pomoc s logom

[Green1692]

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Martin [Práva Správcu]
Režim : Odebrať -- Dátum : 04/25/2014 19:13:31
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZANÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZANÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76898F34)
[Address] EAT @explorer.exe (DllGetClassObject) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76898FF0)
[Address] EAT @explorer.exe (FastMimeGetFileExtension) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x7687B720)
[Address] EAT @explorer.exe (FastMimeGetIsMimeFilterEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76875B20)
[Address] EAT @explorer.exe (FastMimeLookupKnownType) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76875A68)
[Address] EAT @explorer.exe (FastMimeSetIsMimeFilterEnabled) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76875FD8)
[Address] EAT @explorer.exe (IEGetFrameUtilExports) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76898DD0)
[Address] EAT @explorer.exe (IEGetProcessModule) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76898DB0)
[Address] EAT @explorer.exe (IEGetTabWindowExports) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x76898DC0)
[Address] EAT @explorer.exe (IERT_DelayLoadFailureHook) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x768991B0)
[Address] EAT @explorer.exe (ImpersonateUser) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x768A0C98)
[Address] EAT @explorer.exe (LCIECalculatePackedStringSize) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x7688B5A4)
[Address] EAT @explorer.exe (LCIEPackString) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x7688B684)
[Address] EAT @explorer.exe (LCIEUnpackString) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x7688B520)
[Address] EAT @explorer.exe (ResetIEExtensibility) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x768A1CF0)
[Address] EAT @explorer.exe (ResetIERegistrySettings) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x768A1AE0)
[Address] EAT @explorer.exe (RevertImpersonate) : WININET.dll -> HOOKED (C:\Windows\system32\iertutil.dll @ 0x768A0D18)

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] f01c25d13381ad5a5a3b829f29b8f377
[BSP] 70d612c5ce59166ebe123d5fe276d6d5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291863 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 598145024 | Size: 13181 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_04252014_191331.txt >>
RKreport[0]_S_04252014_104135.txt;RKreport[0]_S_04252014_191245.txt

[Reklama]

[Green1692]

