ,bod obnovy co si pouzil suhlasi so sucasnym systemom.
Ak chces predsa sa hrat,obnovovat, vyber duhy bod obnovy, alebo nainstaluj daco,odinstaluj daco,restartuj pocitac.Ale nevidim v tom ziadnu logiku, preto ze zasa obnovis stav co teraz mas.

[spajkovec]

Zdravim
Tam mas to napisane, pretoze nedoslo k zmene v systeme, system windows nema co obnovovat.
TJ,bod obnovy co si pouzil suhlasi so sucasnym systemom.
Ak chces predsa sa hrat,obnovovat, vyber duhy bod obnovy, alebo nainstaluj daco,odinstaluj daco,restartuj pocitac.Ale nevidim v tom ziadnu logiku, preto ze zasa obnovis stav co teraz mas.

To jsem už zkoušel.Udělat si noví bod obnovení nebo jsem zkoušel i obnovit ze starších dat, ale nepomáhá to.Mám obavy kdyby se stalo něco na PC že už to nevrátím.

[stell]

Akoze nie, vsak ti pisem, ak dojde k zmene v systeme, tak body obnovenia budu funkcne.
Este mozes dat prekontrolovat pc na Havet.
Vloz log z RSIT do sekcie http://forum.viry.cz/viewforum.php?f=13
http://forum.viry.cz/viewtopic.php?f=13&t=105895

[spajkovec]

info.txt logfile of random's system information tool 1.09 2012-11-03 08:47:24

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
-->C:\ProgramData\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe /CODEC
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ABC 3GP/MP4 Converter 3.00-->C:\Program Files\ABC 3GP Converter\uninst.exe
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin
Adobe Reader X (10.1.4) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Advanced SystemCare 5-->"C:\Program Files\IObit\Advanced SystemCare 5\unins000.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD Accelerated Video Transcoding-->MsiExec.exe /X{75BB238C-BAA9-6E79-F4B9-3100127500E4}
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
AMD Catalyst Install Manager-->msiexec /q/x{62A6A9B3-0CA2-6A17-A78B-918346A10C8B} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{736F1518-E5E6-0AC3-AD58-41CD8AD592EE}
AMD Media Foundation Decoders-->MsiExec.exe /X{2C5030F2-83A2-60D1-5BE3-902793E1AFF1}
AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{38580E5E-AF78-4536-AD1E-6A62661372C5}
AVG 2012-->MsiExec.exe /I{B69C390B-826F-473C-86EB-7AD4950818C3}
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Catalyst Control Center - Branding-->MsiExec.exe /I{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combat Arms EU-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -game:50340359 -locale:EU
Company of Heroes-->MsiExec.exe /X{D4D244D1-05E0-4D24-86A2-B2433C435671}
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
ETDWare PS/2-x86 7.0.5.11_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Euro Truck Simulator 2-->"C:\Program Files\Euro Truck Simulator 2\unins000.exe"
Game Booster 3-->"C:\Program Files\IObit\Game Booster 3\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\22.0.1229.94\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8303}
Cheat Engine 6.2-->"C:\Program Files\Cheat Engine 6.2\unins000.exe"
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8-->MsiExec.exe /X{6F8A555E-F2E1-415D-AD8A-67C0A7671029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nexon Game Manager-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:0 -locale:EU -load_from_local
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwu.dll,WuUninstall
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
O2-->"C:\Program Files\O2\O2CZ\Uninstall.exe"
Pandora Service-->"C:\Program Files\PANDORA.TV\PanService\unins000.exe"
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C8F44A46-5C2F-43D8-A0E7-B32E098EDA63}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71190DF4-8724-4A56-9054-AE97FDC57115}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Smart Defrag 2-->"C:\Program Files\IObit\Smart Defrag 2\unins000.exe"
Software Bluetooth WIDCOMM-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {406B16EF-A2B2-4DB3-8A27-D20349B71617}
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8B689F89-5E1C-4DA9-B2B1-7B3843275596}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {824C8467-C873-4D17-BDA5-80578FBF3D0A}
USB2.0 UVC VGA WebCam-->C:\Windows\snuninst.exe /name='USB2.0 UVC VGA WebCam'
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x86-brcm-blpm.inf_x86_neutral_b26cc61bd153837c\bcbtums-win7x86-brcm-blpm.inf
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x86-brcm.inf_x86_neutral_4dc7938065743d06\bcbtums-win7x86-brcm.inf
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums32.inf_x86_neutral_b8810cb80e0c55de\bcbtums32.inf
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-vistax86-brcm.inf_x86_neutral_a622a4701b0a8e59\bcbtums-vistax86-brcm.inf
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid32.inf_x86_neutral_6c4f31312ffe9ed6\bcbthid32.inf
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\Common Files\Ulead Systems\MPEG
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 6 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0603
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\

