Diagnostic Policy Service (win7 ultimate 32-bit)

Zpráva

Dante Aligi · #1 Příspěvek od **Dante Aligi** » 17 zář 2011 16:57

Zdravim
Uz druhy den resim problem s wifi. Totiz bez jakekoliv priciny jsem spustil PC, jeho nacitani trvalo dost dlouho a kdyz uz se nacetl system, wifina vubec nereagovala a nedala se spustit. U toho mi to vyhodilo hlasku ,,WSAStartup() failed, or you have the incorrect version of WinSock installed". To jsem vyresil programem 'Fix it' od microsoftu, rebootoval a wifi uz zase jede. Jenze kdyz se chci napojit na svuj router (kterej ma mimochodem vynikajici signal a jsou na nej napojeni i jini lide bez problemu) tak mam jen omezeny pristup. Takze kliknu na 'odstranit potize' a jedine co to udela, ze zjisti ze nejede Diagnostic Policy Service. Spustil jsem Sluzby a nasel DPS, ktere je nastavene na automaticke spousteni, takze jsem dal jen spustit. Na to me vyskocilo okno ,, System Windows nemohl v pocitaci Local Computer spustit sluzbu DPS (Diagnostic Policy Service). Chyba 5: Pristup byl odepren."

Jsem uz dost zoufalej a opravdu by se mi ulevilo, kdybych nemusel dalsi den hledat co s tim.
Diky za precteni, snad mi poradite.

chodnik74 · #2 Příspěvek od **chodnik74** » 18 zář 2011 10:53

Zdravím

tak se pokusíme...

Vložte mi pro začátek log z RSIT,návod vás povede http://www.viry.cz/forum/viewtopic.php?f=13&t=105895

Dante Aligi · #3 Příspěvek od **Dante Aligi** » 18 zář 2011 13:11

Logfile of random's system information tool 1.09 (written by random/random)
Run by ASUS at 2011-09-18 13:59:27
Microsoft Windows 7 Ultimate
System drive C: has 3 GB (3%) free of 88 GB
Total RAM: 3037 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1083555474-487684997-3636995369-1000Core1cb6c5d95b805b3.job
C:\Windows\tasks\Norton AntiVirus - Run Full System Scan - ASUS.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default

prefs.js - "browser.startup.homepage" - "http://start.icq.com/sm"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, illimitux@illimitux.net:4.0, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.8, plugin2@gameplaylabs.com:2.0, plugin3@gameplaylabs.com:3.0, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.8&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Programy\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
FlashGet3.xpi
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\
illimitux@illimitux.net
plugin2@gameplaylabs.com
plugin3@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B}]
BrowserPlugin - C:\Users\ASUS\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-09-09 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2009-08-21 4139912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\ASUS\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\ASUS\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2009-08-17 564624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
"IFXSPMGT"=C:\Windows\system32\ifxspmgt.exe [2008-01-25 677144]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-27 85160]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-30 9914984]
"Alcmtr"=ALCMTR.EXE []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-12 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-12 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-12 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=D:\Programy\iTunes\iTunesHelper.exe [2011-08-19 421736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"fsm"= []
"uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2010-01-21 289584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~3.EXE [2008-08-15 279920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\ASScrProlog.exe [2009-02-23 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2009-02-23 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2008-02-01 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-09-11 86960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-08-07 3077528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-04-02 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCDEmuApp.exe]
C:\Program Files\PowerISO\SCDEmuApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Programy\Steam\Steam.exe [2011-08-07 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerProducer update Software\CyberLink\PowerProducer\4.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
C:\PROGRA~1\MICROS~4\Office14\OFFICE~1\OFFICE~2.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe [2011-08-03 624416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-12 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2009-08-21 4139912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0
"DisableTaskMgr"=0
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"D:\Hry\Combat Arms EU\CombatArms.exe"="D:\Hry\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Hry\Combat Arms EU\Engine.exe"="D:\Hry\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.divxa32"=divxa32.acm
"msacm.lameacm"=lameACM.acm
"msacm.siren"=sirenacm.dll
"msacm.sl_anet"=sl_anet.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.XVID"=xvidvfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open -