ComboFix 14-04-20.01 - Martin . 04. 2014 19:19:50.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4063.2556 [GMT 2:00]
Running from: c:\users\Martin\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Files Created from 2014-03-25 to 2014-04-25 )))))))))))))))))))))))))))))))
.
.
2014-04-25 17:27 . 2014-04-25 17:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-25 15:29 . 2014-04-25 15:29 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9940BAF-4A71-4EB7-8CCB-B30E96FB9D94}\offreg.dll
2014-04-25 13:10 . 2014-04-25 13:10 -------- d-----w- c:\windows\system32\SPReview
2014-04-25 13:08 . 2014-04-25 13:08 -------- d-----w- c:\windows\system32\EventProviders
2014-04-25 13:07 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2014-04-25 13:07 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2014-04-25 13:07 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-04-25 08:25 . 2014-04-25 08:25 -------- d-----w- c:\windows\ERUNT
2014-04-25 08:17 . 2014-04-25 08:19 -------- d-----w- C:\AdwCleaner
2014-04-25 07:59 . 2010-11-20 13:27 263168 ----a-w- c:\windows\system32\spwizui.dll
2014-04-25 07:58 . 2010-11-20 13:33 14720 ----a-w- c:\windows\system32\drivers\hwpolicy.sys
2014-04-25 07:57 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2014-04-25 07:57 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2014-04-25 07:57 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2014-04-25 07:55 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-04-25 07:55 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-04-25 07:55 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-04-24 17:47 . 2014-04-24 17:47 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-24 17:47 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-24 17:47 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-24 17:47 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-24 17:11 . 2014-04-24 17:49 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-24 17:10 . 2014-04-24 17:10 -------- d-----w- c:\programdata\Malwarebytes
2014-04-24 17:00 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\VDLL.DLL
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\rundll16.exe
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\RUNDL132.EXE
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\logo1_.exe
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\logo_1.exe
2014-04-24 12:03 . 2014-04-24 12:03 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2014-04-24 12:03 . 2014-04-24 12:03 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2014-04-24 12:03 . 2014-04-24 12:03 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2014-04-24 12:03 . 2014-04-24 12:03 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2014-04-24 12:02 . 2014-04-24 12:03 -------- d-----w- c:\programdata\MicroWorld
2014-04-24 11:47 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-04-24 11:46 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-04-24 11:46 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-04-24 11:46 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-04-24 11:43 . 2014-04-24 11:43 -------- d-----w- c:\program files\CCleaner
2014-04-23 07:20 . 2014-04-25 16:40 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-04-22 20:05 . 2014-04-25 16:56 -------- d-----w- c:\windows\ehome
2014-04-22 20:05 . 2014-04-22 20:05 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2014-04-22 20:05 . 2014-04-22 20:05 -------- d-----r- c:\users\Public\Recorded TV
2014-04-22 17:04 . 2014-04-22 17:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-04-22 17:04 . 2014-04-22 17:06 -------- d-----r- c:\program files (x86)\Skype
2014-04-22 17:03 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-04-22 17:03 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2014-04-22 17:03 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2014-04-22 17:03 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-04-22 17:03 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-04-22 17:03 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-04-22 17:03 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-04-22 17:03 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-04-22 17:03 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-04-22 17:03 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-04-22 17:02 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-22 17:02 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-04-22 17:02 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-04-22 17:02 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-04-22 17:02 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-04-22 17:02 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-04-22 17:02 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-04-22 17:02 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-04-22 17:02 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-04-22 16:52 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2014-04-22 16:51 . 2006-03-31 10:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2014-04-22 16:29 . 2014-04-22 16:29 -------- d-----w- c:\windows\SysWow64\Wat
2014-04-22 16:29 . 2014-04-22 16:29 -------- d-----w- c:\windows\system32\Wat
2014-04-22 13:32 . 2014-04-22 13:32 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-04-22 13:30 . 2014-04-22 13:30 -------- dc----w- c:\windows\system32\DRVSTORE
2014-04-22 13:30 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-04-22 13:29 . 2014-04-22 13:30 -------- d-----w- c:\program files\Windows Live
