VIRY.CZ

Caute

Nedavno som si vsimol ze mi nebezi ESET Smart Security tak som ho skusal najst v sluzbach a spustit rucne. No ale nejde to ked ho dam aby sa spustil automaticky tak mi vypise chybu "pristup byl odepren" - predpokladam ze to bude nejaky virus aj ked si niesom isty.
Dalsi problem je ze sa mi casto notebook zasekne na uvodnej obrazovke "Vitajte" a dalej s tym nepohnem - tak ze som ho uz asi 6 dni nevypol bezi v kuse.

Screen:


Mozete mi s tym pomoct?

Dakujem

Log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2013-05-05 12:44:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 3949 MB (30% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe" -service
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
taskeng.exe {F7DBA49D-1C6C-42BB-9A6C-805BE0987ACF}
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
WLIDSvcM.exe 3032
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\user\AppData\Roaming\TorrentStream\engine\..\updater\tsupdate.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"taskhost.exe"
"C:\Program Files (x86)\Steam\Steam.exe" "steam://rungameid/207890"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b7efc449-5c63-4fc4-9b7c-a8dd9c204990 -SystemEventPortName:HostProcess-d34f4d2c-5e40-4fea-8b23-b14cef813d2b -IoCancelEventPortName:HostProcess-feea0d89-5254-4099-9c33-e7fa626f1dac -NonStateChangingEventPortName:HostProcess-3a01d618-a0e1-4ffc-bc56-6140882f6050 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ecbedd7e-347d-4ef9-a7b8-2aef3d85058f -DeviceGroupId:WpdFsGroup
uTorrent.exe /NOINSTALL /BRINGTOFRONT
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=60348.5541f000.1960691416 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 60348 "\\.\pipe\gecko-crash-server-pipe.60348" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --proxy-stub-channel=Flash48588.67F21D90.822 --host-broker-channel=Flash48588.67F21D90.19954 --host-pid=48588 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --channel=35848.0031F2D4.966597535 --proxy-stub-channel=Flash48588.67F21D90.822 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\IrfanView\i_view32.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\user.exe" /silentautolog
taskmgr.exe /3
"C:\Users\user\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\RegClean Pro_DEFAULT.job
C:\Windows\tasks\RegClean Pro_UPDATES.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-10-01 367456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-08 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-08 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-10-01 218544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2839840]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-04-29 802136]
"TorrentStream"=C:\Users\user\AppData\Roaming\TorrentStream\engine\tsengine.exe [2013-04-15 27256]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2013-04-19 1631144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2011-10-25 3437976]
"AcebyteTray"=C:\Program Files (x86)\Acebyte\Acebyte Utilities 3\AcebyteTray.exe [2012-06-01 498808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-16 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-03 9642528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Win7PDF"=C:\Program Files\PDF Printer for Windows 7\PDF.exe []
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-11-13 210216]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"PDVD9LanguageShortcut"=C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe [2009-04-28 50472]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"MDS_Menu"=C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-27 6998656]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-05-05 11:45:49 ----D---- C:\Program Files\trend micro
2013-05-05 11:45:48 ----D---- C:\rsit
2013-04-17 22:01:54 ----A---- C:\Windows\system32\roboot64.exe
2013-04-17 22:01:53 ----D---- C:\Program Files (x86)\RegClean Pro
2013-04-17 22:01:52 ----D---- C:\Users\user\AppData\Roaming\systweak
2013-04-17 22:01:50 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2013-04-17 22:01:50 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2013-04-17 22:01:49 ----A---- C:\Windows\eSellerateEngine.dll
2013-04-17 22:01:49 ----A---- C:\Windows\eSellerateControl350.dll
2013-04-17 18:05:31 ----A---- C:\Windows\ntbtlog.txt
2013-04-12 17:16:16 ----D---- C:\FM Genie Scout 13
2013-04-11 21:16:55 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 20:42:44 ----D---- C:\Program Files (x86)\Steam
2013-04-11 20:42:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-11 20:42:24 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 20:42:24 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-11 20:42:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-11 20:42:22 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-11 20:42:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-11 20:42:22 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-11 20:42:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-11 20:42:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-11 20:42:22 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 20:42:22 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-11 20:42:22 ----A---- C:\Windows\system32\iesetup.dll
2013-04-11 20:42:22 ----A---- C:\Windows\system32\iernonce.dll
2013-04-11 20:42:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-11 20:42:21 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 20:42:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-11 20:42:19 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 20:42:19 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 20:42:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-11 20:42:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-11 20:42:17 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 20:42:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-11 20:42:16 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 20:42:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-11 20:42:14 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 20:42:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-11 20:42:11 ----A---- C:\Windows\system32\ieframe.dll
2013-04-11 20:42:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-11 20:42:04 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 20:41:21 ----A---- C:\Windows\system32\win32k.sys
2013-04-11 20:40:02 ----A---- C:\Windows\system32\mstscax.dll
2013-04-11 20:40:00 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-11 20:39:59 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-11 20:39:58 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-11 20:39:58 ----A---- C:\Windows\system32\aaclient.dll
2013-04-11 20:39:57 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-11 20:39:01 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-11 20:38:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-11 20:38:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-11 20:38:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-11 20:38:53 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-11 20:38:53 ----A---- C:\Windows\system32\smss.exe
2013-04-11 20:38:53 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-11 19:10:48 ----D---- C:\Program Files (x86)\dumps
2013-04-09 19:20:50 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-04-08 21:46:08 ----D---- C:\Users\user\AppData\Roaming\Malwarebytes
2013-04-08 21:46:00 ----D---- C:\ProgramData\Malwarebytes
2013-04-08 21:45:59 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-08 21:45:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-04-07 16:28:19 ----D---- C:\ProgramData\Steam

