Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
win 7 home security 2012
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: win 7 home security 2012
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.
Re: win 7 home security 2012
Pc se zda byt ok, pracovat muzu, internet jede , filmy taky jdou. Jen mam problem s tim ze se nedostanu pres tento pocitac do document and settings, ale pres total comander to jde. Nechapu a nevim jestli to necemu vadi a taky nevim jestli to muze souviset s tim co jsme provadeli.
JEste jsem ted zjistil, ze nemam kontrolu nad Avirou, takze nevim jestli antivir bezi nebo ne nedostanu se na nej. Asi ho preinstaluju.
--------------------
tak tohle uz jsem vyresil bylo to blokovan ypres mistni zasadsy a zabezpeceni a bloknul jsem si to ja sam... omylem
Pokud je to vse tak vam moc dekuji za pomoc
Jste 1.
JEste jsem ted zjistil, ze nemam kontrolu nad Avirou, takze nevim jestli antivir bezi nebo ne nedostanu se na nej. Asi ho preinstaluju.
--------------------
tak tohle uz jsem vyresil bylo to blokovan ypres mistni zasadsy a zabezpeceni a bloknul jsem si to ja sam... omylem
Pokud je to vse tak vam moc dekuji za pomoc
Jste 1. Re: win 7 home security 2012
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Aviru bych pro jistotu preinstaloval, ci ji havet neposkodila 
A poprosim o novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: win 7 home security 2012
Logfile of random's system information tool 1.08 (written by random/random)
Run by Qwertown at 2011-07-07 20:48:31
Microsoft Windows 7 Ultimate
System drive C: has 20 GB (38%) free of 54 GB
Total RAM: 6142 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:36, on 7.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Qwertown.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8081 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000698
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
WLIDSvcM.exe 2136
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3828 CREDAT:79874
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-195626693-1238686875-1063126848-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-195626693-1238686875-1063126848-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Qwertown\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"ActivControl"=C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe [2008-07-18 1695744]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 336384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-07-07 20:48:31 ----D---- C:\rsit
2011-07-07 20:39:55 ----D---- C:\Program Files\CCleaner
2011-07-06 19:35:35 ----D---- C:\$RECYCLE.BIN
2011-06-21 20:27:48 ----A---- C:\Windows\SYSWOW64\~.tmp
2011-06-19 08:24:57 ----D---- C:\Users\Qwertown\AppData\Roaming\SynthMaker
2011-06-17 16:53:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-06-17 16:50:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-06-17 16:50:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-06-17 16:50:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-06-17 16:50:17 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-06-17 16:50:17 ----A---- C:\Windows\system32\EncDec.dll
2011-06-17 16:50:17 ----A---- C:\Windows\system32\CPFilters.dll
2011-06-17 16:50:16 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-06-17 16:50:16 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-06-17 16:50:16 ----A---- C:\Windows\system32\sbe.dll
2011-06-17 16:50:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-17 16:50:14 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-17 16:50:13 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-17 16:49:58 ----A---- C:\Windows\system32\mshtml.dll
2011-06-17 16:49:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-06-17 16:49:55 ----A---- C:\Windows\system32\ieframe.dll
2011-06-17 16:49:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-06-17 16:49:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-06-17 16:49:52 ----A---- C:\Windows\system32\urlmon.dll
2011-06-17 16:49:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-06-17 16:49:51 ----A---- C:\Windows\system32\wininet.dll
2011-06-17 16:49:51 ----A---- C:\Windows\system32\iertutil.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-06-17 16:49:50 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\mstime.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\iepeers.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-17 16:49:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\ieui.dll
2011-06-17 16:49:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-17 16:49:43 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-17 16:49:25 ----A---- C:\Windows\system32\winload.exe
