VIRY.CZ

Prosím o kontrolu logu, měl jsem podobný problém jako jiný uživatel s "icatch pc camera console" při startu se mi pořád zapínala tato aplikace. Tak jsem jako v minulém tématu spustil Combofix. Tady je log:

ComboFix 13-12-01.01 - Martin 02.12.2013 14:06:02.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1927 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-02 do 2013-12-02 )))))))))))))))))))))))))))))))
.
.
2013-12-02 13:18 . 2013-12-02 13:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-02 10:53 . 2013-12-02 10:53 -------- d-----w- c:\programdata\Atheros
2013-12-02 10:53 . 2013-12-02 10:53 -------- d-----w- c:\users\Martin\AppData\Roaming\Atheros
2013-12-02 10:43 . 2013-12-02 10:43 0 ---ha-w- c:\users\Martin\BIT3B17.tmp
2013-12-01 19:04 . 2012-09-14 11:21 135832 ----a-w- c:\windows\system32\drivers\btath_rcp.sys
2013-12-01 19:04 . 2012-09-14 11:21 77464 ----a-w- c:\windows\system32\drivers\btath_lwflt.sys
2013-12-01 19:04 . 2012-09-14 11:21 178840 ----a-w- c:\windows\system32\drivers\btath_hcrp.sys
2013-12-01 19:04 . 2012-09-14 11:21 88728 ----a-w- c:\windows\system32\drivers\btath_flt.sys
2013-12-01 19:04 . 2012-09-14 11:21 344216 ----a-w- c:\windows\system32\drivers\btath_a2dp.sys
2013-12-01 19:04 . 2012-09-14 11:21 114840 ----a-w- c:\windows\system32\drivers\btath_avdt.sys
2013-12-01 19:04 . 2012-09-14 11:21 575128 ----a-w- c:\windows\system32\drivers\btfilter.sys
2013-12-01 19:03 . 2012-09-14 11:21 33944 ----a-w- c:\windows\system32\drivers\btath_bus.sys
2013-12-01 19:02 . 2013-12-01 19:04 -------- d-----w- c:\program files (x86)\Common Files\QCA_Bluetooth
2013-12-01 19:02 . 2013-12-01 19:02 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2013-12-01 17:55 . 2013-12-01 17:57 -------- d-----w- c:\windows\system32\MRT
2013-12-01 15:23 . 2013-12-01 15:23 -------- d-----w- c:\program files\CCleaner
2013-12-01 14:57 . 2013-12-02 13:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-12-01 14:57 . 2013-12-02 13:04 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-12-01 14:56 . 2013-12-01 14:56 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-11-14 07:31 . 2013-10-12 07:03 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-14 07:31 . 2013-10-12 08:45 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 07:31 . 2013-10-12 08:43 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-11-14 07:31 . 2013-10-12 08:43 19269632 ----a-w- c:\windows\system32\mshtml.dll
2013-11-13 18:23 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 18:23 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:21 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-13 18:21 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-13 18:21 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-13 18:21 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 18:21 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-13 18:21 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-13 18:21 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-13 18:07 . 2013-11-13 18:07 -------- d-----w- c:\users\Martin\AppData\Roaming\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-11 19:30 . 2013-04-27 05:02 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-11 19:30 . 2013-04-27 05:02 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-11 19:30 . 2011-11-17 18:59 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-11 19:30 . 2011-11-17 18:59 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-11 19:30 . 2011-11-17 18:59 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-11 19:30 . 2011-11-17 18:59 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-11 19:30 . 2011-11-17 18:59 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-11 19:30 . 2011-11-17 18:59 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-11 19:29 . 2012-12-15 20:55 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-11 19:29 . 2011-11-17 18:59 43152 ----a-w- c:\windows\avastSS.scr
2013-10-17 11:55 . 2013-10-17 11:55 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-10-17 11:55 . 2013-10-17 11:55 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-10-17 11:55 . 2013-10-17 11:55 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-10-17 11:55 . 2013-10-17 11:55 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-10-17 11:55 . 2013-10-17 11:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-10-17 11:55 . 2013-10-17 11:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-10-17 11:55 . 2013-10-17 11:55 441856 ----a-w- c:\windows\system32\html.iec
2013-10-17 11:55 . 2013-10-17 11:55 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-10-17 11:55 . 2013-10-17 11:55 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-10-17 11:55 . 2013-10-17 11:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-10-17 11:55 . 2013-10-17 11:55 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-10-17 11:55 . 2013-10-17 11:55 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-10-17 11:55 . 2013-10-17 11:55 216064 ----a-w- c:\windows\system32\msls31.dll
2013-10-17 11:55 . 2013-10-17 11:55 197120 ----a-w- c:\windows\system32\msrating.dll