======List of files/folders created in the last 1 month======

2011-09-18 13:59:28 ----D---- C:\Program Files\trend micro
2011-09-18 13:59:27 ----D---- C:\rsit
2011-09-11 19:37:29 ----D---- C:\Program Files\iPod
2011-09-11 19:27:38 ----D---- C:\Program Files\Bonjour
2011-09-11 19:16:06 ----D---- C:\Program Files\QuickTime
2011-09-03 23:02:09 ----D---- C:\Program Files\Apple Software Update

======List of files/folders modified in the last 1 month======

2011-09-18 13:59:28 ----RD---- C:\Program Files
2011-09-18 13:59:18 ----D---- C:\Windows\Temp
2011-09-18 13:55:19 ----D---- C:\Windows\Prefetch
2011-09-18 13:52:24 ----D---- C:\Users\ASUS\AppData\Roaming\uTorrent
2011-09-17 18:52:28 ----SD---- C:\ProgramData\Microsoft
2011-09-17 18:43:07 ----D---- C:\Windows\System32
2011-09-17 18:43:07 ----D---- C:\Windows\inf
2011-09-17 18:43:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-17 16:54:07 ----SHD---- C:\System Volume Information
2011-09-17 15:32:20 ----SHD---- C:\Windows\Installer
2011-09-17 15:30:55 ----SHD---- C:\Config.Msi
2011-09-16 23:26:29 ----D---- C:\Users\ASUS\AppData\Roaming\Skype
2011-09-16 17:51:17 ----D---- C:\Users\ASUS\AppData\Roaming\skypePM
2011-09-16 00:15:25 ----A---- C:\Windows\NeroDigital.ini
2011-09-12 22:44:07 ----D---- C:\Windows\system32\drivers
2011-09-12 22:21:58 ----A---- C:\Windows\system32\acovcnt.exe
2011-09-12 22:17:09 ----D---- C:\Windows\system32\wbem
2011-09-12 22:17:09 ----D---- C:\Windows
2011-09-12 22:15:57 ----D---- C:\Windows\Tasks
2011-09-12 22:15:57 ----D---- C:\Windows\system32\wfp
2011-09-12 22:15:57 ----D---- C:\Windows\system32\catroot2
2011-09-12 22:15:56 ----D---- C:\Windows\system32\drivers\UMDF
2011-09-12 22:15:56 ----D---- C:\Windows\system32\drivers\etc
2011-09-12 22:15:54 ----D---- C:\Users\ASUS\AppData\Roaming\vlc
2011-09-12 22:15:51 ----D---- C:\Users\ASUS\AppData\Roaming\dvdcss
2011-09-12 22:15:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-09-12 22:15:49 ----D---- C:\ProgramData\PMB Files
2011-09-12 22:15:49 ----D---- C:\ProgramData\P4G
2011-09-12 22:15:48 ----HD---- C:\ProgramData
2011-09-12 22:15:23 ----D---- C:\Program Files\Opera
2011-09-12 22:15:17 ----D---- C:\Program Files\Safari
2011-09-12 22:15:16 ----D---- C:\ProgramData\FLEXnet
2011-09-12 22:15:13 ----D---- C:\Users\ASUS\AppData\Roaming\Hamachi
2011-09-12 22:15:05 ----D---- C:\Windows\system32\NDF
2011-09-12 22:15:05 ----D---- C:\Windows\system32\DriverStore
2011-09-12 22:15:05 ----D---- C:\Windows\pss
2011-09-12 22:15:04 ----D---- C:\Windows\registration
2011-09-12 21:56:49 ----D---- C:\Windows\system32\catroot
2011-09-12 16:10:51 ----D---- C:\Program Files\Hamachi
2011-09-11 19:37:28 ----D---- C:\Program Files\Common Files\Apple
2011-08-19 17:42:49 ----D---- C:\Users\ASUS\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2007-08-10 29752]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-20 317464]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-06-25 64160]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2007-09-26 15416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-14 218688]
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-07-27 374392]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110908.001\IDSvix86.sys [2010-09-15 287792]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2007-07-24 38816]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2008-02-01 279088]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2008-02-01 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-04 18048]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-05-14 99264]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-18 105592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-08-03 25280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-01-12 9035776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-30 3317800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110910.002\NAVENG.SYS [2011-08-18 86136]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110910.002\NAVEX15.SYS [2011-08-18 1576312]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-09-13 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-14 431672]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 24112]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-05 271360]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-01-02 101504]
S3 JakNDisMP;JakNDisMP; C:\Windows\system32\DRIVERS\JakNDis.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2009-03-17 447024]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2008-02-01 317616]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S4 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-10 518696]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\ifxspmgt.exe [2008-01-25 677144]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\System32\IFXTCS.exe [2008-01-25 886040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728]
R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2007-07-24 140568]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-05-09 75136]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 821096]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-09-02 1245064]
S2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-10 238968]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-31 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-14 411432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Roli píše:Odstraněno CODE kvůli lepší čitelnosti