2014-04-22 13:27 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-04-22 13:27 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-04-22 13:27 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-04-22 13:27 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-04-22 13:27 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-04-22 13:27 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2014-04-22 13:25 . 2014-04-22 13:25 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-04-22 13:07 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-04-22 13:03 . 2014-04-22 16:11 -------- d-----w- c:\program files (x86)\Aion
2014-04-22 12:44 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2014-04-22 12:44 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2014-04-22 12:44 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-04-22 12:44 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2014-04-22 12:44 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2014-04-22 12:44 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2014-04-22 12:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-22 12:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-22 12:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-22 12:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-22 12:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-22 12:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-22 12:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-22 12:32 . 2014-04-22 12:35 -------- d-----w- c:\windows\system32\MRT
2014-04-22 12:29 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-22 12:29 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-04-22 12:29 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-22 12:29 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-04-22 12:29 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-04-22 12:23 . 2014-04-22 12:24 -------- d-----w- c:\program files (x86)\Google
2014-04-22 12:21 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2014-04-22 12:21 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2014-04-22 12:21 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2014-04-22 12:21 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2014-04-22 12:21 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2014-04-22 12:21 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2014-04-22 12:21 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2014-04-22 12:21 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-22 12:20 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-04-22 12:20 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-04-22 12:20 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2014-04-22 12:20 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-04-22 12:20 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-04-22 12:18 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-22 12:18 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-22 12:18 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2014-04-22 12:18 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2014-04-22 12:18 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-22 12:18 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-04-22 12:16 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-04-22 12:15 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2014-04-22 12:14 . 2012-12-07 11:20 43520 ----a-w- c:\windows\system32\csrr.rs
2014-04-22 12:13 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-22 12:12 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-25 13:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-04-25 13:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-04-22 13:29 . 2010-06-24 09:33 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-22 13:01 . 2014-04-22 13:01 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-04-22 13:01 . 2014-04-22 13:01 249344 ----a-w- c:\windows\system32\webcheck.dll
2014-03-25 14:58 . 2014-04-23 09:02 28888 ----a-w- c:\windows\help\OEM\Scripts\HPSAObjectMetrics.exe
2014-03-24 16:31 . 2014-04-23 09:02 19840 ----a-w- c:\windows\help\OEM\Scripts\Solution_RecoveryPgm.exe
2014-03-21 12:15 . 2014-04-23 09:02 62264 ----a-w- c:\windows\help\OEM\Scripts\HPSAObjectsLibrary.dll
2014-03-21 11:49 . 2014-04-23 09:02 20184 ----a-w- c:\windows\help\OEM\Scripts\Solution_BackupAndRestoreLauncher.exe
2014-03-21 11:49 . 2014-04-23 09:02 21720 ----a-w- c:\windows\help\OEM\Scripts\PSGRedirector.exe
2014-03-18 16:04 . 2014-04-23 09:02 15064 ----a-w- c:\windows\help\OEM\Scripts\LaunchMsHelpTopic.exe
2014-03-11 09:35 . 2014-04-23 09:02 30936 ----a-w- c:\windows\help\OEM\Scripts\Detect_BackupPasswordReminder.exe
2014-02-12 15:00 . 2014-04-23 09:02 20184 ----a-w- c:\windows\help\OEM\Scripts\HC_GuestEnabled.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-07-17 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-09-18 148888]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-22 12:24 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22 12:23]
.
2014-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-22 12:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-18 171520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-04-22 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Completion time: 2014-04-25 19:36:15 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-25 17:36
.
Pre-Run: 237 126 336 512 bytes free
Post-Run: 236 692 078 592 bytes free
.
- - End Of File - - 7A8611CEE863D0C9F9C47AB72C088993
1E7DBE638BD97CB3CB6AED759F0DC92D