2011-06-17 16:49:24 ----A---- C:\Windows\system32\winresume.exe
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kdusb.dll
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kdcom.dll
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kd1394.dll
2011-06-17 16:49:22 ----A---- C:\Windows\system32\win32k.sys
2011-06-17 16:49:20 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-06-17 16:49:20 ----A---- C:\Windows\system32\mfc42u.dll
2011-06-17 16:49:20 ----A---- C:\Windows\system32\mfc42.dll
2011-06-17 16:49:19 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-17 16:49:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\system32\vbscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\system32\jscript.dll
2011-06-17 16:49:12 ----A---- C:\Windows\system32\mstscax.dll
2011-06-17 16:49:11 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-06-17 16:49:11 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-06-17 16:49:11 ----A---- C:\Windows\system32\mstsc.exe
2011-06-17 16:49:09 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-06-17 16:49:09 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-17 16:49:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-06-17 16:49:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnsapi.dll
2011-06-17 16:49:06 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-06-17 16:49:06 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-06-17 16:49:06 ----A---- C:\Windows\system32\atmlib.dll
2011-06-17 16:49:06 ----A---- C:\Windows\system32\atmfd.dll
2011-06-17 16:49:05 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-17 16:45:35 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-06-17 16:45:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-17 16:45:07 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-17 16:45:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-06-16 21:45:09 ----D---- C:\Windows\ERDNT
2011-06-16 21:05:22 ----D---- C:\Program Files\trend micro
2011-06-16 19:11:44 ----D---- C:\ProgramData\PC Tools
======List of files/folders modified in the last 1 months======
2011-07-07 20:41:53 ----D---- C:\Users\Qwertown\AppData\Roaming\DAEMON Tools Lite
2011-07-07 20:41:51 ----D---- C:\Users\Qwertown\AppData\Roaming\uTorrent
2011-07-07 20:41:40 ----D---- C:\Windows\Minidump
2011-07-07 20:41:40 ----D---- C:\Windows\Logs
2011-07-07 20:41:40 ----D---- C:\Windows\debug
2011-07-07 20:41:40 ----D---- C:\Windows
2011-07-07 20:41:21 ----D---- C:\Windows\System32
2011-07-07 20:41:21 ----D---- C:\Windows\inf
2011-07-07 20:41:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-07 20:39:55 ----RD---- C:\Program Files
2011-07-07 20:39:37 ----D---- C:\Install
2011-07-07 20:38:05 ----D---- C:\Windows\Temp
2011-07-07 20:34:22 ----D---- C:\Windows\Prefetch
2011-07-07 20:33:46 ----D---- C:\Windows\system32\config
2011-07-07 20:27:31 ----SHD---- C:\Windows\Installer
2011-07-07 20:21:55 ----RSD---- C:\Windows\assembly
2011-07-07 20:21:36 ----SHD---- C:\System Volume Information
2011-07-07 20:20:56 ----D---- C:\Windows\system32\drivers
2011-07-07 20:15:00 ----D---- C:\ProgramData
2011-07-07 08:40:18 ----D---- C:\Users\Qwertown\AppData\Roaming\ICQ
2011-07-06 19:35:40 ----A---- C:\Windows\system.ini
2011-07-06 19:35:30 ----D---- C:\Windows\system32\drivers\etc
2011-07-06 19:32:59 ----D---- C:\Windows\Tasks
2011-07-06 19:32:58 ----D---- C:\Windows\SysWOW64
2011-07-06 19:25:53 ----D---- C:\Windows\SYSWOW64\drivers
2011-07-06 19:25:53 ----D---- C:\Windows\AppPatch
2011-07-06 19:25:50 ----D---- C:\Program Files\Common Files
2011-07-06 19:25:50 ----D---- C:\Program Files (x86)\Common Files
2011-07-06 18:58:24 ----HD---- C:\Windows\system32\GroupPolicy
2011-07-06 18:22:08 ----SD---- C:\Users\Qwertown\AppData\Roaming\Microsoft
2011-07-04 07:33:09 ----D---- C:\Windows\system32\catroot
2011-07-02 07:42:20 ----D---- C:\Users\Qwertown\AppData\Roaming\dvdcss
2011-07-01 20:36:13 ----D---- C:\Users\Qwertown\AppData\Roaming\GARMIN
2011-06-28 21:11:41 ----D---- C:\Windows\system32\catroot2
2011-06-21 20:28:09 ----D---- C:\Windows\system32\FxsTmp
2011-06-18 21:24:29 ----D---- C:\Windows\Microsoft.NET
2011-06-17 20:43:23 ----D---- C:\Windows\winsxs
2011-06-17 20:29:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-17 18:27:51 ----D---- C:\Windows\SYSWOW64\migration
2011-06-17 18:27:51 ----D---- C:\Program Files\Internet Explorer
2011-06-17 18:27:51 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-17 18:27:50 ----D---- C:\Windows\system32\migration
2011-06-17 18:27:48 ----D---- C:\Windows\system32\Boot
2011-06-17 16:53:28 ----RD---- C:\Program Files (x86)