chodnik74 · #4 Příspěvek od **chodnik74** » 18 zář 2011 13:43

Odinstalovat Spybot - Search & Destroy,GamePlayLabs,Ad-Aware

Aktualizujte Service Pack 1

Uděláme údržbu pc..

TFC

Stáhneme a spustíme program
Klikneme na Start a potvrdíme OK
Program začne uklízet,poté restartuje pc
po použití program smažte

Údržba PC:

1)Čištění dočasných složek + neplatné registry

Ccleaner

Stáhneme a nainstalujeme program
Spustíme program
ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů
Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)

2)Defragmentace disku

Defraggler

Stáhneme a nainstalujeme program
Spustíme program
Vybereme disk ( C:,D:..prostě který používáme)
Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
Proveďte se všemi používanými disky
Provádíme 1x za měsíc

3)Aktualizace programů

FileHippo.com Update Checker

Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
Spustíme program
Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní
Provádíme 1x za 14 dní nebo jednou za měsíc

Nakonec mrkneme po havěti...

Malwarebytes' Anti-Malware Obrázek

Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
Objeví se vám log,který mi sem vložte
NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

Dante Aligi · #5 Příspěvek od **Dante Aligi** » 18 zář 2011 16:03

taaak po dlouhem cisteni konecne provedeno vse az na aktualizaci SP1, jsem na provizornim PC, na kterej se to nevejde a aktualizaci ostatnich programu, protoze PC ktere resime se na net nepripoji (coz je hlavni predmet tematu).

tady je log (a protoze jsem blbec nevsimavej, tak jsem omylem dal rychly test, takze pokud v tom bude problem, tak spustim znova pod uplnym)

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5214

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.9.2011 16:56:52
mbam-log-2011-09-18 (16-56-42).txt

Typ kontroly: Rychlý test
Testované objekty: 151889
Uplynulý čas: 6 minut, 35 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 2
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\Windows\serviceprofiles\networkservice\AppData\Roaming\twain_32 (Trojan.Zbot) -> No action taken.
c:\Windows\System32\lowsec (Stolen.data) -> No action taken.

Infikované soubory:
c:\Windows\System32\secushr.dat (Malware.Trace) -> No action taken.
c:\Windows\serviceprofiles\networkservice\AppData\Roaming\twain_32\user.ds (Trojan.Zbot) -> No action taken.
c:\Windows\System32\lowsec\local.ds (Stolen.data) -> No action taken.
c:\Windows\System32\lowsec\user.ds (Stolen.data) -> No action taken.

chodnik74 · #6 Příspěvek od **chodnik74** » 18 zář 2011 16:22

Nevadí

nalezené položky dejte smazat...

Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!

Stáhneme si Combofix
Program uložíme nejlépe na Plochu
Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,)
Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
(Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )

chodnik74 · #7 Příspěvek od **chodnik74** » 18 zář 2011 16:23

První musíme mít jistotu,že je pc čistý od havěti a není problém v havěti

Dante Aligi · #8 Příspěvek od **Dante Aligi** » 18 zář 2011 18:04

tak tu je dalsi log

ComboFix 11-09-17.06 - ASUS 18.09.2011 17:58:34.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3037.1918 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton AntiVirus *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton AntiVirus *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Plugin Manager\SkypePM.exe
c:\programdata\Xfire
c:\programdata\Xfire\downloads\133.update
c:\programdata\Xfire\downloads\metadata\3696.ini
c:\programdata\Xfire\downloads\metadata\3699.ini
c:\programdata\Xfire\downloads\metadata\fileids.ini
c:\programdata\Xfire\downloads\xfire_games_20110428.zip
c:\programdata\Xfire\channels\channel1000.ini
c:\programdata\Xfire\channels\channel100051.ini
c:\programdata\Xfire\channels\channel100052.ini
c:\programdata\Xfire\channels\channel104147.ini
c:\programdata\Xfire\channels\channel104148.ini
c:\programdata\Xfire\channels\channel104149.ini
c:\programdata\Xfire\channels\channel104157.ini
c:\programdata\Xfire\channels\channel104158.ini
c:\programdata\Xfire\channels\channel104578.ini
c:\programdata\Xfire\channels\channel104683.ini
c:\programdata\Xfire\channels\channel104684.ini
c:\programdata\Xfire\channels\channel104702.ini
c:\programdata\Xfire\channels\channel104745.ini
c:\programdata\Xfire\channels\channel104746.ini
c:\programdata\Xfire\channels\channel105009.ini
c:\programdata\Xfire\channels\channel105034.ini
c:\programdata\Xfire\channels\channel105036.ini
c:\programdata\Xfire\channels\channel105037.ini
c:\programdata\Xfire\channels\channel105476.ini
c:\programdata\Xfire\channels\channel105535.ini
c:\programdata\Xfire\channels\channel105985.ini
c:\programdata\Xfire\channels\channelids.ini
c:\programdata\Xfire\Icons\123kick.ico
c:\programdata\Xfire\Icons\advqw.ico
c:\programdata\Xfire\Icons\anomwze.ico
c:\programdata\Xfire\Icons\aoeonl.ico
c:\programdata\Xfire\Icons\argo.ico
c:\programdata\Xfire\Icons\azs.ico
c:\programdata\Xfire\Icons\bbmog11.ico
c:\programdata\Xfire\Icons\bbmog12.ico
c:\programdata\Xfire\Icons\bfp4f.ico
c:\programdata\Xfire\Icons\blksh.ico
c:\programdata\Xfire\Icons\btft.ico
c:\programdata\Xfire\Icons\bttrprr.ico
c:\programdata\Xfire\Icons\bwrld.ico
c:\programdata\Xfire\Icons\clra.ico
c:\programdata\Xfire\Icons\crimec.ico
c:\programdata\Xfire\Icons\crytao.ico
c:\programdata\Xfire\Icons\csi6.ico
c:\programdata\Xfire\Icons\cso.ico
c:\programdata\Xfire\Icons\dagel.ico
c:\programdata\Xfire\Icons\dlpn.ico
c:\programdata\Xfire\Icons\dspore.ico
c:\programdata\Xfire\Icons\ebedits.ico
c:\programdata\Xfire\Icons\fifaonl2.ico
c:\programdata\Xfire\Icons\fxion.ico
c:\programdata\Xfire\Icons\gmnrue.ico
c:\programdata\Xfire\Icons\gobx.ico
c:\programdata\Xfire\Icons\grmttr.ico
c:\programdata\Xfire\Icons\habboh.ico
c:\programdata\Xfire\Icons\jggrnt.ico
c:\programdata\Xfire\Icons\kghtqst.ico
c:\programdata\Xfire\Icons\legosw3.ico
c:\programdata\Xfire\Icons\lrdltm.ico
c:\programdata\Xfire\Icons\mlb2k11.ico
c:\programdata\Xfire\Icons\mnplymlns.ico
c:\programdata\Xfire\Icons\mrtonl.ico
c:\programdata\Xfire\Icons\mscchllg.ico
c:\programdata\Xfire\Icons\mtgt.ico
c:\programdata\Xfire\Icons\mtlaslt.ico
c:\programdata\Xfire\Icons\myctylf.ico
c:\programdata\Xfire\Icons\netkar.ico
c:\programdata\Xfire\Icons\oni.ico
c:\programdata\Xfire\Icons\port2.ico
c:\programdata\Xfire\Icons\pyrvlle.ico
c:\programdata\Xfire\Icons\qdra.ico
c:\programdata\Xfire\Icons\rawayatof.ico
c:\programdata\Xfire\Icons\rawaytdott.ico