-----------------EOF-----------------



Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2012-11-03 08:46:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 209 GB (68%) free of 305 GB
Total RAM: 2814 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:47:22, on 3.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Downloads\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.searchonme.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.searchonme.com/
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (file missing)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\User\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: (no name) - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [vProt] c:\program files\avg secure search\vprot.exe
O4 - HKLM\..\Run: [RtHDVCpl] c:\program files\realtek\audio\hda\rthdvcpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] c:\program files\common files\adobe\arm\1.0\adobearm.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe" /m
O4 - HKCU\..\Run: [uTorrent] "c:\program files\utorrent\utorrent.exe" /minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{95E12BC3-6AAC-4053-86FE-E0E4D2A28037}: NameServer = 78.136.128.4 78.136.128.12
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IntelliAdmin Cron Service (icronsvr) - Unknown owner - C:\Program Files\IntelliAdmin\Cron\icronsvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe

--
End of file - 8113 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}]
Help the General-Search Project - C:\Users\User\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL [2011-12-07 428544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}
{8769adce-dba5-48e9-afb5-67b12cdf2e61}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"HF_G_Jul"=C:\Program Files\AVG Secure Search\HF_G_Jul.exe [2012-07-18 36960]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"vProt"=c:\program files\avg secure search\vprot.exe [2012-07-09 1107552]
"RtHDVCpl"=c:\program files\realtek\audio\hda\rthdvcpl.exe [2010-05-13 9210400]
"Adobe ARM"=c:\program files\common files\adobe\arm\1.0\adobearm.exe [2012-07-27 919008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe [2012-07-31 428928]
"uTorrent"=c:\program files\utorrent\utorrent.exe [2012-06-03 880528]
"Steam"=C:\Program Files\Steam\Steam.exe -silent []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-03 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-03 08:46:42 ----DC---- C:\rsit
2012-11-03 08:46:42 ----DC---- C:\Program Files\trend micro
2012-11-02 20:50:03 ----DC---- C:\Program Files\Cheat Engine 6.2
2012-10-31 22:45:06 ----DC---- C:\Program Files\IntelliAdmin
2012-10-31 22:42:42 ----A---- C:\Windows\system32\RemoteExecute.exe
2012-10-30 18:15:23 ----D---- C:\Users\User\AppData\Roaming\ParetoLogic
2012-10-30 18:15:23 ----D---- C:\Users\User\AppData\Roaming\DriverCure
2012-10-30 18:15:03 ----D---- C:\ProgramData\ParetoLogic
2012-10-30 15:17:43 ----D---- C:\ProgramData\ATI
2012-10-30 15:12:31 ----D---- C:\ProgramData\AMD
2012-10-30 15:12:30 ----DC---- C:\Program Files\AMD AVT
2012-10-30 15:12:27 ----DC---- C:\Program Files\AMD APP
2012-10-30 15:12:21 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-10-30 14:55:40 ----DC---- C:\AMD
2012-10-30 14:47:58 ----DC---- C:\Program Files\THQ
2012-10-27 17:44:55 ----A---- C:\Users\User\AppData\Roaming\C0A8.exe
2012-10-26 18:55:17 ----D---- C:\ProgramData\RELOADED
2012-10-25 16:40:33 ----A---- C:\Windows\NeroDigital.ini
2012-10-21 20:18:52 ----DC---- C:\Program Files\Euro Truck Simulator 2
2012-10-17 20:46:22 ----A---- C:\Windows\IsUninst.exe
2012-10-12 22:22:21 ----D---- C:\Users\User\AppData\Roaming\Sp@rrow
2012-10-12 21:58:40 ----D---- C:\ProgramData\Premium
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-12 14:16:26 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-12 14:16:26 ----A---- C:\Windows\system32\winsrv.dll
2012-10-12 14:16:26 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-12 14:16:26 ----A---- C:\Windows\system32\kernel32.dll
2012-10-12 14:16:26 ----A---- C:\Windows\system32\conhost.exe
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-12 14:16:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-12 14:16:24 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-12 14:16:24 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-12 14:16:24 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-12 14:16:18 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-10 14:07:42 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 14:07:39 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 14:07:32 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 14:07:32 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 14:07:31 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 14:07:21 ----A---- C:\Windows\system32\kerberos.dll
2012-10-10 14:07:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-10 14:07:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-09 20:45:41 ----DC---- C:\Ps
2012-10-04 16:40:20 ----DC---- C:\Program Files\Electronic Arts