======List of files/folders modified in the last 1 months======

2013-05-05 12:44:43 ----D---- C:\Windows\temp
2013-05-05 12:42:19 ----D---- C:\Users\user\AppData\Roaming\uTorrent
2013-05-05 11:45:49 ----RD---- C:\Program Files
2013-05-05 09:31:00 ----D---- C:\Windows\system32\config
2013-05-04 22:10:38 ----D---- C:\Program Files (x86)\ESET
2013-05-04 15:01:22 ----D---- C:\Windows\system32\Tasks
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 05:12:25 ----SHD---- C:\System Volume Information
2013-04-29 07:01:55 ----D---- C:\Program Files (x86)\uTorrent
2013-04-22 22:36:47 ----RD---- C:\Program Files (x86)
2013-04-18 17:20:57 ----D---- C:\ProgramData\Adobe
2013-04-18 17:20:53 ----D---- C:\Windows\Tasks
2013-04-18 17:20:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-17 22:01:54 ----D---- C:\Windows\System32
2013-04-17 22:01:50 ----D---- C:\Windows\SysWOW64
2013-04-17 22:01:49 ----D---- C:\Windows
2013-04-17 21:54:10 ----D---- C:\Users\user\AppData\Roaming\DMCache
2013-04-17 21:51:55 ----D---- C:\ProgramData\VMware
2013-04-17 21:51:43 ----A---- C:\Windows\SYSWOW64\log.txt
2013-04-17 21:49:32 ----D---- C:\Windows\system32\NDF
2013-04-17 21:42:43 ----A---- C:\Windows\SYSWOW64\rpcnetp.dll
2013-04-17 21:42:24 ----A---- C:\Windows\SYSWOW64\rpcnetp.exe
2013-04-17 21:42:24 ----A---- C:\Windows\system32\rpcnetp.exe
2013-04-17 21:41:32 ----D---- C:\Windows\pss
2013-04-17 20:43:10 ----D---- C:\Windows\system32\catroot2
2013-04-16 16:56:40 ----D---- C:\Windows\inf
2013-04-16 16:56:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-12 16:29:12 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-04-12 16:28:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-12 16:16:48 ----D---- C:\Windows\winsxs
2013-04-12 16:16:35 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-04-11 22:38:13 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 22:38:12 ----D---- C:\Program Files\Internet Explorer
2013-04-11 22:38:05 ----D---- C:\Windows\system32\drivers
2013-04-11 21:20:52 ----RSD---- C:\Windows\assembly
2013-04-11 20:45:25 ----A---- C:\Windows\system32\MRT.exe
2013-04-11 20:44:12 ----SHD---- C:\Windows\Installer
2013-04-11 20:44:11 ----D---- C:\ProgramData\Microsoft Help
2013-04-11 20:42:49 ----D---- C:\Windows\system32\catroot
2013-04-11 20:42:46 ----D---- C:\Program Files (x86)\Common Files
2013-04-11 20:28:08 ----D---- C:\Windows\SYSWOW64\wbem
2013-04-11 20:28:08 ----D---- C:\Windows\system32\wbem
2013-04-11 20:26:48 ----D---- C:\Windows\system32\wfp
2013-04-11 20:26:48 ----D---- C:\Windows\system32\DriverStore
2013-04-11 20:26:48 ----D---- C:\ProgramData\P4G
2013-04-11 20:26:40 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-11 20:26:39 ----RSD---- C:\Windows\Fonts
2013-04-11 20:26:38 ----D---- C:\Windows\AppCompat
2013-04-11 20:26:38 ----D---- C:\Users\user\AppData\Roaming\Winamp
2013-04-11 20:26:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-04-11 20:26:36 ----D---- C:\Program Files (x86)\The KMPlayer
2013-04-11 20:26:35 ----D---- C:\Program Files (x86)\IrfanView
2013-04-11 20:26:17 ----D---- C:\Windows\registration
2013-04-11 20:25:35 ----D---- C:\Users\user\AppData\Roaming\Sports Interactive
2013-04-08 21:46:00 ----HD---- C:\ProgramData
2013-04-08 21:29:08 ----D---- C:\TorrentStream
2013-04-08 21:28:58 ----D---- C:\Users\user\AppData\Roaming\.Torrent Stream
2013-04-07 17:02:29 ----D---- C:\Users\user\AppData\Roaming\UX Software
2013-04-07 17:01:58 ----D---- C:\Program Files (x86)\Rockstar Games
2013-04-07 16:40:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-06 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-17 254528]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 34472]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 85424]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-07 169592]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 50600]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 38960]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2011-07-06 145008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2009-10-22 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2009-10-22 68144]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 32816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 33608]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-03 2217504]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-05-15 956416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-27 176640]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 29744]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 20016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz130;cpuz130; \??\C:\Users\user\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-05-20 202016]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2009-10-22 37680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BroadCamService;BroadCam Video Streaming Server; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2011-11-26 1531396]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-09 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2012-09-12 214520]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2009-10-22 395824]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-05-27 244904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 42336]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 135664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-11 115608]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-19 489256]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-04 1255736]
S4 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-04-07 810120]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

moze mi s tym niekto pomoct?

piotr07 píše:moze mi s tym niekto pomoct?

Zdravím, zkusíme se na to mrknout jen to chce trochu trpělivosti.


Zoušel jsi ESET přeinstalovat ?


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Předpokládám, že Mbam který tam máš jsi už použil tak se podíváme hlouběji.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Cau
Eset som este neskusal preinstalovat kazdopadne skusim najprv ten reinstal a potom este vycistit PC pomocou CCleaner dam ti vediet. Lebo momentalne ten notebook nemam pri sebe. Zajtra napisem ako to dopadlo