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Green1692]

ComboFix 14-04-20.01 - Martin . 04. 2014 12:09:51.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4063.2071 [GMT 2:00]
Running from: c:\users\Martin\Desktop\ComboFix.exe
Command switches used :: c:\users\Martin\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.23.9\goopdate.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.23.9\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.23.9\psmachine.dll
c:\program files (x86)\Google\Update\1.3.23.9\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.23.9\psuser.dll
c:\program files (x86)\Google\Update\1.3.23.9\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\34.0.1847.116\34.0.1847.116_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2014-03-26 to 2014-04-26 )))))))))))))))))))))))))))))))
.
.
2014-04-25 13:10 . 2014-04-25 13:10 -------- d-----w- c:\windows\system32\SPReview
2014-04-25 13:08 . 2014-04-25 13:08 -------- d-----w- c:\windows\system32\EventProviders
2014-04-25 13:07 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2014-04-25 13:07 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2014-04-25 13:07 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-04-25 08:25 . 2014-04-25 08:25 -------- d-----w- c:\windows\ERUNT
2014-04-25 08:17 . 2014-04-25 08:19 -------- d-----w- C:\AdwCleaner
2014-04-25 07:59 . 2010-11-20 13:27 263168 ----a-w- c:\windows\system32\spwizui.dll
2014-04-25 07:58 . 2010-11-20 13:33 14720 ----a-w- c:\windows\system32\drivers\hwpolicy.sys
2014-04-25 07:57 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2014-04-25 07:57 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2014-04-25 07:57 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2014-04-25 07:55 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-04-25 07:55 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-04-25 07:55 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-04-24 17:47 . 2014-04-24 17:47 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-24 17:47 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-24 17:47 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-24 17:47 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-24 17:11 . 2014-04-24 17:49 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-24 17:10 . 2014-04-24 17:10 -------- d-----w- c:\programdata\Malwarebytes
2014-04-24 17:00 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\VDLL.DLL
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\rundll16.exe
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\RUNDL132.EXE
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\logo1_.exe
2014-04-24 12:23 . 2014-04-24 12:23 -------- d---a-w- c:\windows\logo_1.exe
2014-04-24 12:03 . 2014-04-24 12:03 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2014-04-24 12:03 . 2014-04-24 12:03 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2014-04-24 12:03 . 2014-04-24 12:03 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2014-04-24 12:03 . 2014-04-24 12:03 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2014-04-24 12:02 . 2014-04-24 12:03 -------- d-----w- c:\programdata\MicroWorld
2014-04-24 11:47 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-04-24 11:46 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-04-24 11:46 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-04-24 11:46 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-04-24 11:43 . 2014-04-24 11:43 -------- d-----w- c:\program files\CCleaner
2014-04-23 07:20 . 2014-04-25 16:40 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-04-22 20:05 . 2014-04-25 16:56 -------- d-----w- c:\windows\ehome
2014-04-22 20:05 . 2014-04-22 20:05 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2014-04-22 20:05 . 2014-04-22 20:05 -------- d-----r- c:\users\Public\Recorded TV
2014-04-22 17:04 . 2014-04-22 17:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-04-22 17:04 . 2014-04-26 10:16 -------- d-----r- c:\program files (x86)\Skype
2014-04-22 17:03 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-04-22 17:03 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2014-04-22 17:03 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2014-04-22 17:03 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-04-22 17:03 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-04-22 17:03 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-04-22 17:03 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-04-22 17:03 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-04-22 17:03 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-04-22 17:03 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-04-22 17:02 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-22 17:02 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-04-22 17:02 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-04-22 17:02 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-04-22 17:02 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-04-22 17:02 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-04-22 17:02 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-04-22 17:02 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-04-22 17:02 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-04-22 16:52 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2014-04-22 16:51 . 2006-03-31 10:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2014-04-22 16:29 . 2014-04-22 16:29 -------- d-----w- c:\windows\SysWow64\Wat
2014-04-22 16:29 . 2014-04-22 16:29 -------- d-----w- c:\windows\system32\Wat
2014-04-22 13:32 . 2014-04-22 13:32 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-04-22 13:30 . 2014-04-22 13:30 -------- dc----w- c:\windows\system32\DRVSTORE
2014-04-22 13:30 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-04-22 13:29 . 2014-04-22 13:30 -------- d-----w- c:\program files\Windows Live
