Nenaskakuje okno "procházet"

[problemchild]

nový log

ComboFix 12-12-02.01 - User 26.12.2012 11:45:37.4.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6135.4087 [GMT 1:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-26 do 2012-12-26 )))))))))))))))))))))))))))))))
.
.
2012-12-26 10:50 . 2012-12-26 10:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-26 10:50 . 2012-12-26 10:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-26 09:02 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B233C6E1-7A1D-486F-9613-379B28928AD4}\mpengine.dll
2012-12-21 09:02 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 09:02 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 09:02 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 09:02 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-17 20:29 . 2012-12-17 20:29 -------- d-----w- c:\program files (x86)\Eidos
2012-12-17 20:28 . 2012-12-17 20:28 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-12-17 20:28 . 2012-12-17 20:28 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-12-17 20:28 . 2002-12-05 13:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-12-17 20:28 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-12-17 20:28 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-12-17 20:28 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-12-17 20:28 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-12-14 15:56 . 2012-12-14 15:56 -------- d-----w- c:\users\User\AppData\Roaming\Anuman
2012-12-14 15:52 . 2012-12-14 15:53 -------- d-----w- c:\program files (x86)\Red Johnsons Chronicles
2012-12-14 15:48 . 2012-12-14 15:48 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-14 15:44 . 2012-12-14 15:48 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-12-14 12:11 . 2012-12-17 09:48 -------- d-----w- c:\program files (x86)\Polda 4
2012-12-13 13:30 . 2012-12-13 13:30 5955856 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-12-12 13:34 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 13:34 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 15:37 . 2012-12-11 15:36 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-10 11:26 . 2012-12-10 11:33 -------- d-----w- c:\users\User\AppData\Roaming\Seznam.cz
2012-12-10 11:26 . 2012-12-10 11:27 -------- d--h--w- c:\windows\msdownld.tmp
2012-12-05 09:30 . 2012-12-05 09:30 -------- d-----w- c:\users\User\AppData\Local\Mozilla Firefox
2012-11-26 16:56 . 2004-11-28 08:24 183808 ----a-w- c:\windows\SysWow64\bdeadmin.cpl
2012-11-26 16:54 . 2012-11-26 16:54 -------- d-----w- C:\SEMA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 15:45 . 2010-11-26 22:56 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-12-12 13:38 . 2010-11-26 07:56 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 21:22 . 2012-05-05 05:18 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:22 . 2011-05-18 04:53 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 16:00 . 2012-10-30 16:00 280976 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-30 06:26 . 2012-10-30 06:26 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-28 12:35 . 2012-10-28 12:35 12464 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2012-10-16 08:38 . 2012-11-28 17:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 17:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 17:50 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 21:07 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 21:07 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 21:07 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 21:07 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 13:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 21:07 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 21:07 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 21:07 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 21:07 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 21:07 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 21:07 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 21:07 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 21:07 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 21:07 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 21:07 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 21:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 16:11 . 2012-10-01 21:34 52736 ----a-w- c:\windows\ipuninst.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-13 36864]
"KMCONFIG"="c:\program files (x86)\Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-01-12 75048]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe [2009-12-16 11520]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IconPackager.lnk - c:\program files (x86)\Stardock\MyColors\IconPackager.exe [2009-12-16 1387688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
"ContentTransferWMDetector.exe"=c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-11-05 43008]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2009-11-05 24064]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-11-05 43008]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-26 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-14 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/03/03 23:15];c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [2010-01-12 22:08 146928]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2010-07-27 75648]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-04 14648]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-11-05 27136]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-03 11576]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AWOPFilterDriver;AWOPFilterDriver;c:\windows\system32\drivers\AWOPFilterDriver.sys [2010-11-25 19464]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-21 51600]
S3 GUCI_AVS;iSlim 320;c:\windows\system32\DRIVERS\GUCI_AVS.sys [2009-07-15 632320]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 21:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-02 10038304]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-04 61256]
"Thermal Controller"="c:\program files\Alienware\Command Center\ThermalController.exe" [2010-05-04 167736]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2919168]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2007-12-10 323584]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: SmarThru4 Capture Selection - c:\program files (x86)\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files (x86)\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files (x86)\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files (x86)\SmarThru 4\WebCapture.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2012-12-10 09:19; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2012-12-11 20:41; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-14 19:11; {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF - ExtSQL: 2012-12-14 19:11; anticontainer@downthemall.net; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\anticontainer@downthemall.net.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{1C749E08-6B62-11E0-B6DA-075F4824019B} - (no file)
Toolbar-{bee9ae08-b4e5-4021-ae8b-0befc64d537b} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-568683601-764282583-1245057475-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e2,3a,59,29,07,9e,07,bf,7e,d3,73,5d,21,73,33,29,7f,97,91,37,25,
ec,eb,57,54,0e,c5,d6,d6,ec,a9,de,dc,36,cd,ea,71,2d,4d,21,74,ad,a1,7f,04,30,\
"rkeysecu"=hex:97,2a,a8,f7,61,0e,74,6c,b6,35,d5,0e,c9,4f,c9,ad
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-26 11:51:55
ComboFix-quarantined-files.txt 2012-12-26 10:51
ComboFix2.txt 2012-12-05 10:33
ComboFix3.txt 2012-12-03 12:05
.
Před spuštěním: Volných bajtů: 306 688 806 912
Po spuštění: Volných bajtů: 306 442 141 696
.
- - End Of File - - 0466C8B61D333D46FDEABFF70D3359D0