Tak ze pri pokuse odinstalovat ESET mi vyhodilo tuto chybu



Idem spustit ten combofix a hodim sem log

Log z Combofixu

ComboFix 13-05-07.02 - user 07.05.2013 17:43:13.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3949.1975 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\0.bak
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\programdata\FullRemove.exe
c:\users\user\AppData\Roaming\Local
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\iun6002.exe
c:\windows\msvcr71.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\SETAB86.tmp
c:\windows\SysWow64\SETAC82.tmp
c:\windows\SysWow64\SETB65D.tmp
c:\windows\SysWow64\tmp5E28.tmp
c:\windows\SysWow64\tmp5E48.tmp
c:\windows\SysWow64\tmpDEF6.tmp
c:\windows\SysWow64\tmpDEF7.tmp
c:\windows\SysWow64\tmpE562.tmp
c:\windows\SysWow64\tmpE572.tmp
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-07 do 2013-05-07 )))))))))))))))))))))))))))))))
.
.
2013-05-07 15:55 . 2013-05-07 15:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-05 09:45 . 2013-05-05 10:44 -------- d-----w- c:\program files\trend micro
2013-05-05 09:45 . 2013-05-05 10:42 -------- d-----w- C:\rsit
2013-05-04 03:13 . 2013-05-04 03:13 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BDE76ECB-56D4-40FA-A8D7-4DA360318475}\offreg.dll
2013-05-04 03:10 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BDE76ECB-56D4-40FA-A8D7-4DA360318475}\mpengine.dll
2013-04-19 15:48 . 2013-04-30 21:41 -------- d-----w- c:\users\user\AppData\Local\FMScout.com_&&_Moddingway
2013-04-17 20:01 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-04-17 20:01 . 2013-05-07 04:53 -------- d-----w- c:\users\user\AppData\Roaming\systweak
2013-04-17 20:01 . 2013-01-18 19:24 274432 ----a-w- c:\windows\SysWow64\ssleay32.dll
2013-04-17 20:01 . 2013-01-18 19:22 1122304 ----a-w- c:\windows\SysWow64\libeay32.dll
2013-04-17 20:01 . 2013-01-18 19:25 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-04-17 20:01 . 2013-01-18 19:25 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-04-12 15:16 . 2013-04-12 15:16 -------- d-----w- C:\FM Genie Scout 13
2013-04-11 18:41 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-11 18:40 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-11 18:40 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-11 18:39 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-11 18:39 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-11 18:39 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-11 18:39 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-11 18:39 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-11 18:38 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-11 18:38 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-11 18:38 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-11 18:38 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-11 18:38 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-11 18:38 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-11 17:10 . 2013-04-11 17:10 -------- d-----w- c:\program files (x86)\dumps
2013-04-09 17:21 . 2013-04-09 17:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-08 19:46 . 2013-04-08 19:46 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-04-08 19:46 . 2013-04-08 19:46 -------- d-----w- c:\programdata\Malwarebytes
2013-04-08 19:45 . 2013-04-11 18:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-08 19:45 . 2012-12-14 14:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 00:06 . 2010-08-04 18:50 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 15:20 . 2012-06-18 15:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-18 15:20 . 2012-06-18 15:56 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-17 19:42 . 2013-03-18 02:17 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2013-04-17 19:42 . 2013-03-18 02:17 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2013-04-17 19:42 . 2010-07-29 03:00 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-04-11 18:45 . 2010-08-04 17:20 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-17 17:08 . 2013-03-17 17:08 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-17 17:08 . 2013-03-17 17:08 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-17 17:08 . 2013-03-17 17:08 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-17 17:08 . 2013-03-17 17:08 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-17 17:08 . 2013-03-17 17:08 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-17 17:08 . 2013-03-17 17:08 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-17 17:08 . 