2014-04-22 13:27 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-04-22 13:27 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-04-22 13:27 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-04-22 13:27 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-04-22 13:27 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-04-22 13:27 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2014-04-22 13:25 . 2014-04-22 13:25 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-04-22 13:07 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-04-22 13:03 . 2014-04-22 16:11 -------- d-----w- c:\program files (x86)\Aion
2014-04-22 12:44 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2014-04-22 12:44 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2014-04-22 12:44 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-04-22 12:44 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2014-04-22 12:44 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2014-04-22 12:44 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2014-04-22 12:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-22 12:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-22 12:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-22 12:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-22 12:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-22 12:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-22 12:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-22 12:32 . 2014-04-22 12:35 -------- d-----w- c:\windows\system32\MRT
2014-04-22 12:29 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-22 12:29 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-04-22 12:29 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-22 12:29 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-04-22 12:29 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-04-22 12:23 . 2014-04-22 12:24 -------- d-----w- c:\program files (x86)\Google
2014-04-22 12:21 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2014-04-22 12:21 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2014-04-22 12:21 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2014-04-22 12:21 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2014-04-22 12:21 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2014-04-22 12:21 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2014-04-22 12:21 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2014-04-22 12:21 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-22 12:20 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-04-22 12:20 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-04-22 12:20 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2014-04-22 12:20 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-04-22 12:20 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-04-22 12:18 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-22 12:18 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-22 12:18 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2014-04-22 12:18 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2014-04-22 12:18 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2014-04-22 12:18 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-04-22 12:16 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-04-22 12:15 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2014-04-22 12:14 . 2012-12-07 11:20 43520 ----a-w- c:\windows\system32\csrr.rs
2014-04-22 12:13 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-22 12:12 . 2011-02-05 17:10 642944 ----a-w- c:\windows\system32\winload.efi
2014-04-22 12:12 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\winload.exe
2014-04-22 12:12 . 2011-02-05 17:10 20352 ----a-w- c:\windows\system32\kdusb.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 10:12 . 2014-04-26 10:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9940BAF-4A71-4EB7-8CCB-B30E96FB9D94}\offreg.dll
2014-04-25 13:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-04-25 13:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-04-22 13:29 . 2010-06-24 09:33 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-22 13:01 . 2014-04-22 13:01 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-04-22 13:01 . 2014-04-22 13:01 249344 ----a-w- c:\windows\system32\webcheck.dll
2014-04-17 03:31 . 2014-04-22 11:37 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9940BAF-4A71-4EB7-8CCB-B30E96FB9D94}\mpengine.dll
2014-03-25 14:58 . 2014-04-23 09:02 28888 ----a-w- c:\windows\help\OEM\Scripts\HPSAObjectMetrics.exe
2014-03-24 16:31 . 2014-04-23 09:02 19840 ----a-w- c:\windows\help\OEM\Scripts\Solution_RecoveryPgm.exe
2014-03-21 12:15 . 2014-04-23 09:02 62264 ----a-w- c:\windows\help\OEM\Scripts\HPSAObjectsLibrary.dll
2014-03-21 11:49 . 2014-04-23 09:02 20184 ----a-w- c:\windows\help\OEM\Scripts\Solution_BackupAndRestoreLauncher.exe
2014-03-21 11:49 . 2014-04-23 09:02 21720 ----a-w- c:\windows\help\OEM\Scripts\PSGRedirector.exe
2014-03-18 16:04 . 2014-04-23 09:02 15064 ----a-w- c:\windows\help\OEM\Scripts\LaunchMsHelpTopic.exe
2014-03-11 09:35 . 2014-04-23 09:02 30936 ----a-w- c:\windows\help\OEM\Scripts\Detect_BackupPasswordReminder.exe
2014-02-12 15:00 . 2014-04-23 09:02 20184 ----a-w- c:\windows\help\OEM\Scripts\HC_GuestEnabled.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-07-17 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-09-18 148888]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-22 12:24 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-18 171520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-04-22 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
.
**************************************************************************
.
Completion time: 2014-04-26 12:25:17 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-26 10:25
ComboFix2.txt 2014-04-25 17:36
.
Pre-Run: 234 026 614 784 bytes free
Post-Run: 234 064 560 128 bytes free
.
- - End Of File - - C9426AE36994A07C4F44CF71F544704C
1E7DBE638BD97CB3CB6AED759F0DC92D