2011-06-16 06:49:24 ----D---- C:\Windows\SYSWOW64\sysprep
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-07-04 123784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-01 254528]
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2009-09-17 15416]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-07-04 88288]
R2 WinFLdrv;WinFLdrv; C:\Windows\SysWOW64\WinFLdrv.sys [2010-08-28 21888]
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys [2008-06-16 65536]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-14 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720]
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys [2008-06-16 7168]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2009-09-17 16952]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2008-01-02 145024]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2009-09-17 22584]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-07-04 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-09-05 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-09-05 107832]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2010-09-30 3628672]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Run by Qwertown at 2011-07-07 20:48:31
Microsoft Windows 7 Ultimate
System drive C: has 20 GB (38%) free of 54 GB
Total RAM: 6142 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:36, on 7.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Qwertown.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8081 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000698
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
WLIDSvcM.exe 2136
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3828 CREDAT:79874
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-195626693-1238686875-1063126848-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-195626693-1238686875-1063126848-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Qwertown\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"ActivControl"=C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe [2008-07-18 1695744]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 336384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-07-07 20:48:31 ----D---- C:\rsit
2011-07-07 20:39:55 ----D---- C:\Program Files\CCleaner
2011-07-06 19:35:35 ----D---- C:\$RECYCLE.BIN
2011-06-21 20:27:48 ----A---- C:\Windows\SYSWOW64\~.tmp
2011-06-19 08:24:57 ----D---- C:\Users\Qwertown\AppData\Roaming\SynthMaker
2011-06-17 16:53:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-06-17 16:50:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-06-17 16:50:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-06-17 16:50:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-06-17 16:50:17 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-06-17 16:50:17 ----A---- C:\Windows\system32\EncDec.dll
2011-06-17 16:50:17 ----A---- C:\Windows\system32\CPFilters.dll
2011-06-17 16:50:16 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-06-17 16:50:16 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-06-17 16:50:16 ----A---- C:\Windows\system32\sbe.dll
2011-06-17 16:50:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-17 16:50:14 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-17 16:50:13 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-17 16:49:58 ----A---- C:\Windows\system32\mshtml.dll
2011-06-17 16:49:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-06-17 16:49:55 ----A---- C:\Windows\system32\ieframe.dll
2011-06-17 16:49:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-06-17 16:49:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-06-17 16:49:52 ----A---- C:\Windows\system32\urlmon.dll
2011-06-17 16:49:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-06-17 16:49:51 ----A---- C:\Windows\system32\wininet.dll
2011-06-17 16:49:51 ----A---- C:\Windows\system32\iertutil.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-06-17 16:49:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-06-17 16:49:50 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-06-17 16:49:49 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\mstime.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\iepeers.dll
2011-06-17 16:49:49 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-06-17 16:49:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-17 16:49:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-17 16:49:48 ----A---- C:\Windows\system32\ieui.dll
2011-06-17 16:49:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-17 16:49:43 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-17 16:49:25 ----A---- C:\Windows\system32\winload.exe