======List of files/folders modified in the last 1 month======

2012-11-03 08:46:42 ----RDC---- C:\Program Files
2012-11-03 08:44:22 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2012-11-03 08:42:52 ----D---- C:\Windows\temp
2012-11-03 08:42:46 ----D---- C:\Windows\system32\drivers\AVG
2012-11-03 08:42:16 ----D---- C:\ProgramData\MFAData
2012-11-03 08:41:31 ----D---- C:\Windows\system32\config
2012-11-02 18:53:02 ----D---- C:\Windows\system32\drivers
2012-11-02 18:52:36 ----DC---- C:\Call of Duty- Modern Warfare 3
2012-11-02 15:55:08 ----D---- C:\ProgramData\Nexon
2012-11-02 13:18:16 ----D---- C:\Windows\System32
2012-11-02 11:59:02 ----D---- C:\Windows\inf
2012-11-02 11:59:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-02 11:54:41 ----D---- C:\Windows\system32\catroot2
2012-10-31 22:46:22 ----SHD---- C:\System Volume Information
2012-10-31 20:56:30 ----D---- C:\Windows\debug
2012-10-31 18:58:06 ----D---- C:\Recovery
2012-10-30 18:33:28 ----D---- C:\Windows\Tasks
2012-10-30 18:33:28 ----D---- C:\Windows\system32\Tasks
2012-10-30 18:33:25 ----D---- C:\Program Files\Common Files
2012-10-30 18:15:03 ----D---- C:\ProgramData
2012-10-30 17:04:44 ----D---- C:\Windows\system32\catroot
2012-10-30 16:48:09 ----AD---- C:\Windows
2012-10-30 15:18:00 ----D---- C:\Windows\Prefetch
2012-10-30 15:12:36 ----SHD---- C:\Windows\Installer
2012-10-30 15:12:31 ----SHDC---- C:\Config.Msi
2012-10-30 15:12:07 ----DC---- C:\Program Files\ATI Technologies
2012-10-30 15:09:25 ----RSD---- C:\Windows\assembly
2012-10-30 15:08:34 ----D---- C:\Windows\system32\DriverStore
2012-10-27 17:57:40 ----D---- C:\ProgramData\AVG2012
2012-10-27 17:49:46 ----D---- C:\Users\User\AppData\Roaming\Skype
2012-10-27 10:23:02 ----D---- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2012-10-25 16:40:38 ----D---- C:\Program Files\The KMPlayer
2012-10-19 19:53:20 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-10-19 11:02:32 ----D---- C:\Windows\system32\NDF
2012-10-13 13:09:52 ----D---- C:\Windows\rescache
2012-10-12 21:58:41 ----D---- C:\ProgramData\InstallMate
2012-10-12 18:18:36 ----D---- C:\Windows\winsxs
2012-10-12 18:15:38 ----D---- C:\Windows\system32\cs-CZ
2012-10-10 20:57:08 ----D---- C:\Windows\ModemLogs
2012-10-10 18:09:47 ----D---- C:\ProgramData\Microsoft Help
2012-10-10 18:04:39 ----A---- C:\Windows\system32\MRT.exe
2012-10-09 04:30:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-08 19:58:13 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-07 07:40:29 ----SHDC---- C:\$RECYCLE.BIN
2012-10-07 07:39:49 ----RD---- C:\Users
2012-10-04 18:42:55 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-10-04 17:02:46 ----A---- C:\Windows\system32\pbsvc_bc2.exe
2012-10-04 16:38:46 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-01-20 18048]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 9107968]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 370176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 86056]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 18472]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-12 239168]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 109960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-05-13 3094496]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 119408]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver; C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 98928]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1760384]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 MpKsle4f2b1e0;MpKsle4f2b1e0; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5ACFF929-C19C-4276-B13A-44218F22B1E4}\MpKsle4f2b1e0.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-01-20 271360]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 108048]
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 44544]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-08-11 25280]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-11 595232]
R2 CscService;Offline soubory; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 icronsvr;IntelliAdmin Cron Service; C:\Program Files\IntelliAdmin\Cron\icronsvr.exe [2012-05-18 683656]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-09 935008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe []
S3 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-13 135664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-13 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;BranchCache; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-10-04 76888]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-07-17 529232]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1343400]
S4 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]

-----------------EOF-----------------

[stell]

Ak napisem, aby si vlozil log do inej temy, tak to treba aj spravit.
No nic,ak si uz tu tak co stebou.
1:Odinstalovat z pc cinsky zmatok
Program Files\IObit\Advanced SystemCare

2:1:Stiahni SecurityCheck
Ulož ho na plochu.
Dvakrát kliknite SecurityCheck.exe a postupujte podľa pokynov na obrazovke .
po skonceni skenu Notepad sa automaticky otvorí s názvom checkup.txt,obsah vloz sem.