[Green1692]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:19, on 26. 4. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)


Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Martin\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10728 bytes

[Green1692]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-26 12:33:00
-----------------------------
12:33:00.948 OS Version: Windows x64 6.1.7601 Service Pack 1
12:33:00.948 Number of processors: 2 586 0x170A
12:33:00.949 ComputerName: MARTIN-PC UserName: Martin
12:33:01.750 Initialize success
12:33:10.287 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:33:10.297 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
12:33:10.617 Disk 0 MBR read successfully
12:33:10.627 Disk 0 MBR scan
12:33:10.627 Disk 0 unknown MBR code
12:33:10.637 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
12:33:10.647 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 291863 MB offset 409600
12:33:10.677 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13181 MB offset 598145024
12:33:10.717 Disk 0 scanning C:\Windows\system32\drivers
12:33:16.841 Service scanning
12:33:29.613 Modules scanning
12:33:29.623 Disk 0 trace - called modules:
12:33:29.653 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:33:29.663 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ca9790]
12:33:29.663 3 CLASSPNP.SYS[fffff8800109143f] -> nt!IofCallDriver -> [0xfffffa8004ca6950]
12:33:29.673 5 hpdskflt.sys[fffff88001c02289] -> nt!IofCallDriver -> [0xfffffa8004ae13f0]
12:33:29.683 7 ACPI.sys[fffff88000f307a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b11060]
12:33:29.683 Scan finished successfully
12:34:12.104 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
12:34:12.117 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-26 12:33:00
-----------------------------
12:33:00.948 OS Version: Windows x64 6.1.7601 Service Pack 1
12:33:00.948 Number of processors: 2 586 0x170A
12:33:00.949 ComputerName: MARTIN-PC UserName: Martin
12:33:01.750 Initialize success
12:33:10.287 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:33:10.297 Disk 0 Vendor: WDC_WD3200BEKT-60F3T1 12.01A12 Size: 305245MB BusType: 11
12:33:10.617 Disk 0 MBR read successfully
12:33:10.627 Disk 0 MBR scan
12:33:10.627 Disk 0 unknown MBR code
12:33:10.637 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
12:33:10.647 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 291863 MB offset 409600
12:33:10.677 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13181 MB offset 598145024
12:33:10.717 Disk 0 scanning C:\Windows\system32\drivers
12:33:16.841 Service scanning
12:33:29.613 Modules scanning
12:33:29.623 Disk 0 trace - called modules:
12:33:29.653 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:33:29.663 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ca9790]
12:33:29.663 3 CLASSPNP.SYS[fffff8800109143f] -> nt!IofCallDriver -> [0xfffffa8004ca6950]
12:33:29.673 5 hpdskflt.sys[fffff88001c02289] -> nt!IofCallDriver -> [0xfffffa8004ae13f0]
12:33:29.683 7 ACPI.sys[fffff88000f307a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b11060]
12:33:29.683 Scan finished successfully
12:34:12.104 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
12:34:12.117 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"
12:34:21.836 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
12:34:21.848 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

[Orcus]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[Green1692]

# Username : Martin - MARTIN-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Martin\Desktop\RK_Quarantine
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.0.0.33_25.04.2014_10.44.46_log.txt
Deleted : C:\Users\Martin\Desktop\adwcleaner.exe
Deleted : C:\Users\Martin\Desktop\aswmbr.exe
Deleted : C:\Users\Martin\Desktop\aswMBR.txt
Deleted : C:\Users\Martin\Desktop\ComboFix.exe
Deleted : C:\Users\Martin\Desktop\JRT.exe
Deleted : C:\Users\Martin\Desktop\HijackThis.exe
Deleted : C:\Users\Martin\Desktop\hijackthis.log
Deleted : C:\Users\Martin\Desktop\MBR.dat
Deleted : C:\Users\Martin\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Martin\Desktop\TDSSKiller.exe
Deleted : C:\Users\Martin\Downloads\aswmbr.exe
Deleted : C:\Users\Martin\Downloads\HijackThis.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #12 [Windows 7 Service Pack 1 | 04/25/2014 13:10:01]
Deleted : RP #13 [Windows Update | 04/26/2014 10:43:27]
Deleted : RP #14 [Windows Update | 04/26/2014 11:01:08]

New restore point created !

########## - EOF - ##########

[Green1692]

problemy zatial vse poriadku jedine co tak mam trochu spomaleny pc

[Green1692]