c:\programdata\Xfire\Icons\resev.ico
c:\programdata\Xfire\Icons\rush.ico
c:\programdata\Xfire\Icons\slnstrt.ico
c:\programdata\Xfire\Icons\sowgb.ico
c:\programdata\Xfire\Icons\sprcty.ico
c:\programdata\Xfire\Icons\thps2.ico
c:\programdata\Xfire\Icons\tkitri.ico
c:\programdata\Xfire\Icons\tnbt.ico
c:\programdata\Xfire\Icons\torgtrl.ico
c:\programdata\Xfire\Icons\twitchv.ico
c:\programdata\Xfire\Icons\twrstk.ico
c:\programdata\Xfire\Icons\twwrld.ico
c:\programdata\Xfire\Icons\vba.ico
c:\programdata\Xfire\Icons\wh40kfw.ico
c:\programdata\Xfire\Icons\wiz8.ico
c:\programdata\Xfire\Icons\wrldvmprs.ico
c:\programdata\Xfire\Icons\xonot.ico
c:\programdata\Xfire\Icons\zblz.ico
c:\programdata\Xfire\Icons\zlane.ico
c:\programdata\Xfire\sounds\classic.zip
c:\programdata\Xfire\sounds\defaults.zip
c:\programdata\Xfire\templates\about.tmpl
c:\programdata\Xfire\templates\addfriend.tmpl
c:\programdata\Xfire\templates\clanreminder.tmpl
c:\programdata\Xfire\templates\infoview\aao\filter.css
c:\programdata\Xfire\templates\infoview\aao\filter.js
c:\programdata\Xfire\templates\infoview\aao\server.css
c:\programdata\Xfire\templates\infoview\aao\server.js
c:\programdata\Xfire\templates\infoview\aol_user.tmpl
c:\programdata\Xfire\templates\infoview\bf2\filter.css
c:\programdata\Xfire\templates\infoview\bf2\filter.js
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.css
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.js
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.tmpl
c:\programdata\Xfire\templates\infoview\bf2\game_bf2_js.tmpl
c:\programdata\Xfire\templates\infoview\blank.tmpl
c:\programdata\Xfire\templates\infoview\buddycat.tmpl
c:\programdata\Xfire\templates\infoview\clan.tmpl
c:\programdata\Xfire\templates\infoview\clanfavservercat.tmpl
c:\programdata\Xfire\templates\infoview\codmp\filter.js
c:\programdata\Xfire\templates\infoview\codmp\game_codmp.tmpl
c:\programdata\Xfire\templates\infoview\codmp\game_codmp_js.tmpl
c:\programdata\Xfire\templates\infoview\coduomp\filter.js
c:\programdata\Xfire\templates\infoview\coduomp\game_coduomp.tmpl
c:\programdata\Xfire\templates\infoview\coduomp\game_coduomp_js.tmpl
c:\programdata\Xfire\templates\infoview\cs\filter.css
c:\programdata\Xfire\templates\infoview\cs\filter.js
c:\programdata\Xfire\templates\infoview\cs\game_cs.tmpl
c:\programdata\Xfire\templates\infoview\cs\game_cs_js.tmpl
c:\programdata\Xfire\templates\infoview\css\filter.css
c:\programdata\Xfire\templates\infoview\css\filter.js
c:\programdata\Xfire\templates\infoview\css\game_css.tmpl
c:\programdata\Xfire\templates\infoview\css\game_css_js.tmpl
c:\programdata\Xfire\templates\infoview\customgroup.tmpl
c:\programdata\Xfire\templates\infoview\download.tmpl
c:\programdata\Xfire\templates\infoview\download_header.tmpl
c:\programdata\Xfire\templates\infoview\download_pac_info.tmpl
c:\programdata\Xfire\templates\infoview\download_styles.tmpl
c:\programdata\Xfire\templates\infoview\downloadactive.tmpl
c:\programdata\Xfire\templates\infoview\downloadallchannels.tmpl
c:\programdata\Xfire\templates\infoview\downloadcat.tmpl
c:\programdata\Xfire\templates\infoview\downloadhelp.tmpl
c:\programdata\Xfire\templates\infoview\downloadnewest.tmpl
c:\programdata\Xfire\templates\infoview\downloadpatches.tmpl
c:\programdata\Xfire\templates\infoview\downloadtop10.tmpl
c:\programdata\Xfire\templates\infoview\filter.tmpl
c:\programdata\Xfire\templates\infoview\friends.tmpl
c:\programdata\Xfire\templates\infoview\gw\server.css
c:\programdata\Xfire\templates\infoview\gw\server.js
c:\programdata\Xfire\templates\infoview\channel.tmpl
c:\programdata\Xfire\templates\infoview\chat_rooms_help.tmpl