2011-06-17 16:49:24 ----A---- C:\Windows\system32\winresume.exe
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kdusb.dll
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kdcom.dll
2011-06-17 16:49:24 ----A---- C:\Windows\system32\kd1394.dll
2011-06-17 16:49:22 ----A---- C:\Windows\system32\win32k.sys
2011-06-17 16:49:20 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-06-17 16:49:20 ----A---- C:\Windows\system32\mfc42u.dll
2011-06-17 16:49:20 ----A---- C:\Windows\system32\mfc42.dll
2011-06-17 16:49:19 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-17 16:49:18 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-17 16:49:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\system32\vbscript.dll
2011-06-17 16:49:15 ----A---- C:\Windows\system32\jscript.dll
2011-06-17 16:49:12 ----A---- C:\Windows\system32\mstscax.dll
2011-06-17 16:49:11 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-06-17 16:49:11 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-06-17 16:49:11 ----A---- C:\Windows\system32\mstsc.exe
2011-06-17 16:49:09 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-06-17 16:49:09 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-17 16:49:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-06-17 16:49:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-06-17 16:49:07 ----A---- C:\Windows\system32\dnsapi.dll
2011-06-17 16:49:06 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-06-17 16:49:06 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-06-17 16:49:06 ----A---- C:\Windows\system32\atmlib.dll
2011-06-17 16:49:06 ----A---- C:\Windows\system32\atmfd.dll
2011-06-17 16:49:05 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-17 16:45:35 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-06-17 16:45:07 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-17 16:45:07 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-17 16:45:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-06-16 21:45:09 ----D---- C:\Windows\ERDNT
2011-06-16 21:05:22 ----D---- C:\Program Files\trend micro
2011-06-16 19:11:44 ----D---- C:\ProgramData\PC Tools
======List of files/folders modified in the last 1 months======
2011-07-07 20:41:53 ----D---- C:\Users\Qwertown\AppData\Roaming\DAEMON Tools Lite
2011-07-07 20:41:51 ----D---- C:\Users\Qwertown\AppData\Roaming\uTorrent
2011-07-07 20:41:40 ----D---- C:\Windows\Minidump
2011-07-07 20:41:40 ----D---- C:\Windows\Logs
2011-07-07 20:41:40 ----D---- C:\Windows\debug
2011-07-07 20:41:40 ----D---- C:\Windows
2011-07-07 20:41:21 ----D---- C:\Windows\System32
2011-07-07 20:41:21 ----D---- C:\Windows\inf
2011-07-07 20:41:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-07 20:39:55 ----RD---- C:\Program Files
2011-07-07 20:39:37 ----D---- C:\Install
2011-07-07 20:38:05 ----D---- C:\Windows\Temp
2011-07-07 20:34:22 ----D---- C:\Windows\Prefetch
2011-07-07 20:33:46 ----D---- C:\Windows\system32\config
2011-07-07 20:27:31 ----SHD---- C:\Windows\Installer
2011-07-07 20:21:55 ----RSD---- C:\Windows\assembly
2011-07-07 20:21:36 ----SHD---- C:\System Volume Information
2011-07-07 20:20:56 ----D---- C:\Windows\system32\drivers
2011-07-07 20:15:00 ----D---- C:\ProgramData
2011-07-07 08:40:18 ----D---- C:\Users\Qwertown\AppData\Roaming\ICQ
2011-07-06 19:35:40 ----A---- C:\Windows\system.ini
2011-07-06 19:35:30 ----D---- C:\Windows\system32\drivers\etc
2011-07-06 19:32:59 ----D---- C:\Windows\Tasks
2011-07-06 19:32:58 ----D---- C:\Windows\SysWOW64
2011-07-06 19:25:53 ----D---- C:\Windows\SYSWOW64\drivers
2011-07-06 19:25:53 ----D---- C:\Windows\AppPatch
2011-07-06 19:25:50 ----D---- C:\Program Files\Common Files
2011-07-06 19:25:50 ----D---- C:\Program Files (x86)\Common Files
2011-07-06 18:58:24 ----HD---- C:\Windows\system32\GroupPolicy
2011-07-06 18:22:08 ----SD---- C:\Users\Qwertown\AppData\Roaming\Microsoft
2011-07-04 07:33:09 ----D---- C:\Windows\system32\catroot
2011-07-02 07:42:20 ----D---- C:\Users\Qwertown\AppData\Roaming\dvdcss
2011-07-01 20:36:13 ----D---- C:\Users\Qwertown\AppData\Roaming\GARMIN
2011-06-28 21:11:41 ----D---- C:\Windows\system32\catroot2
2011-06-21 20:28:09 ----D---- C:\Windows\system32\FxsTmp
2011-06-18 21:24:29 ----D---- C:\Windows\Microsoft.NET
2011-06-17 20:43:23 ----D---- C:\Windows\winsxs
2011-06-17 20:29:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-17 18:27:51 ----D---- C:\Windows\SYSWOW64\migration
2011-06-17 18:27:51 ----D---- C:\Program Files\Internet Explorer
2011-06-17 18:27:51 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-17 18:27:50 ----D---- C:\Windows\system32\migration