2013-03-17 17:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-17 17:08 . 2013-03-17 17:08 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-17 17:08 . 2013-03-17 17:08 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-17 17:08 . 2013-03-17 17:08 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-17 17:08 . 2013-03-17 17:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-17 17:08 . 2013-03-17 17:08 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-17 17:08 . 2013-03-17 17:08 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-17 17:08 . 2013-03-17 17:08 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-17 17:08 . 2013-03-17 17:08 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-17 17:08 . 2013-03-17 17:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-17 17:08 . 2013-03-17 17:08 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-17 17:08 . 2013-03-17 17:08 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-17 17:08 . 2013-03-17 17:08 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-17 17:08 . 2013-03-17 17:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-17 17:08 . 2013-03-17 17:08 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-17 17:08 . 2013-03-17 17:08 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-17 17:08 . 2013-03-17 17:08 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-17 17:08 . 2013-03-17 17:08 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-17 17:08 . 2013-03-17 17:08 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-17 17:08 . 2013-03-17 17:08 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-17 17:08 . 2013-03-17 17:08 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-17 17:08 . 2013-03-17 17:08 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-17 17:08 . 2013-03-17 17:08 441856 ----a-w- c:\windows\system32\html.iec
2013-03-17 17:08 . 2013-03-17 17:08 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-17 17:08 . 2013-03-17 17:08 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-17 17:08 . 2013-03-17 17:08 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-17 17:08 . 2013-03-17 17:08 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-17 17:08 . 2013-03-17 17:08 235008 ----a-w- c:\windows\system32\url.dll
2013-03-17 17:08 . 2013-03-17 17:08 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-17 17:08 . 2013-03-17 17:08 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-17 17:08 . 2013-03-17 17:08 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-17 17:08 . 2013-03-17 17:08 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-17 17:08 . 2013-03-17 17:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-17 17:08 . 2013-03-17 17:08 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-17 17:08 . 2013-03-17 17:08 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-17 17:08 . 2013-03-17 17:08 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-17 17:08 . 2013-03-17 17:08 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-17 17:08 . 2013-03-17 17:08 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-17 17:08 . 2013-03-17 17:08 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-17 17:08 . 2013-03-17 17:08 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-17 17:08 . 2013-03-17 17:08 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-17 17:08 . 2013-03-17 17:08 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-17 17:08 . 2013-03-17 17:08 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-17 14:32 . 2010-08-05 19:27 44544 ----a-w- c:\windows\SysWow64\agremove.exe
2013-02-12 05:45 . 2013-03-12 23:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-12 23:59 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-12 23:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-12 23:59 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-12 23:59 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-12 23:59 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-17 17:06 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-29 802136]
"TorrentStream"="c:\users\user\AppData\Roaming\TorrentStream\engine\tsengine.exe" [2013-04-15 27256]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-10-25 3437976]
"AcebyteTray"="c:\program files (x86)\Acebyte\Acebyte Utilities 3\AcebyteTray.exe" [2012-06-01 498808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-11-13 210216]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-28 50472]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-4-16 12862]