2013-10-17 11:55 . 2013-10-17 11:55 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-10-17 11:55 . 2013-10-17 11:55 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-10-17 11:55 . 2013-10-17 11:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-10-17 11:55 . 2013-10-17 11:55 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-10-17 11:55 . 2013-10-17 11:55 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-10-17 11:55 . 2013-10-17 11:55 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-10-17 11:55 . 2013-10-17 11:55 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-10-17 11:55 . 2013-10-17 11:55 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-10-17 11:55 . 2013-10-17 11:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-10-17 11:55 . 2013-10-17 11:55 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-10-17 11:55 . 2013-10-17 11:55 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-10-17 11:55 . 2013-10-17 11:55 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-10-17 11:55 . 2013-10-17 11:55 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-10-17 11:55 . 2013-10-17 11:55 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-10-17 11:55 . 2013-10-17 11:55 81408 ----a-w- c:\windows\system32\icardie.dll
2013-10-17 11:55 . 2013-10-17 11:55 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-10-17 11:55 . 2013-10-17 11:55 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-10-17 11:55 . 2013-10-17 11:55 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-10-17 11:55 . 2013-10-17 11:55 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-10-17 11:55 . 2013-10-17 11:55 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-10-17 11:55 . 2013-10-17 11:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-10-17 11:55 . 2013-10-17 11:55 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-17 11:55 . 2013-10-17 11:55 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-10-17 11:55 . 2013-10-17 11:55 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-10-17 11:55 . 2013-10-17 11:55 235008 ----a-w- c:\windows\system32\url.dll
2013-10-17 11:55 . 2013-10-17 11:55 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-10-17 11:55 . 2013-10-17 11:55 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-10-17 11:55 . 2013-10-17 11:55 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-17 11:55 . 2013-10-17 11:55 149504 ----a-w- c:\windows\system32\occache.dll
2013-10-17 11:55 . 2013-10-17 11:55 144896 ----a-w- c:\windows\system32\wextract.exe
2013-10-17 11:55 . 2013-10-17 11:55 13824 ----a-w- c:\windows\system32\mshta.exe
2013-10-17 11:55 . 2013-10-17 11:55 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-10-17 11:55 . 2013-10-17 11:55 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-10-17 11:55 . 2013-10-17 11:55 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-10-17 11:55 . 2013-10-17 11:55 102912 ----a-w- c:\windows\system32\inseng.dll
2013-10-17 11:54 . 2013-10-17 11:54 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-10-17 11:54 . 2013-10-17 11:54 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-10-17 11:54 . 2013-10-17 11:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-10-17 11:54 . 2013-10-17 11:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-10-17 11:54 . 2013-10-17 11:54 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-10-17 11:54 . 2013-10-17 11:54 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-10-17 11:54 . 2013-10-17 11:54 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-17 11:54 . 2013-10-17 11:54 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-10-17 11:54 . 2013-10-17 11:54 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-10-17 11:54 . 2013-10-17 11:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-10-17 11:54 . 2013-10-17 11:54 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-10-17 11:54 . 2013-10-17 11:54 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-10-17 11:54 . 2013-10-17 11:54 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-10-17 11:54 . 2013-10-17 11:54 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-10-17 11:54 . 2013-10-17 11:54 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-10-17 11:54 . 2013-10-17 11:54 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-10-17 11:54 . 2013-10-17 11:54 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-10-17 11:54 . 2013-10-17 11:54 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-17 11:54 . 2013-10-17 11:54 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-10-17 11:54 . 2013-10-17 11:54 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-10-17 11:54 . 2013-10-17 11:54 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-10-17 11:54 . 2013-10-17 11:54 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-10-17 11:54 . 2013-10-17 11:54 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-10-17 11:54 . 2013-10-17 11:54 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-02-11 76344]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-11 3568312]
"20131121"="c:\program files\AVAST Software\Avast\setup\emupdate\ba3e51c3-90eb-424e-87aa-a12c9aa014b2.exe" [2013-11-23 180184]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Landi 11.lnk - c:\program files (x86)\landi 11\Landi11.exe -tray [2012-12-4 2764632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 19:32 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-08 17:12]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-27 05:06]
.
2013-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-27 05:06]
.
2013-11-23 c:\windows\Tasks\HPCeeScheduleForMARTIN-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-12-01 c:\windows\Tasks\HPCeeScheduleForMartin.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-11 19:30 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-08-31 1664000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-09-14 764544]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-09-14 127616]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-02 14:35:14
ComboFix-quarantined-files.txt 2013-12-02 13:35
ComboFix2.txt 2013-12-02 12:25
.
Před spuštěním: Volných bajtů: 504 473 214 976
Po spuštění: Volných bajtů: 504 150 249 472
.
- - End Of File - - A26E9EA7B2075B7DC1D3588CA5D27C6A