este by som sa chcel spitat ked si hodim cez antivirak tak mi vipisuje toto co to je ?
C:\hiberfil.sys - chyba pri otváraní
C:\pagefile.sys - chyba pri otváraní
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log - chyba pri otváraní
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb - chyba pri otváraní
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - chyba pri otváraní
C:\ProgramData\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock - chyba pri otváraní
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S1.CAB » CAB » IE_1.CAB » CAB » MSHTML.TLB - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S2.CAB » CAB » IE_2.CAB » CAB » MSHTML.TLB - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S2.CAB » CAB » IE_2.CAB » CAB » WININET.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S3.CAB » CAB » IE_3.CAB » CAB » WININET.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S3.CAB » CAB » IE_3.CAB » CAB » MSXML3.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S4.CAB » CAB » IE_4.CAB » CAB » MSXML3.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S4.CAB » CAB » IE_4.CAB » CAB » BROWSEWM.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S5.CAB » CAB » IE_5.CAB » CAB » BROWSEWM.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S5.CAB » CAB » IE_5.CAB » CAB » BROWSELC.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S5.CAB » CAB » IE_5.CAB » CAB » MSLS31.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S6.CAB » CAB » IE_6.CAB » CAB » MSLS31.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IE_S6.CAB » CAB » IE_6.CAB » CAB » MMUTILSE.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S1.CAB » CAB » IENT_1.CAB » CAB » MSHTML.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S2.CAB » CAB » IENT_2.CAB » CAB » MSHTML.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S2.CAB » CAB » IENT_2.CAB » CAB » JSCRIPT.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S3.CAB » CAB » IENT_3.CAB » CAB » JSCRIPT.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S3.CAB » CAB » IENT_3.CAB » CAB » MSXML3.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S4.CAB » CAB » IENT_4.CAB » CAB » MSXML3.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S4.CAB » CAB » IENT_4.CAB » CAB » BROWSEUI.DLL - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S5.CAB » CAB » IENT_5.CAB » CAB » BROWSEUI.DLL - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S5.CAB » CAB » IENT_5.CAB » CAB » inseng.dll - nemôžem nájsť ďalší diel archívu
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S6.CAB » CAB » IENT_6.CAB » CAB » inseng.dll - archív je poškodený a súbor nemôže byť extrahovaný
C:\SwSetup\MSWorks_Inst\Redist\IE6\IENT_S6.CAB » CAB » IENT_6.CAB » CAB » iesetup.dll - archív je poškodený a súbor nemôže byť extrahovaný
C:\System Volume Information\Syscache.hve - chyba pri otváraní
C:\System Volume Information\Syscache.hve.LOG1 - chyba pri otváraní
C:\System Volume Information\Syscache.hve.LOG2 - chyba pri otváraní
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - chyba pri otváraní
C:\System Volume Information\{9d973607-cd4c-11e3-8cb3-0027132c5c33}{3808876b-c176-4e48-b7ae-04046e6cc752} - chyba pri otváraní
C:\System Volume Information\{e5ae3502-cd4a-11e3-a408-0027132c5c33}{3808876b-c176-4e48-b7ae-04046e6cc752} - chyba pri otváraní
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log - chyba pri otváraní
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb - chyba pri otváraní
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb - chyba pri otváraní
C:\Users\All Users\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock - chyba pri otváraní
C:\Users\Martin\NTUSER.DAT - chyba pri otváraní
C:\Users\Martin\ntuser.dat.LOG1 - chyba pri otváraní
C:\Users\Martin\ntuser.dat.LOG2 - chyba pri otváraní
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Current Session - chyba pri otváraní
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Current Tabs - chyba pri otváraní
C:\Users\Martin\AppData\Local\Microsoft\Windows\UsrClass.dat - chyba pri otváraní
C:\Users\Martin\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - chyba pri otváraní
C:\Users\Martin\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\DataRv\offline-storage.data - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\martins1692\bistats.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\martins1692\keyval.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\martins1692\main.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\martins1692\msn.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\martins1692\statistics.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\shared_dynco\dc.lock - chyba pri otváraní
C:\Users\Martin\AppData\Roaming\Skype\shared_httpfe\queue.lock - chyba pri otváraní
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-console-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-datetime-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-debug-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-delayload-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-errorhandling-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-fibers-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-file-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-handle-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-heap-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-interlocked-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-io-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-libraryloader-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-localization-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-localregistry-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-memory-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-misc-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-namedpipe-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-processenvironment-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-processthreads-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-profile-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-rtlsupport-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-string-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-synch-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-sysinfo-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-threadpool-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-util-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-core-xstate-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-security-base-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-security-lsalookup-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-security-sddl-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-service-core-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-service-management-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-service-management-l2-1-0.dll - chyba - súbor je chránený heslom
C:\Users\Martin\Documents\pinfect.zip » ZIP » api-ms-win-service-winsvc-l1-1-0.dll - chyba - súbor je chránený heslom
C:\Windows\assembly\GACLock.dat - chyba pri otváraní
C:\Windows\Installer\5b88a.msi » MSI » required.cab » CAB - vyskytol sa problém pri čítaní archívu
C:\Windows\Installer\b2348.msp - chyba pri otváraní
C:\Windows\Installer\b234b.ipi - chyba pri otváraní
C:\Windows\Installer\MSIFCAE.tmp - chyba pri otváraní
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - chyba pri otváraní
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - chyba pri otváraní
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - chyba pri otváraní
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - chyba pri otváraní
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - chyba pri otváraní
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - chyba pri otváraní
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - chyba pri otváraní
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - chyba pri otváraní
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - chyba pri otváraní
C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - chyba pri otváraní
C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log - chyba pri otváraní
C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb - chyba pri otváraní
C:\Windows\SoftwareDistribution\Download\be79a3749d7a58e911544b54e226d45d\mainwwsp3.cab » CAB » mainwwsp3.msp - dekompresia neprebehla, preverte, či je dostatok pamäte a voľného miesta na disku
C:\Windows\SoftwareDistribution\EventCache\{7A275EA6-D98E-46A1-9DDF-3693342D766B}.bin - chyba pri otváraní
C:\Windows\System32\catroot2\edb.log - chyba pri otváraní
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - chyba pri otváraní
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - chyba pri otváraní
C:\Windows\Temp\TMP00000027E2D874D2A83D4F02 - chyba pri otváraní