2011-06-17 18:27:48 ----D---- C:\Windows\system32\Boot
2011-06-17 16:53:28 ----RD---- C:\Program Files (x86)
2011-06-16 06:49:24 ----D---- C:\Windows\SYSWOW64\sysprep
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-07-04 123784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-01 254528]
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2009-09-17 15416]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-07-04 88288]
R2 WinFLdrv;WinFLdrv; C:\Windows\SysWOW64\WinFLdrv.sys [2010-08-28 21888]
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys [2008-06-16 65536]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-14 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720]
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys [2008-06-16 7168]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2009-09-17 16952]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2008-01-02 145024]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2009-09-17 22584]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-07-04 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-09-05 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-09-05 107832]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2010-09-30 3628672]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Re: win 7 home security 2012
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Jinak v poradku 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: win 7 home security 2012
Tak jeste jednou moc pekne dekuji
Re: win 7 home security 2012
Nemate zac, rad jsem pomohl Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: win 7 home security 2012
Dobrý den, mám stejný problém a jak jsem se dočetl hned na začátku, každý problém se řeší na míru... přikládám tedy RSIT log.
Předem dík za odpověď.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2011-07-10 21:57:43
Microsoft Windows 7 Ultimate
System drive C: has 7 GB (13%) free of 58 GB
Total RAM: 4095 MB (72% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Users\Jirka\AppData\Local\lmr.exe" -a "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Jirka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Jirka.exe" /silentautolog
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"AdobeBridge"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"1148259343"=C:\Users\Jirka\AppData\Local\tgn.exe [2011-07-10 339968]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.exe - open - "C:\Users\Jirka\AppData\Local\lmr.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-10 21:57:43 ----D---- C:\rsit
2011-07-10 21:57:43 ----D---- C:\Program Files\trend micro
2011-07-10 21:16:47 ----A---- C:\Windows\ntbtlog.txt
2011-07-07 19:20:57 ----D---- C:\Program Files (x86)\Gadwin Systems
2011-07-03 10:41:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-07-03 10:41:13 ----A---- C:\Windows\system32\mshtmled.dll
2011-07-03 10:41:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-07-03 10:41:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-07-03 10:41:12 ----A---- C:\Windows\system32\iertutil.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\urlmon.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\jscript9.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\jscript.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\ieui.dll
2011-07-03 10:41:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-07-03 10:41:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-07-03 10:41:08 ----A---- C:\Windows\system32\mshtml.dll
2011-07-03 10:41:08 ----A---- C:\Windows\system32\ieframe.dll
2011-07-03 10:28:01 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-07-03 10:28:00 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-07-03 10:27:59 ----A---- C:\Windows\system32\win32k.sys
2011-07-03 10:27:56 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-07-03 10:27:56 ----A---- C:\Windows\system32\mssrch.dll
2011-07-03 10:27:55 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-07-03 10:27:55 ----A---- C:\Windows\system32\tquery.dll
2011-07-03 10:27:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-07-03 10:27:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-07-03 10:27:54 ----A---- C:\Windows\system32\mssph.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\system32\mssvp.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\mssphtb.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\msscntrs.dll
2011-07-03 10:27:52 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-07-03 10:27:41 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-07-03 10:27:40 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-07-03 10:27:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-07-03 10:27:39 ----A---- C:\Windows\system32\drivers\srv.sys