c:\programdata\Xfire\templates\infoview\chatroom.tmpl
c:\programdata\Xfire\templates\infoview\login.tmpl
c:\programdata\Xfire\templates\infoview\mame32\server.js
c:\programdata\Xfire\templates\infoview\notification.tmpl
c:\programdata\Xfire\templates\infoview\offline.tmpl
c:\programdata\Xfire\templates\infoview\plugin_cat.tmpl
c:\programdata\Xfire\templates\infoview\quake4\server.js
c:\programdata\Xfire\templates\infoview\quakel\server.js
c:\programdata\Xfire\templates\infoview\screenshot.tmpl
c:\programdata\Xfire\templates\infoview\screenshot_cat.tmpl
c:\programdata\Xfire\templates\infoview\screenshot_header.tmpl
c:\programdata\Xfire\templates\infoview\screenshots_help.tmpl
c:\programdata\Xfire\templates\infoview\scripts\activity_report.js
c:\programdata\Xfire\templates\infoview\scripts\AjaxRequest.js
c:\programdata\Xfire\templates\infoview\scripts\blog.js
c:\programdata\Xfire\templates\infoview\scripts\clans.js
c:\programdata\Xfire\templates\infoview\scripts\colorize.js
c:\programdata\Xfire\templates\infoview\scripts\combobox.js
c:\programdata\Xfire\templates\infoview\scripts\download.js
c:\programdata\Xfire\templates\infoview\scripts\filter.js
c:\programdata\Xfire\templates\infoview\scripts\filter_functions.js
c:\programdata\Xfire\templates\infoview\scripts\games_list.js
c:\programdata\Xfire\templates\infoview\scripts\linkify.js
c:\programdata\Xfire\templates\infoview\scripts\personal_file_transfers.js
c:\programdata\Xfire\templates\infoview\scripts\screenshots.js
c:\programdata\Xfire\templates\infoview\scripts\server.js
c:\programdata\Xfire\templates\infoview\scripts\shared.js
c:\programdata\Xfire\templates\infoview\scripts\user.js
c:\programdata\Xfire\templates\infoview\scripts\video.js
c:\programdata\Xfire\templates\infoview\scripts\videocontests.js
c:\programdata\Xfire\templates\infoview\scripts\voicechat.js
c:\programdata\Xfire\templates\infoview\server.tmpl
c:\programdata\Xfire\templates\infoview\servercat.tmpl
c:\programdata\Xfire\templates\infoview\style.tmpl
c:\programdata\Xfire\templates\infoview\styles\clan.css
c:\programdata\Xfire\templates\infoview\styles\filter.css
c:\programdata\Xfire\templates\infoview\styles\server.css
c:\programdata\Xfire\templates\infoview\styles\shared.css
c:\programdata\Xfire\templates\infoview\styles\user.css
c:\programdata\Xfire\templates\infoview\styles\video.css
c:\programdata\Xfire\templates\infoview\swbf2\server.js
c:\programdata\Xfire\templates\infoview\systemmsg.tmpl
c:\programdata\Xfire\templates\infoview\tmo\server.js
c:\programdata\Xfire\templates\infoview\user.tmpl
c:\programdata\Xfire\templates\infoview\ut2k4\game_ut2k4.tmpl
c:\programdata\Xfire\templates\infoview\ut2k4\game_ut2k4_js.tmpl
c:\programdata\Xfire\templates\infoview\video.tmpl
c:\programdata\Xfire\templates\infoview\video_header.tmpl
c:\programdata\Xfire\templates\infoview\videos_help.tmpl
c:\programdata\Xfire\templates\infoview\wow\game_wow.tmpl
c:\programdata\Xfire\templates\infoview\wow\server.css
c:\programdata\Xfire\templates\infoview\wow\server.js
c:\programdata\Xfire\templates\notifications.tmpl
c:\programdata\Xfire\templates\post_game_screenshots.tmpl
c:\programdata\Xfire\templates\post_game_videos.tmpl
c:\programdata\Xfire\templates\registration.tmpl
c:\programdata\Xfire\Xfire.ini
c:\programdata\Xfire\xfire_games.bak
c:\programdata\Xfire\xfire_games.ini
c:\users\ASUS\AppData\Local\ApplicationHistory
c:\users\ASUS\AppData\Local\ApplicationHistory\ngen.exe.2c05686e.ini
c:\users\ASUS\AppData\Local\ApplicationHistory\TurbineInvoker.exe.e6ad22c.ini
c:\users\ASUS\AppData\Local\ApplicationHistory\TurbineLauncher.exe.17d21056.ini