2:Stiahnite si AdwCleaner
Ulož ho na plochu.

Zatvorte všetky otvorené programy a internetové prehliadače.
Dvakrát kliknite na AdwCleaner.exe na spustenie nástroja.
Klikni na Delete.
Potvrďte zakaždým s Ok.
Počítač sa automaticky reštartuje.
Textový súbor sa otvorí po reštarte.
Ak nie nájsť logfile na C: \ AdwCleaner [S1] txt .
Obsah vloz sem.

3: Stiahni RogueKiller . RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Zatvor vsetky programy
Ak pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dajte Run As Administrator ci Spustiť ako správca
Pockaj na dokončení PreScan
Vyber polozku Prehľadať (scan)
Pockas kym prebehne (scan)
Potom klikni na ""Zmazať"" - vykoná zmazanie nálezov.
Po dokončení klikni na Správa (Report) - otvorí sa log, ten sem vloz
Detailný postup http://forum.viry.cz/viewtopic.php?f=24 ... 1#p1097961


4: Stiahneme OTL exe na plochu a spustime.
http://oldtimer.geekstogo.com/OTL.exe
zafajkneme pro vsechny uzivatele,purity,loop
Nastavenie necháme tak ako je, dole do okna vložte tento skript.
Klikni na gombik OPRAVIT, log vloz sem.

Kód: Vybrat vše

:Files
ipconfig /flushdns /c
:Commands
[resethosts]
[emptytemp]

[spajkovec]

1)Odjinstalováno
2.1) Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````



2)# AdwCleaner v2.006 - Logfile created 11/04/2012 at 18:40:03
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : User - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Media Finder
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Trymedia

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\MyWebSearch
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

-\\ Chromium v [Unable to get version]

*************************

AdwCleaner[S1].txt - [11809 octets] - [04/11/2012 18:40:03]

########## EOF - C:\AdwCleaner[S1].txt - [11870 octets] ##########




3)RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : User [Práva správce]
Mód : Kontrola -- Datum : 11/04/2012 18:50:00

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 19 ¤¤¤
[TASK][SUSP PATH] {45F10D0C-7D05-4F25-93F1-DB2F9299CAEA} : C:\Users\User\Desktop\lotrbfme2-65537-english.exe -> NALEZENO
[TASK][SUSP PATH] {813B61C5-5EBB-45AD-BAEB-00CE004CAA78} : C:\Windows\System32\pcalua.exe -a "C:\Users\User\Desktop\Nová složka\Pán prstenů Bitva o Středozem-CD-Key,crack,cestina\LOTR-BFME_Cestina.exe" -d "C:\Users\User\Desktop\Nová složka\Pán prstenů Bitva o Středozem-CD-Key,crack,cestina" -> NALEZENO
[TASK][SUSP PATH] {D3847494-9A9D-4BCB-B786-CD5451E072EB} : C:\Windows\System32\pcalua.exe -a "C:\Users\User\AppData\Local\Microsoft\Windows\Burn\Burn\Need For Speed Most Wanted Black Edition - HKZonda\dt346.exe" -d "D:\Need For Speed Most Wanted Black Edition - HKZonda" -> NALEZENO
[TASK][SUSP PATH] {E1335604-FC52-40AF-A43C-6808F3847FBB} : C:\Windows\System32\pcalua.exe -a C:\Users\User\Desktop\ETS_setup_1.0_rc3_cz_sk_hu_ro.exe -d C:\Users\User\Desktop -> NALEZENO
[TASK][SUSP PATH] {E204AD10-B112-49A9-A358-364127B4E488} : C:\Users\User\Desktop\LotrBfMe2-65538-english.exe -> NALEZENO
[TASK][SUSP PATH] {F012227A-D29A-4EE9-B763-9FEB0E25A79B} : C:\Windows\System32\pcalua.exe -a C:\Users\User\Desktop\gta_iv_cestina_02.exe -d C:\Users\User\Desktop -> NALEZENO
[TASK][SUSP PATH] {F94CB429-16F3-49AD-A0CD-85C745D9954F} : C:\Windows\System32\pcalua.exe -a C:\Users\User\Desktop\GTA-IV-čeština.exe -d C:\Users\User\Desktop -> NALEZENO
[TASK][SUSP PATH] {FD623A00-7329-4E32-B50D-1A9F3683CCE2} : C:\Windows\System32\pcalua.exe -a C:\Users\User\Desktop\gtasa120cz.exe -d C:\Users\User\Desktop -> NALEZENO
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{95E12BC3-6AAC-4053-86FE-E0E4D2A28037} : NameServer (78.136.128.4 78.136.128.12) -> NALEZENO
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{B4A9E8CF-FD81-48B9-8364-EF52852B0C05} : NameServer (160.218.161.60 194.228.211.33) -> NALEZENO
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{95E12BC3-6AAC-4053-86FE-E0E4D2A28037} : NameServer (78.136.128.4 78.136.128.12) -> NALEZENO
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-80A0RT0 ATA Device +++++
--- User ---
[MBR] 6b96739459362e235682c9d8f01ea1c0
[BSP] 9d90fd19f4bb14627f66db9cd95b9c53 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: JMCR SD/MMC SCSI Disk Device +++++
--- User ---
[MBR] 0884ce6260d0cd1886b40ba044dac525
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8192 | Size: 15482 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: HUAWEI SD Storage USB Device +++++
--- User ---
[MBR] f5dad9b787404b5e4ded5d5ec9febac0
[BSP] 33b95cbff4727ca2e5d14724dcd28bc1 : MBR Code unknown
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_11042012_02d1850.txt >>
RKreport[1]_S_11042012_02d1850.txt