2011-07-03 10:27:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-07-03 10:27:33 ----A---- C:\Windows\system32\drivers\afd.sys
2011-07-03 10:27:00 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-07-03 10:27:00 ----A---- C:\Windows\system32\oleaut32.dll
2011-07-03 10:25:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-07-03 10:25:46 ----A---- C:\Windows\system32\inetcomm.dll
======List of files/folders modified in the last 1 month======
2011-07-10 21:57:43 ----RD---- C:\Program Files
2011-07-10 21:52:01 ----D---- C:\Windows\System32
2011-07-10 21:52:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-10 21:47:40 ----D---- C:\ProgramData\NVIDIA
2011-07-10 21:16:47 ----D---- C:\Windows
2011-07-10 21:15:20 ----D---- C:\Windows\inf
2011-07-10 21:15:12 ----D---- C:\Windows\system32\config
2011-07-10 19:47:20 ----HD---- C:\ProgramData
2011-07-10 19:47:20 ----D---- C:\Windows\Prefetch
2011-07-10 19:47:20 ----D---- C:\Program Files (x86)\Opera
2011-07-10 19:27:42 ----D---- C:\Windows\Temp
2011-07-10 19:26:44 ----SHD---- C:\System Volume Information
2011-07-08 17:09:48 ----SHD---- C:\Windows\Installer
2011-07-08 17:09:47 ----RSD---- C:\Windows\assembly
2011-07-07 19:20:57 ----RD---- C:\Program Files (x86)
2011-07-05 15:01:49 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2011-07-05 07:03:17 ----D---- C:\Windows\Microsoft.NET
2011-07-04 13:22:01 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2011-07-03 16:05:18 ----D---- C:\Windows\winsxs
2011-07-03 15:52:06 ----D---- C:\Users\Jirka\AppData\Roaming\Opera
2011-07-03 15:50:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-07-03 13:39:04 ----D---- C:\Windows\SysWOW64
2011-07-03 13:39:04 ----D---- C:\Windows\system32\drivers
2011-07-03 13:39:04 ----D---- C:\Program Files\Internet Explorer
2011-07-03 13:39:04 ----D---- C:\Program Files (x86)\Internet Explorer
2011-07-03 13:39:03 ----RSD---- C:\Windows\Fonts
2011-07-03 10:42:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-03 10:41:37 ----D---- C:\Windows\system32\catroot
2011-07-03 10:41:36 ----D---- C:\Windows\system32\catroot2
2011-06-23 20:51:25 ----D---- C:\Program Files (x86)\JDownloader
2011-06-23 20:38:03 ----D---- C:\Program Files (x86)\Split Second
2011-06-14 00:42:13 ----A---- C:\Windows\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-17 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 ahtfzx2l;ahtfzx2l; C:\Windows\system32\drivers\ahtfzx2l.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-22 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-07-06 716024]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-26 1255736]
-----------------EOF-----------------
Předem dík za odpověď.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2011-07-10 21:57:43
Microsoft Windows 7 Ultimate
System drive C: has 7 GB (13%) free of 58 GB
Total RAM: 4095 MB (72% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Users\Jirka\AppData\Local\lmr.exe" -a "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Jirka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Jirka.exe" /silentautolog
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"AdobeBridge"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"1148259343"=C:\Users\Jirka\AppData\Local\tgn.exe [2011-07-10 339968]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.exe - open - "C:\Users\Jirka\AppData\Local\lmr.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-10 21:57:43 ----D---- C:\rsit
2011-07-10 21:57:43 ----D---- C:\Program Files\trend micro
2011-07-10 21:16:47 ----A---- C:\Windows\ntbtlog.txt
2011-07-07 19:20:57 ----D---- C:\Program Files (x86)\Gadwin Systems
2011-07-03 10:41:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-07-03 10:41:13 ----A---- C:\Windows\system32\mshtmled.dll
2011-07-03 10:41:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-07-03 10:41:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-07-03 10:41:12 ----A---- C:\Windows\system32\iertutil.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-07-03 10:41:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\urlmon.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\jscript9.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\jscript.dll
2011-07-03 10:41:11 ----A---- C:\Windows\system32\ieui.dll
2011-07-03 10:41:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-07-03 10:41:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-07-03 10:41:08 ----A---- C:\Windows\system32\mshtml.dll
2011-07-03 10:41:08 ----A---- C:\Windows\system32\ieframe.dll