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2011-7-23 442880]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 cpuz130;cpuz130;c:\users\user\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-06 834544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-17 254528]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 139704]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 BroadCamService;BroadCam Video Streaming Server;c:\program files (x86)\NCH Software\BroadCam\broadcam.exe [2011-11-26 1531396]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 163888]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 145008]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2009-10-22 80944]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-27 176640]
S4 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 50600]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 20:02 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:54]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:54]
.
2013-05-07 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-04-17 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
2012-08-20 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 22408 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mail.foxconn.cz/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~2\PCTRAN~1\webie.dll
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\idjsu6fu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{c2db4fe6-8409-45ce-8010-189a7b5cce86} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-UnityWebPlayer - c:\users\user\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000\Software\G*e*n*i*e*"!\FM Genie Scout 12]
"GameDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\games"
"ShortlistDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\shortlists"
"FMPath"="d:\\Games\\Football Manager 2012\\Football Manager 2012\\"
"ScreenshotsDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012"
"SaveDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\"
"HistoryDir"="d:\\FM Genie Scout 12\\History Points"
"LangDB"="d:\\Games\\Football Manager 2012\\Football Manager 2012\\data\\db\\1200\\lang_db.dat"
"LastSaveGame"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\games\\Tottenham.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000041
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a13a
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000000cf
"UniqueID"="26-AD60-EAEF"
"Currency"=dword:0000001c
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000010
"StaffSearchFeatureNum"=dword:0000000c
"ClubSearchFeatureNum"=dword:00000003
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000012
"HintsFeatureNum"=dword:00000002
"GenieReportFeatureNum"=dword:00000004
"TopFormationFeatureNum"=dword:00000003
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:0000008a
"AdImpressionsNum"=dword:00000088
"GameLoadedCounter"=dword:00000018
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
"GameDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"="d:\\Games\\Steam\\steamapps\\common\\Football Manager 2013\\"
"ScreenshotsDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="d:\\Games\\Steam\\steamapps\\common\\Football Manager 2013\\data\\db\\1330\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a1b6
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="26-AD60-EAEF"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000015
"StaffSearchFeatureNum"=dword:00000008
"ClubSearchFeatureNum"=dword:00000004
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000003
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000004
"GenieReportFeatureNum"=dword:00000003
"TopFormationFeatureNum"=dword:00000004
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:0000015d
"GameLoadedCounter"=dword:00000000
"Currency"=dword:0000001c
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b5,6f,b6,aa,54,8b,9d,74,ce,97,a8,43,8e,e6,68,27,5f,6d,2b,b5,8b,
81,47,57,05,53,2d,d9,b4,55,97,e7,e9,57,28,3c,51,96,49,9e,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000_Classes\Wow6432Node\CLSID\{d7fec724-4b4d-41fa-8441-3c2e32d9c954}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000082
"Therad"=dword:00000019
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-07 18:12:13
ComboFix-quarantined-files.txt 2013-05-07 16:12
.
Před spuštěním: Volných bajtů: 31 914 045 440
Po spuštění: Volných bajtů: 31 353 475 072
.
- - End Of File - - 6FEF64F055820B396528F3240FF38750