Zdravim

Proc myslite, ze se pravidlo fora jmenuje Pravidla a skutečnosti - čtěte před položením dotazu, tam byst se docetl mimo jine treba toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je! Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád či nějaký rádoby odborný web. Naše fórum je jediné z CZ\SK antivirových fór, které má právo luštit logy z ComboFixu a máme též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

:arrow:Co se tedy tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Četl jsem to a kolegovi byla dána rada ať nechá projet systém Combofixem a pak vloží log, tak jsem vám chtěl ušetřit čas vkládám rovnou log

Cetl ale neridil jste se tim KOLEGOCI byla dana rada, nikoliv Vam a v pravidlech se jasne pise, ze se utility aplikuji az na vyzadani

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

• Utilitu spustte a prikazte ji, at skenuje - klik na Scan
• Kliknutim na Save log ulozte log aswMBR na plochu
• Obsah logu aswMBR mi sem vlozte

tady je:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-02 15:49:39
-----------------------------
15:49:39.904 OS Version: Windows x64 6.1.7601 Service Pack 1
15:49:39.904 Number of processors: 4 586 0x2A07
15:49:39.904 ComputerName: MARTIN-HP UserName: Martin
15:49:41.874 Initialize success
15:49:45.213 AVAST engine defs: 13120201
15:49:45.371 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:49:45.376 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
15:49:45.602 Disk 0 MBR read successfully
15:49:45.606 Disk 0 MBR scan
15:49:45.611 Disk 0 Windows 7 default MBR code
15:49:45.647 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
15:49:45.692 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 587798 MB offset 616448
15:49:45.726 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17258 MB offset 1204426752
15:49:45.771 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 1239771136
15:49:45.992 Disk 0 scanning C:\windows\system32\drivers
15:50:14.077 Service scanning
15:51:04.581 Modules scanning
15:51:04.597 Disk 0 trace - called modules:
15:51:04.628 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
15:51:04.633 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800511b060]
15:51:04.638 3 CLASSPNP.SYS[fffff88001a6843f] -> nt!IofCallDriver -> [0xfffffa8004fe8b10]
15:51:04.644 5 hpdskflt.sys[fffff880017f1189] -> nt!IofCallDriver -> [0xfffffa8004b75550]
15:51:04.648 7 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004bf3050]
15:51:05.776 AVAST engine scan C:\windows
15:51:09.266 AVAST engine scan C:\windows\system32
15:53:49.171 AVAST engine scan C:\windows\system32\drivers
15:54:04.405 AVAST engine scan C:\Users\Martin
15:57:24.322 AVAST engine scan C:\ProgramData
16:02:28.884 Scan finished successfully
17:38:06.777 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
17:38:06.781 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v3.014 - Report created 07/12/2013 at 14:22:14
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : ICQ Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\FLEXnet
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3296 octets] - [07/12/2013 14:20:56]
AdwCleaner[S0].txt - [2933 octets] - [07/12/2013 14:22:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2993 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100