děkuji, přeji pěkné svátky a hodně štěstí, zdraví a málo virů do nového roku

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

File::
c:\windows\system32\Drivers\SSPORT.sys

Driver::
SSPORT

DDS::
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

[problemchild]

děkuji, přikládám log

Kód: Vybrat vše

ComboFix 12-12-02.01 - User 27.12.2012  17:31:15.5.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.420.1029.18.6135.4206 [GMT 1:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSPORT
-------\Service_SSPORT
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-11-27 do 2012-12-27  )))))))))))))))))))))))))))))))
.
.
2012-12-27 16:37 . 2012-12-27 16:37	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-12-27 16:37 . 2012-12-27 16:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-26 09:02 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B233C6E1-7A1D-486F-9613-379B28928AD4}\mpengine.dll
2012-12-21 09:02 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 09:02 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-21 09:02 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-21 09:02 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-17 20:29 . 2012-12-17 20:29	--------	d-----w-	c:\program files (x86)\Eidos
2012-12-17 20:28 . 2012-12-17 20:28	282756	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-12-17 20:28 . 2012-12-17 20:28	163972	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-12-17 20:28 . 2002-12-05 13:12	692224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-12-17 20:28 . 2002-12-05 13:10	155648	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-12-17 20:28 . 2002-12-02 14:22	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-12-17 20:28 . 2002-12-02 12:33	57344	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-12-17 20:28 . 2002-12-02 12:33	237568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-12-14 15:56 . 2012-12-14 15:56	--------	d-----w-	c:\users\User\AppData\Roaming\Anuman
2012-12-14 15:52 . 2012-12-14 15:53	--------	d-----w-	c:\program files (x86)\Red Johnsons Chronicles
2012-12-14 15:48 . 2012-12-14 15:48	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-14 15:44 . 2012-12-14 15:48	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2012-12-14 12:11 . 2012-12-17 09:48	--------	d-----w-	c:\program files (x86)\Polda 4
2012-12-13 13:30 . 2012-12-13 13:30	5955856	----a-w-	c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-12-12 13:34 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-12-12 13:34 . 2012-11-02 05:11	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-12-11 15:37 . 2012-12-11 15:36	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-10 11:26 . 2012-12-10 11:33	--------	d-----w-	c:\users\User\AppData\Roaming\Seznam.cz
2012-12-10 11:26 . 2012-12-10 11:27	--------	d--h--w-	c:\windows\msdownld.tmp
2012-12-05 09:30 . 2012-12-05 09:30	--------	d-----w-	c:\users\User\AppData\Local\Mozilla Firefox
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 15:45 . 2010-11-26 22:56	564824	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-12-12 13:38 . 2010-11-26 07:56	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-11 21:22 . 2012-05-05 05:18	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:22 . 2011-05-18 04:53	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 16:00 . 2012-10-30 16:00	280976	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-10-30 06:26 . 2012-10-30 06:26	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-10-28 12:35 . 2012-10-28 12:35	12464	----a-w-	c:\windows\SysWow64\drivers\SECDRV.SYS
2012-10-16 08:38 . 2012-11-28 17:50	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 17:50	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 17:50	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 21:07	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 21:07	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 21:07	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 21:07	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 13:36	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 21:07	1914248	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 21:07	303104	----a-w-	c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 21:07	70656	----a-w-	c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 21:07	246272	----a-w-	c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 21:07	18944	----a-w-	c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 21:07	216576	----a-w-	c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 21:07	569344	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 21:07	175104	----a-w-	c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 21:07	18944	----a-w-	c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 21:07	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 21:07	45568	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 16:11 . 2012-10-01 21:34	52736	----a-w-	c:\windows\ipuninst.exe
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-13 36864]
"KMCONFIG"="c:\program files (x86)\Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-01-12 75048]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe [2009-12-16 11520]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IconPackager.lnk - c:\program files (x86)\Stardock\MyColors\IconPackager.exe [2009-12-16 1387688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
"ContentTransferWMDetector.exe"=c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-04 14648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-11-05 43008]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2009-11-05 24064]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-11-05 43008]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-26 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-14 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/03/03 23:15];c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [2010-01-12 22:08 146928]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2010-07-27 75648]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-11-05 27136]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AWOPFilterDriver;AWOPFilterDriver;c:\windows\system32\drivers\AWOPFilterDriver.sys [2010-11-25 19464]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-21 51600]
S3 GUCI_AVS;iSlim 320;c:\windows\system32\DRIVERS\GUCI_AVS.sys [2009-07-15 632320]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 21:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-02 10038304]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-04 61256]
"Thermal Controller"="c:\program files\Alienware\Command Center\ThermalController.exe" [2010-05-04 167736]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2919168]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2007-12-10 323584]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: SmarThru4 Capture Selection - c:\program files (x86)\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files (x86)\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files (x86)\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files (x86)\SmarThru 4\WebCapture.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2012-12-10 09:19; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2012-12-11 20:41; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-14 19:11; {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF - ExtSQL: 2012-12-14 19:11; anticontainer@downthemall.net; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\7u6c0ben.default\extensions\anticontainer@downthemall.net.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{1C749E08-6B62-11E0-B6DA-075F4824019B} - (no file)
Toolbar-{bee9ae08-b4e5-4021-ae8b-0befc64d537b} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-568683601-764282583-1245057475-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e2,3a,59,29,07,9e,07,bf,7e,d3,73,5d,21,73,33,29,7f,97,91,37,25,
   ec,eb,57,54,0e,c5,d6,d6,ec,a9,de,dc,36,cd,ea,71,2d,4d,21,74,ad,a1,7f,04,30,\
"rkeysecu"=hex:97,2a,a8,f7,61,0e,74,6c,b6,35,d5,0e,c9,4f,c9,ad
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Mouse Driver\KMConfig.exe
c:\program files (x86)\Mouse Driver\KMProcess.exe
c:\program files\Alienware\Command Center\AlienFXHook32Mngr.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2012-12-27  17:43:50 - počítač byl restartován
ComboFix-quarantined-files.txt  2012-12-27 16:43
ComboFix2.txt  2012-12-26 10:51
ComboFix3.txt  2012-12-05 10:33
ComboFix4.txt  2012-12-03 12:05
.
Před spuštěním: Volných bajtů: 305 970 102 272
Po spuštění: Volných bajtů: 305 663 983 616
.
- - End Of File - - B29073530D35895CC8BB099D0AF6CF29