Pak nemá ESET blbnout když je cracknutý

Stáhni ESET Uninstaller, restartuj do Nouzového režimu a v něm ho spusť.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Cau

Ten ESET som nemal cracknuty len som asi prvy krat pouzil ten minodlogin co vyhladava licencie... kedze to nefungovalo tak mi kamos dal platnu licencie na ESET ktora plati do konca roka 2013 a ten minodlogin som zabudol vymazat..

Ale k podstate problemu. Eset som odinstaloval v nudzovom rezime a potom som spustil ten skript cez combofix uz v normalnom rezime. Tu je log z Combofixu:

ComboFix 13-05-08.01 - user 08.05.2013 9:16.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3949.2060 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-08 do 2013-05-08 )))))))))))))))))))))))))))))))
.
.
2013-05-08 07:28 . 2013-05-08 07:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-08 03:12 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F18F0C4F-DBC3-474B-9D94-CA49F2609277}\mpengine.dll
2013-05-05 09:45 . 2013-05-05 10:44 -------- d-----w- c:\program files\trend micro
2013-05-05 09:45 . 2013-05-05 10:42 -------- d-----w- C:\rsit
2013-04-19 15:48 . 2013-04-30 21:41 -------- d-----w- c:\users\user\AppData\Local\FMScout.com_&&_Moddingway
2013-04-17 20:01 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-04-17 20:01 . 2013-05-07 04:53 -------- d-----w- c:\users\user\AppData\Roaming\systweak
2013-04-17 20:01 . 2013-01-18 19:24 274432 ----a-w- c:\windows\SysWow64\ssleay32.dll
2013-04-17 20:01 . 2013-01-18 19:22 1122304 ----a-w- c:\windows\SysWow64\libeay32.dll
2013-04-17 20:01 . 2013-01-18 19:25 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-04-17 20:01 . 2013-01-18 19:25 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-04-12 15:16 . 2013-04-12 15:16 -------- d-----w- C:\FM Genie Scout 13
2013-04-11 18:41 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-11 18:40 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-11 18:40 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-11 18:39 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-11 18:39 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-11 18:39 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-11 18:39 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-11 18:39 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-11 18:38 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-11 18:38 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-11 18:38 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-11 18:38 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-11 18:38 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-11 18:38 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-11 17:10 . 2013-04-11 17:10 -------- d-----w- c:\program files (x86)\dumps
2013-04-09 17:21 . 2013-04-09 17:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-08 19:46 . 2013-04-08 19:46 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2013-04-08 19:46 . 2013-04-08 19:46 -------- d-----w- c:\programdata\Malwarebytes
2013-04-08 19:45 . 2013-04-11 18:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-08 19:45 . 2012-12-14 14:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-08 07:08 . 2013-03-18 02:17 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2013-05-08 07:02 . 2013-03-18 02:17 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2013-05-08 07:02 . 2010-07-29 03:00 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-05-02 00:06 . 2010-08-04 18:50 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 15:20 . 2012-06-18 15:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-18 15:20 . 2012-06-18 15:56 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-11 18:45 . 2010-08-04 17:20 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-17 17:08 . 2013-03-17 17:08 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-17 17:08 . 2013-03-17 17:08 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-17 17:08 . 2013-03-17 17:08 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-17 17:08 . 2013-03-17 17:08 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-17 17:08 . 2013-03-17 17:08 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-17 17:08 . 2013-03-17 17:08 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-17 17:08 . 2013-03-17 17:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-17 17:08 . 2013-03-17 17:08 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-17 17:08 . 2013-03-17 17:08 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-17 17:08 . 2013-03-17 17:08 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-17 17:08 . 2013-03-17 17:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-17 17:08 . 