4)All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\User\Desktop\cmd.bat deleted successfully.
C:\Users\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Filda
->Temp folder emptied: 32348 bytes
->Temporary Internet Files folder emptied: 76369 bytes
->Google Chrome cache emptied: 12849961 bytes
->Flash cache emptied: 56504 bytes

User: Public
->Temp folder emptied: 0 bytes

User: User
->Temp folder emptied: 2363399367 bytes
->Temporary Internet Files folder emptied: 114120072 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 4542 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 559521 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1926346 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 6921 bytes

Total Files Cleaned = 2 378,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11042012_185505

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[stell]

Malwarebytes.
http://forum.viry.cz/viewtopic.php?f=29 ... 1#p1031821
Uplny sken, najdene odstranit, log bloz sem.

Combofix.
http://www.bleepingcomputer.com/combofi ... t-combofix
log vloz sem.

[spajkovec]

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.05.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrátor]

5.11.2012 14:42:40
mbam-log-2012-11-05 (14-49-09).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 220311
Uplynulý čas: 5 minut, 25 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\User\AppData\Roaming\C0A8.exe (Trojan.Winlock) -> Žádná instrukce nebyla provedena.

(konec)







ComboFix 12-11-04.01 - User 05.11.2012 14:56:34.4.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2814.1548 [GMT 1:00]
Spuštěný z: c:\users\User\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Roaming\sp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-05 do 2012-11-05 )))))))))))))))))))))))))))))))
.
.
2012-11-05 14:08 . 2012-11-05 14:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-05 14:08 . 2012-11-05 14:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-05 13:33 . 2012-11-05 13:33 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-11-05 13:33 . 2012-11-05 13:33 -------- d-----w- c:\programdata\Malwarebytes
2012-11-05 13:33 . 2012-11-05 13:33 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-05 13:33 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-04 17:55 . 2012-11-04 17:55 -------- dc----w- C:\_OTL
2012-11-03 07:46 . 2012-11-03 07:47 -------- dc----w- c:\program files\trend micro
2012-11-02 19:50 . 2012-11-02 19:50 -------- dc----w- c:\program files\Cheat Engine 6.2
2012-10-31 21:45 . 2012-10-31 21:45 -------- dc----w- c:\program files\IntelliAdmin
2012-10-31 21:42 . 2012-08-07 14:06 188792 ----a-w- c:\windows\system32\RemoteExecute.exe
2012-10-30 17:15 . 2012-10-30 17:15 -------- d-----w- c:\users\User\AppData\Roaming\ParetoLogic
2012-10-30 17:15 . 2012-10-30 17:15 -------- d-----w- c:\users\User\AppData\Roaming\DriverCure
2012-10-30 17:15 . 2012-10-30 17:33 -------- d-----w- c:\programdata\ParetoLogic
2012-10-30 15:52 . 2012-10-30 15:52 -------- d-----w- c:\users\User\AppData\Local\AMD
2012-10-30 14:17 . 2012-10-30 14:17 -------- d-----w- c:\programdata\ATI
2012-10-30 14:12 . 2012-10-30 15:47 -------- d-----w- c:\programdata\AMD
2012-10-30 14:12 . 2012-10-30 14:12 -------- dc----w- c:\program files\AMD AVT
2012-10-30 14:12 . 2012-10-30 14:12 -------- dc----w- c:\program files\AMD APP
2012-10-30 14:12 . 2012-10-30 14:12 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-10-30 13:55 . 2012-10-30 14:04 -------- dc----w- C:\AMD
2012-10-30 13:47 . 2012-10-30 13:47 -------- dc----w- c:\program files\THQ
2012-10-26 17:55 . 2012-10-26 17:55 -------- d-----w- c:\programdata\RELOADED
2012-10-21 19:18 . 2012-10-27 09:32 -------- dc----w- c:\program files\Euro Truck Simulator 2
2012-10-21 19:12 . 2012-10-21 19:12 -------- d-----w- c:\users\User\AppData\Local\Macromedia
2012-10-17 19:46 . 1998-10-02 17:00 327168 ----a-w- c:\windows\IsUninst.exe
2012-10-12 21:22 . 2012-10-12 21:22 -------- d-----w- c:\users\User\AppData\Roaming\Sp@rrow
2012-10-10 13:07 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 13:07 . 2012-09-14 18:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 13:07 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 13:07 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 13:07 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 13:07 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 13:07 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 13:07 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-09 19:45 . 2012-10-09 19:45 -------- dc----w- C:\Ps