[motji]

¨Jak je na tom počítač?

[problemchild]

startuje rychleji, -procházet a uložit jako -nenaskakují, -uložit jako- naskakuje u acrobat readeru, u MSoffice ne

[motji]

Zeptám se kolegů

[motji]

Takže ani když chcete nahrát fotky na net,tak to nejde?

[problemchild]

přesně tak, nenabízí se mi možnost vybrat k nim cestu. Stejně jako nemohu použít "uložit jako"

[motji]

Teď na tomto pc nemám Mozillu, ale zkuste mrknout do nastavení mozilly, zda to nejde změnit.

[problemchild]

Zkusil jsem znova odinstalovat, a stáhnout, už jde stahovat z mozilly, mám ji bez jakýchkoli vylepšení adblock apod. Ulož jako v Office nefunguje. Umozilly jsem odškrtl vždy se dotázat na umístění uložení slouboru, tže se to stahuje do defaultní složky.

[motji]

A u MOzilly Vám nejde v nastavení změnit kam to chcete stahovat?

[problemchild]

To jde, ale mám pocit že když to nastavím tak se soubory nestahují, jak tomu bylo dřív. Teď nejsem doma asi až do pondělí, pak to zlusím

[motji]

Vy jste mi oříšek , zkuste

[problemchild]

Pokud chci nastavit stahovat do nějaké jiné def. složky, musím ji zadat metodou - procházet - , což nefunguje. ) btw klidně mi tykejte jsem Luděk

[motji]

Už se v tom začínám ztrácet .
S office Ti nepomůžu, ty nemám. A jak jsi psal, pokud v Mozille přímo vytyčíš, kde chceš stahovat, to nefunguje?