2013-03-17 17:08 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-17 17:08 . 2013-03-17 17:08 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-17 17:08 . 2013-03-17 17:08 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-17 17:08 . 2013-03-17 17:08 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-17 17:08 . 2013-03-17 17:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-17 17:08 . 2013-03-17 17:08 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-17 17:08 . 2013-03-17 17:08 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-17 17:08 . 2013-03-17 17:08 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-17 17:08 . 2013-03-17 17:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-17 17:08 . 2013-03-17 17:08 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-17 17:08 . 2013-03-17 17:08 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-17 17:08 . 2013-03-17 17:08 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-17 17:08 . 2013-03-17 17:08 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-17 17:08 . 2013-03-17 17:08 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-17 17:08 . 2013-03-17 17:08 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-17 17:08 . 2013-03-17 17:08 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-17 17:08 . 2013-03-17 17:08 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-17 17:08 . 2013-03-17 17:08 441856 ----a-w- c:\windows\system32\html.iec
2013-03-17 17:08 . 2013-03-17 17:08 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-17 17:08 . 2013-03-17 17:08 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-17 17:08 . 2013-03-17 17:08 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-17 17:08 . 2013-03-17 17:08 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-17 17:08 . 2013-03-17 17:08 235008 ----a-w- c:\windows\system32\url.dll
2013-03-17 17:08 . 2013-03-17 17:08 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-17 17:08 . 2013-03-17 17:08 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-17 17:08 . 2013-03-17 17:08 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-17 17:08 . 2013-03-17 17:08 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-17 17:08 . 2013-03-17 17:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-17 17:08 . 2013-03-17 17:08 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-17 17:08 . 2013-03-17 17:08 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-17 17:08 . 2013-03-17 17:08 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-17 17:08 . 2013-03-17 17:08 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-17 17:08 . 2013-03-17 17:08 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-17 17:08 . 2013-03-17 17:08 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-17 17:08 . 2013-03-17 17:08 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-17 17:08 . 2013-03-17 17:08 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-17 17:08 . 2013-03-17 17:08 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-17 17:08 . 2013-03-17 17:08 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-17 14:32 . 2010-08-05 19:27 44544 ----a-w- c:\windows\SysWow64\agremove.exe
2013-02-12 05:45 . 2013-03-12 23:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-12 23:59 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-12 23:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-12 23:59 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-12 23:59 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-12 23:59 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-17 17:06 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-29 802136]
"TorrentStream"="c:\users\user\AppData\Roaming\TorrentStream\engine\tsengine.exe" [2013-04-15 27256]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-10-25 3437976]
"AcebyteTray"="c:\program files (x86)\Acebyte\Acebyte Utilities 3\AcebyteTray.exe" [2012-06-01 498808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-11-13 210216]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-28 50472]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-4-16 12862]
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2011-7-23 442880]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R0 rpcnetp;rpcnetp;rpcnetp [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cpuz130;cpuz130;c:\users\user\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-17 254528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 BroadCamService;BroadCam Video Streaming Server;c:\program files (x86)\NCH Software\BroadCam\broadcam.exe [2011-11-26 1531396]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 145008]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-27 176640]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 20:02 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:54]