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-19 18:53 . 2011-03-15 19:34 139048 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-10-19 18:53 . 2012-09-27 16:18 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-10-19 18:53 . 2012-09-27 15:46 282296 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-10-19 18:51 . 2012-09-27 15:46 215128 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-10-17 15:26 . 2011-07-04 12:37 48648 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-10-17 15:26 . 2011-07-04 12:37 483952 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-11 13:57 . 2011-08-18 16:04 48648 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-10-09 03:30 . 2012-04-17 13:35 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 03:30 . 2011-05-16 17:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-04 17:42 . 2011-03-15 19:34 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-10-04 16:02 . 2011-03-15 19:34 138056 ----a-w- c:\users\User\AppData\Roaming\PnkBstrK.sys
2012-10-04 16:02 . 2012-10-02 18:11 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2012-09-28 14:36 . 2012-09-28 14:36 180224 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\system32\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 02:22 . 2010-04-06 13:40 5557928 ----a-w- c:\windows\system32\atiumdag.dll
2012-09-28 02:20 . 2012-09-28 02:20 9107968 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 58880 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2012-09-28 01:43 . 2010-04-06 14:16 935424 ----a-w- c:\windows\system32\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\system32\atioglxx.dll
2012-09-28 01:39 . 2010-04-06 14:06 6536192 ----a-w- c:\windows\system32\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:38 . 2012-09-28 01:38 473088 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-09-28 01:36 . 2012-09-28 01:36 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-09-28 01:22 . 2010-04-06 13:21 2691584 ----a-w- c:\windows\system32\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-09-28 01:12 . 2012-09-28 01:12 370176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:11 . 2010-04-06 13:22 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-09-28 01:10 . 2010-04-06 13:22 82944 ----a-w- c:\windows\system32\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-06 19:10 . 2011-08-18 16:04 483952 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-24 06:59 . 2012-09-22 17:01 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:01 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 17:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-12 16:31 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 16:31 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 16:31 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 16:31 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12 . 2012-09-26 04:20 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-11 06:34 . 2012-08-11 06:34 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\utorrent\utorrent.exe" [2012-06-03 880528]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"RtHDVCpl"="c:\program files\realtek\audio\hda\rthdvcpl.exe" [2010-05-13 9210400]
"Adobe ARM"="c:\program files\common files\adobe\arm\1.0\adobearm.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
.
R1 MpKsle4f2b1e0;MpKsle4f2b1e0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5ACFF929-C19C-4276-B13A-44218F22B1E4}\MpKsle4f2b1e0.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [x]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 icronsvr;IntelliAdmin Cron Service;c:\program files\IntelliAdmin\Cron\icronsvr.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 03:30]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-13 19:22]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-13 19:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.searchonme.com/
mStart Page = hxxp://search.searchonme.com/
TCP: Interfaces\{95E12BC3-6AAC-4053-86FE-E0E4D2A28037}: NameServer = 78.136.128.4 78.136.128.12
TCP: Interfaces\{B4A9E8CF-FD81-48B9-8364-EF52852B0C05}: NameServer = 160.218.161.60 194.228.211.33
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-704598679-1275456770-3634456987-1000\Software\SecuROM\License information*]
"datasecu"=hex:14,8e,23,2f,4f,8e,ce,d1,9a,1b,f6,85,41,a5,c7,44,24,92,56,7d,4a,
b8,c8,db,af,1e,f0,7d,c8,eb,a9,3c,d5,91,60,3c,d3,bd,56,6d,71,c2,c3,dd,50,4d,\
"rkeysecu"=hex:0d,81,2e,b9,52,06,e3,12,1c,68,b7,e4,fd,05,66,8c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-11-05 15:15:09
ComboFix-quarantined-files.txt 2012-11-05 14:15
.
Před spuštěním: Volných bajtů: 218 335 485 952
Po spuštění: Volných bajtů: 218 338 107 392
.
- - End Of File - - 3D13246E594F808A62384C28A909C2BD