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\no
c:\windows\system32\no\AuthFWSnapIn.Resources.dll
c:\windows\system32\no\AuthFWWizFwk.Resources.dll
c:\windows\system32\no\Narrator.resources.dll
.
c:\windows\system32\userinit.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 15:32 . 2011-09-18 15:32 54016 ----a-w- c:\windows\system32\drivers\brtqowru.sys
2011-09-18 13:25 . 2011-09-18 13:25 -------- d-----w- c:\users\ASUS\AppData\Roaming\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- c:\program files\trend micro
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- C:\rsit
2011-09-11 17:37 . 2011-09-11 17:37 -------- d-----w- c:\program files\iPod
2011-09-11 17:27 . 2011-09-12 20:15 -------- d-----w- c:\program files\Bonjour
2011-09-11 17:16 . 2011-09-12 20:15 -------- d-----w- c:\program files\QuickTime
2011-09-03 21:02 . 2011-09-12 20:15 -------- d-----w- c:\program files\Apple Software Update
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-12 20:21 . 2009-02-23 20:10 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-09-08 10:44 . 2011-05-20 17:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-11 12:30 . 2009-06-05 14:37 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-03 21:18 . 2011-08-03 21:18 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2010-01-21 289584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-03-31 266240]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-01-25 677144]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-12 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-12 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-12 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="d:\programy\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-11-29 443728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\explorer.exe,"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OfficeSAS.lnk
backup=c:\windows\pss\OfficeSAS.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
path=c:\users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-02-23 19:47 37232 ----a-w- c:\windows\ASScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-02-23 19:47 33136 ----a-w- c:\windows\ASScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2008-02-01 13:29 61440 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2009-08-17 12:48 85888 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-13 13:49 136176 ----atw- c:\users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-09-11 03:40 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2008-02-22 10:19 62760 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:45 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2011-08-07 13:58 3077528 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2008-04-02 18:09 87336 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-08-07 10:54 1242448 ----a-w- d:\programy\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
R3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
R4 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-06-25 64160]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2007-09-26 15416]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-13 218688]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110908.001\IDSvix86.sys [2010-09-15 287792]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2007-07-23 38816]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-18 105592]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - aswFsBlk
*Deregistered* - aswMonFlt
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - ehdrv
*Deregistered* - epfwwfpr