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)


Ty problémy---poškozený win nebo disk.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Green1692]

----------------------------------------------------------------------------
CrystalDiskInfo 6.1.10 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2014/04/27 10:25:10

-- Controller Map ----------------------------------------------------------
+ Standard AHCI 1.0 Serial ATA Controller [ATA]
+ ATA Channel 0 (0)
- WDC WD3200BEKT-60F3T1 ATA Device
+ ATA Channel 1 (1)
- hp CDDVDW TS-L633M ATA Device
- ATA Channel 4 (4)
- ATA Channel 5 (5)

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEKT-60F3T1 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BEKT-60F3T1
----------------------------------------------------------------------------
Model : WDC WD3200BEKT-60F3T1
Firmware : 12.01A12
Serial Number : WD-WXC0A9998502
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 16509 hod.
Power On Count : 3687 krát
Temperature : 53 C (127 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 177 176 _21 000000000866 Čas na roztočení ploten
04 _97 _97 __0 000000000E99 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _78 _78 __0 00000000407D Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000E67 Počet cyklů zapnutí zařízení
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 __1 __0 0000000000AF Ohlášeno neopravitelných chyb
BC 100 _90 __0 00000000022E Časový limit příkazu
BE _47 _37 _40 000000000035 Teplota toku vzduchu
BF __2 __2 __0 000000000062 Počet udalostí zaznamenaných otřesovým senzorem
C0 199 199 __0 00000000056C Počet vypnutí disku
C1 157 157 __0 0000000202D7 Počet cyklů načítání/vymazání
C2 _94 _84 __0 000000000035 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4330 4139 3939 3835 3032
020: 0000 8000 0032 3132 2E30 3141 3132 5744 4320 5744
030: 3332 3030 4245 4B54 2D36 3046 3354 3120 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 0048
080: 01FE 0000 706B 7C09 6123 7069 BC09 6123 203F 0026
090: 0026 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 58C4 F372 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 16B3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FCA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B1 B0 66 08 00 00 00 00 00 04 32 00 61 61 99
020: 0E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 4E 4E 7D 40 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 67 0E 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 01 AF
080: 00 00 00 00 00 00 BC 32 00 64 5A 2E 02 00 00 00
090: 00 00 BE 22 00 2F 25 35 00 00 00 00 00 00 BF 32
0A0: 00 02 02 62 00 00 00 00 00 00 C0 32 00 C7 C7 6C
0B0: 05 00 00 00 00 00 C1 32 00 9D 9D D7 02 02 00 00
0C0: 00 00 C2 22 00 5E 54 35 00 00 00 00 00 00 C4 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0E0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0F0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 09
100: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 88 1D 01 51
170: 03 00 01 00 02 5B 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 96

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 33
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3F