[stell]

Takto, rob co pisem!!!!
Este raz.Malwarebytes-UPLNA KONTROLA A NAJDENE ODSTRANIT.
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.05.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrátor]

5.11.2012 14:42:40
mbam-log-2012-11-05 (14-49-09).txt

Typ: Rychlá kontrola

[spajkovec]

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.05.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrátor]

5.11.2012 15:53:17
mbam-log-2012-11-05 (15-53-17).txt

Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 301321
Uplynulý čas: 1 hodin, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\User\AppData\LocalLow\FunWebProducts\Installr\Cache\009AF9AC.exe (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.

(konec)

[stell]

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:

Kód: Vybrat vše

KILLALL::
Driver::
MpKsle4f2b1e0
AdvancedSystemCareService
DDS::
uStart Page = hxxp://search.searchonme.com/
mStart Page = hxxp://search.searchonme.com/
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
ClearJavaCache::

Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log.

[spajkovec]

ComboFix 12-11-05.01 - User 05.11.2012 17:55:15.5.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2814.1844 [GMT 1:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSLE4F2B1E0
-------\Service_AdvancedSystemCareService
-------\Service_MpKsle4f2b1e0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-05 do 2012-11-05 )))))))))))))))))))))))))))))))
.
.
2012-11-05 17:03 . 2012-11-05 17:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-05 17:03 . 2012-11-05 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-05 14:15 . 2012-11-05 14:15 -------- d-----w- c:\users\Filda
2012-11-05 13:33 . 2012-11-05 13:33 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-11-05 13:33 . 2012-11-05 13:33 -------- d-----w- c:\programdata\Malwarebytes
2012-11-05 13:33 . 2012-11-05 13:33 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-05 13:33 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-04 17:55 . 2012-11-04 17:55 -------- dc----w- C:\_OTL
2012-11-03 07:46 . 2012-11-03 07:47 -------- dc----w- c:\program files\trend micro
2012-11-02 19:50 . 2012-11-02 19:50 -------- dc----w- c:\program files\Cheat Engine 6.2
2012-10-31 21:45 . 2012-10-31 21:45 -------- dc----w- c:\program files\IntelliAdmin
2012-10-31 21:42 . 2012-08-07 14:06 188792 ----a-w- c:\windows\system32\RemoteExecute.exe
2012-10-30 17:15 . 2012-10-30 17:15 -------- d-----w- c:\users\User\AppData\Roaming\ParetoLogic
2012-10-30 17:15 . 2012-10-30 17:15 -------- d-----w- c:\users\User\AppData\Roaming\DriverCure
2012-10-30 17:15 . 2012-10-30 17:33 -------- d-----w- c:\programdata\ParetoLogic
2012-10-30 15:52 . 2012-10-30 15:52 -------- d-----w- c:\users\User\AppData\Local\AMD
2012-10-30 14:17 . 2012-10-30 14:17 -------- d-----w- c:\programdata\ATI
2012-10-30 14:12 . 2012-10-30 15:47 -------- d-----w- c:\programdata\AMD
2012-10-30 14:12 . 2012-10-30 14:12 -------- dc----w- c:\program files\AMD AVT
2012-10-30 14:12 . 2012-10-30 14:12 -------- dc----w- c:\program files\AMD APP
2012-10-30 14:12 . 2012-10-30 14:12 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-10-30 13:55 . 2012-10-30 14:04 -------- dc----w- C:\AMD
2012-10-30 13:47 . 2012-10-30 13:47 -------- dc----w- c:\program files\THQ
2012-10-26 17:55 . 2012-10-26 17:55 -------- d-----w- c:\programdata\RELOADED
2012-10-21 19:18 . 2012-10-27 09:32 -------- dc----w- c:\program files\Euro Truck Simulator 2
2012-10-21 19:12 . 2012-10-21 19:12 -------- d-----w- c:\users\User\AppData\Local\Macromedia
2012-10-17 19:46 . 1998-10-02 17:00 327168 ----a-w- c:\windows\IsUninst.exe
2012-10-12 21:22 . 2012-10-12 21:22 -------- d-----w- c:\users\User\AppData\Roaming\Sp@rrow
2012-10-10 13:07 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 13:07 . 2012-09-14 18:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 13:07 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 13:07 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 13:07 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 13:07 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 13:07 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 13:07 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-09 19:45 . 2012-10-09 19:45 -------- dc----w- C:\Ps