2011-07-03 10:28:01 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-07-03 10:28:00 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-07-03 10:28:00 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-07-03 10:27:59 ----A---- C:\Windows\system32\win32k.sys
2011-07-03 10:27:56 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-07-03 10:27:56 ----A---- C:\Windows\system32\mssrch.dll
2011-07-03 10:27:55 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-07-03 10:27:55 ----A---- C:\Windows\system32\tquery.dll
2011-07-03 10:27:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-07-03 10:27:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-07-03 10:27:54 ----A---- C:\Windows\system32\mssph.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-07-03 10:27:53 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-07-03 10:27:53 ----A---- C:\Windows\system32\mssvp.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\mssphtb.dll
2011-07-03 10:27:53 ----A---- C:\Windows\system32\msscntrs.dll
2011-07-03 10:27:52 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-07-03 10:27:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-07-03 10:27:41 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-07-03 10:27:40 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-07-03 10:27:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-07-03 10:27:39 ----A---- C:\Windows\system32\drivers\srv.sys
2011-07-03 10:27:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-07-03 10:27:33 ----A---- C:\Windows\system32\drivers\afd.sys
2011-07-03 10:27:00 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-07-03 10:27:00 ----A---- C:\Windows\system32\oleaut32.dll
2011-07-03 10:25:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-07-03 10:25:46 ----A---- C:\Windows\system32\inetcomm.dll
======List of files/folders modified in the last 1 month======
2011-07-10 21:57:43 ----RD---- C:\Program Files
2011-07-10 21:52:01 ----D---- C:\Windows\System32
2011-07-10 21:52:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-10 21:47:40 ----D---- C:\ProgramData\NVIDIA
2011-07-10 21:16:47 ----D---- C:\Windows
2011-07-10 21:15:20 ----D---- C:\Windows\inf
2011-07-10 21:15:12 ----D---- C:\Windows\system32\config
2011-07-10 19:47:20 ----HD---- C:\ProgramData
2011-07-10 19:47:20 ----D---- C:\Windows\Prefetch
2011-07-10 19:47:20 ----D---- C:\Program Files (x86)\Opera
2011-07-10 19:27:42 ----D---- C:\Windows\Temp
2011-07-10 19:26:44 ----SHD---- C:\System Volume Information
2011-07-08 17:09:48 ----SHD---- C:\Windows\Installer
2011-07-08 17:09:47 ----RSD---- C:\Windows\assembly
2011-07-07 19:20:57 ----RD---- C:\Program Files (x86)
2011-07-05 15:01:49 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2011-07-05 07:03:17 ----D---- C:\Windows\Microsoft.NET
2011-07-04 13:22:01 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2011-07-03 16:05:18 ----D---- C:\Windows\winsxs
2011-07-03 15:52:06 ----D---- C:\Users\Jirka\AppData\Roaming\Opera
2011-07-03 15:50:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-07-03 13:39:04 ----D---- C:\Windows\SysWOW64
2011-07-03 13:39:04 ----D---- C:\Windows\system32\drivers
2011-07-03 13:39:04 ----D---- C:\Program Files\Internet Explorer
2011-07-03 13:39:04 ----D---- C:\Program Files (x86)\Internet Explorer
2011-07-03 13:39:03 ----RSD---- C:\Windows\Fonts
2011-07-03 10:42:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-03 10:41:37 ----D---- C:\Windows\system32\catroot
2011-07-03 10:41:36 ----D---- C:\Windows\system32\catroot2
2011-06-23 20:51:25 ----D---- C:\Program Files (x86)\JDownloader
2011-06-23 20:38:03 ----D---- C:\Program Files (x86)\Split Second
2011-06-14 00:42:13 ----A---- C:\Windows\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-17 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 ahtfzx2l;ahtfzx2l; C:\Windows\system32\drivers\ahtfzx2l.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-22 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-07-06 716024]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-26 1255736]
-----------------EOF-----------------
Re: win 7 home security 2012
Zdravim gap a vitma Vas u nas na foru
Prectete si prosim pravidla fora
Zalozte si sve nove tema, tohle je jiz vyresen a uzavrene. U nas plati, ze kazdy uzivatel ma na svuj problem sve nove tema, takze si jej zalozte a vlozte tam log z RSIT.
Dekuji za pochopeni
Zde
Prectete si prosim pravidla fora Zalozte si sve nove tema, tohle je jiz vyresen a uzavrene. U nas plati, ze kazdy uzivatel ma na svuj problem sve nove tema, takze si jej zalozte a vlozte tam log z RSIT.Dekuji za pochopeni
Zde
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?