.
2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:54]
.
2013-05-07 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-05-08 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
2012-08-20 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 22408 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mail.foxconn.cz/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~2\PCTRAN~1\webie.dll
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\idjsu6fu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000\Software\G*e*n*i*e*"!\FM Genie Scout 12]
"GameDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\games"
"ShortlistDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\shortlists"
"FMPath"="d:\\Games\\Football Manager 2012\\Football Manager 2012\\"
"ScreenshotsDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012"
"SaveDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\"
"HistoryDir"="d:\\FM Genie Scout 12\\History Points"
"LangDB"="d:\\Games\\Football Manager 2012\\Football Manager 2012\\data\\db\\1200\\lang_db.dat"
"LastSaveGame"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2012\\games\\Tottenham.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000041
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a13a
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000000cf
"UniqueID"="26-AD60-EAEF"
"Currency"=dword:0000001c
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000010
"StaffSearchFeatureNum"=dword:0000000c
"ClubSearchFeatureNum"=dword:00000003
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000012
"HintsFeatureNum"=dword:00000002
"GenieReportFeatureNum"=dword:00000004
"TopFormationFeatureNum"=dword:00000003
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:0000008a
"AdImpressionsNum"=dword:00000088
"GameLoadedCounter"=dword:00000018
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
"GameDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"="d:\\Games\\Steam\\steamapps\\common\\Football Manager 2013\\"
"ScreenshotsDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\user\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="d:\\Games\\Steam\\steamapps\\common\\Football Manager 2013\\data\\db\\1330\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a1b9
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="26-AD60-EAEF"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000016
"StaffSearchFeatureNum"=dword:00000009
"ClubSearchFeatureNum"=dword:00000004
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000003
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000004
"GenieReportFeatureNum"=dword:00000003
"TopFormationFeatureNum"=dword:00000004
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000167
"GameLoadedCounter"=dword:00000000
"Currency"=dword:0000001c
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b5,6f,b6,aa,54,8b,9d,74,ce,97,a8,43,8e,e6,68,27,5f,6d,2b,b5,8b,
81,47,57,05,53,2d,d9,b4,55,97,e7,e9,57,28,3c,51,96,49,9e,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3025580592-2795931774-3334329180-1000_Classes\Wow6432Node\CLSID\{d7fec724-4b4d-41fa-8441-3c2e32d9c954}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000082
"Therad"=dword:00000019
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
Celkový čas: 2013-05-08 09:45:22
ComboFix-quarantined-files.txt 2013-05-08 07:45
ComboFix2.txt 2013-05-07 16:12
.
Před spuštěním: Volných bajtů: 31 292 387 328
Po spuštění: Volných bajtů: 30 797 307 904
.
- - End Of File - - F33B578824E7612DBD5D88CEABC7CD02

piotr07 píše:Ten ESET som nemal cracknuty len som asi prvy krat pouzil ten minodlogin co vyhladava licencie... kedze to nefungovalo tak mi kamos dal platnu licencie na ESET ktora plati do konca roka 2013 a ten minodlogin som zabudol vymazat...

Budu Ti tedy věřit.


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Znovu projeď PC CCleanerem a pak zkus ten ESET a dej vědět jak to vypadá.

Cau

Tak som odinstaloval Combofix a precistil PC. Nainstaloval som ESS4 a dal tam licenciu. Vsetko bezi v pohode.

Dakujem velmi pekne za pomoc a za tvoj cas.

Inak je mozne sa stat radcom? Chcel by som tiez pomahat uzivatelom s precistovanim PC ak by to bolo mozne samozrejme.

piotr07 píše:Inak je mozne sa stat radcom? Chcel by som tiez pomahat uzivatelom s precistovanim PC ak by to bolo mozne samozrejme.

Ano je to možné čti ZDE co a jak.

piotr07 píše:Dakujem velmi pekne za pomoc a za tvoj cas.

Není zač a