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-19 18:53 . 2011-03-15 19:34 139048 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-10-19 18:53 . 2012-09-27 16:18 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-10-19 18:53 . 2012-09-27 15:46 282296 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-10-19 18:51 . 2012-09-27 15:46 215128 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-10-17 15:26 . 2011-07-04 12:37 48648 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-10-17 15:26 . 2011-07-04 12:37 483952 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-11 13:57 . 2011-08-18 16:04 48648 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-10-09 03:30 . 2012-04-17 13:35 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 03:30 . 2011-05-16 17:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-04 17:42 . 2011-03-15 19:34 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-10-04 16:02 . 2011-03-15 19:34 138056 ----a-w- c:\users\User\AppData\Roaming\PnkBstrK.sys
2012-10-04 16:02 . 2012-10-02 18:11 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2012-09-28 14:36 . 2012-09-28 14:36 180224 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\system32\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 02:22 . 2010-04-06 13:40 5557928 ----a-w- c:\windows\system32\atiumdag.dll
2012-09-28 02:20 . 2012-09-28 02:20 9107968 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 58880 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2012-09-28 01:43 . 2010-04-06 14:16 935424 ----a-w- c:\windows\system32\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\system32\atioglxx.dll
2012-09-28 01:39 . 2010-04-06 14:06 6536192 ----a-w- c:\windows\system32\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:38 . 2012-09-28 01:38 473088 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-09-28 01:36 . 2012-09-28 01:36 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-09-28 01:22 . 2010-04-06 13:21 2691584 ----a-w- c:\windows\system32\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-09-28 01:12 . 2012-09-28 01:12 370176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:11 . 2010-04-06 13:22 109568 ----a-w- c:\windows\system32\atiuxpag.dll
2012-09-28 01:10 . 2010-04-06 13:22 82944 ----a-w- c:\windows\system32\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-06 19:10 . 2011-08-18 16:04 483952 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-24 06:59 . 2012-09-22 17:01 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:01 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:01 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 17:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-12 16:31 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 16:31 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 16:31 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 16:31 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12 . 2012-09-26 04:20 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-11 06:34 . 2012-08-11 06:34 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\utorrent\utorrent.exe" [2012-06-03 880528]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"RtHDVCpl"="c:\program files\realtek\audio\hda\rthdvcpl.exe" [2010-05-13 9210400]
"Adobe ARM"="c:\program files\common files\adobe\arm\1.0\adobearm.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 icronsvr;IntelliAdmin Cron Service;c:\program files\IntelliAdmin\Cron\icronsvr.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 03:30]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-13 19:22]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-13 19:22]
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{95E12BC3-6AAC-4053-86FE-E0E4D2A28037}: NameServer = 78.136.128.4 78.136.128.12
TCP: Interfaces\{B4A9E8CF-FD81-48B9-8364-EF52852B0C05}: NameServer = 160.218.167.5 160.218.161.60
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-704598679-1275456770-3634456987-1000\Software\SecuROM\License information*]
"datasecu"=hex:14,8e,23,2f,4f,8e,ce,d1,9a,1b,f6,85,41,a5,c7,44,24,92,56,7d,4a,
b8,c8,db,af,1e,f0,7d,c8,eb,a9,3c,d5,91,60,3c,d3,bd,56,6d,71,c2,c3,dd,50,4d,\
"rkeysecu"=hex:0d,81,2e,b9,52,06,e3,12,1c,68,b7,e4,fd,05,66,8c
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\program files\AVG\AVG2012\avgcfgex.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\O2\O2CZ\EMMSN.exe
c:\program files\O2\Nori\Nori.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
c:\program files\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2012-11-05 18:14:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-05 17:14
ComboFix2.txt 2012-11-05 14:15
.
Před spuštěním: Volných bajtů: 218 338 045 952
Po spuštění: Volných bajtů: 218 127 880 192
.
- - End Of File - - A6A8CF936DB79B885B198133B2605AE2

[stell]

1:Premenuj ikonu combofixu na uninstall a spust. combofix sa odinstaluje z pc.
2:Odinstaluj Malwarebytes.
3:Spust ADWcleaner a klikni na uninstall.
4:Spust OTL, a klikni na Cleanup.
Ak vsetko funguje ako ma tak to je vsetko.

[spajkovec]

Mockrát děkuju