*Deregistered* - SCDEmu
.
Obsah adresáře 'Naplánované úlohy'
.
2010-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1083555474-487684997-3636995369-1000Core1cb6c5d95b805b3.job
- c:\users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 13:49]
.
2011-08-23 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - ASUS.job
- c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/home.php?
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - /105
Trusted Zone: kuaiche.com\software
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=sm&tb_ver=1.1.8&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-fsm - (no file)
MSConfigStartUp-AlcoholAutomount - c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-MobileConnect - c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
MSConfigStartUp-RGSC - d:\hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-SCDEmuApp - c:\program files\PowerISO\SCDEmuApp.exe
MSConfigStartUp-UpdatePPShortCut - c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0e,8e,98,09,98,ac,74,95,9f,ac,af,5b,7e,74,8f,65,7d,b0,8a,90,e5,ca,5e,
43,f5,6a,31,b7,57,3e,bc,32,b6,1a,15,0d,77,c6,ec,93,82,51,f0,17,83,04,98,7a,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\License information*]
"datasecu"=hex:69,bf,da,3b,d3,16,fc,3d,81,c6,61,ec,bf,21,a2,58,41,b9,df,b2,3a,
94,8d,a5,5d,29,ff,e4,5b,5a,b2,94,0a,9e,e8,e5,48,3d,4f,bd,77,e9,ca,53,4f,4f,\
"rkeysecu"=hex:b9,dd,9a,18,eb,3d,da,76,ba,5a,25,f1,78,cd,ff,09
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_ccAppPlgMgr_5104"="{EB4A00BB-588C-4135-9B55-98430D465103}"
"ccSvcHst_ccAppPlgMgr_4184"="{74BA3680-2614-4A5F-A2C2-4930CD84C271}"
"ccSvcHst_ccAppPlgMgr_3552"="{52D957E7-18E6-4AF1-A080-50C40431E28A}"
"ccSvcHst_ccAppPlgMgr_5020"="{EAD2FC07-70E8-4CD3-85F0-EF02FB585C0B}"
"ccSvcHst_ccAppPlgMgr_4452"="{5293109B-C38A-495A-AFE8-3F9B9A5CBEF4}"
"ccSvcHst_ccAppPlgMgr_4816"="{6E611A96-1801-4995-8C62-6D74D0560C42}"
"ccSvcHst_ccAppPlgMgr_4544"="{5A1ABCA5-345B-4C70-864C-DB97E266212D}"
"ccSvcHst_ccAppPlgMgr_3488"="{FAF0EB9B-958A-4EDA-93BF-7AD390C34834}"
"ccSvcHst_ccAppPlgMgr_3600"="{482F2450-936C-4311-A066-F09F0D896250}"
"ccSvcHst_ccAppPlgMgr_5464"="{D81EE1E0-2509-40AF-8EE5-5C2127187234}"
"ccSvcHst_ccAppPlgMgr_4136"="{5D1B9279-C448-498E-A94F-7140D5FEA378}"
"ccSvcHst_ccAppPlgMgr_1128"="{3040857B-3EF1-43EF-A26E-AC69B0E74E06}"
"ccSvcHst_ccAppPlgMgr_5152"="{B0FC7869-6FF0-423F-863B-DC5A9F47CE95}"
"ccSvcHst_ccAppPlgMgr_4044"="{C50E1F15-41FF-4DED-9557-6D3608F36A63}"
"ccSvcHst_ccAppPlgMgr_2376"="{40E1C876-C018-4B12-A7D5-2DEDEDF50AAC}"
"ccSvcHst_ccAppPlgMgr_4036"="{6A426963-F93F-4260-8032-93B0F652FC39}"
"ccSvcHst_ccAppPlgMgr_5664"="{1EBC97A3-FDC9-4D07-B341-05363A2C40CB}"
"ccSvcHst_ccAppPlgMgr_5192"="{47E45ECE-AD1D-4C20-85D7-5B28DB6F526D}"
"ccSvcHst_ccAppPlgMgr_4960"="{9FBA5831-7959-45F5-B662-D8648C183F2E}"
"ccSvcHst_ccAppPlgMgr_5000"="{23AAFA2E-DDB2-4D43-AA87-A5EAAD7DF625}"
"ccSvcHst_ccAppPlgMgr_4928"="{817798DF-ACFF-40A9-BF56-E9A3B91EA191}"
"ccSvcHst_ccAppPlgMgr_4672"="{52014DE7-D7D9-4274-A8A5-2D324CEA131C}"
"ccSvcHst_ccAppPlgMgr_3000"="{DC91D47C-A496-40E8-B12A-1324C9DD21AB}"
"ccSvcHst_ccAppPlgMgr_3904"="{155C0B2F-37E6-46FC-A7F2-03F6425BE56F}"
"ccSvcHst_ccAppPlgMgr_2284"="{8D67D1F5-8925-4553-B66B-36FC705428A8}"
"ccSvcHst_ccAppPlgMgr_2808"="{5BB87080-AF51-4B89-A229-6B771E829FED}"
"ccSvcHst_ccAppPlgMgr_3188"="{545BBA88-85DE-410A-BE6A-A0D3297A4654}"
"ccSvcHst_ccAppPlgMgr_4824"="{E3DCF3F2-DFBA-4331-8A23-FD574D408C3B}"
"ccSvcHst_ccAppPlgMgr_4364"="{BB9F9D4F-2466-4949-9281-C5414DE661B7}"
"ccSvcHst_ccAppPlgMgr_1464"="{FB1E9111-85C3-4561-B2DC-1B0E45042007}"
"ccSvcHst_ccAppPlgMgr_5840"="{7DFA3DA9-CD1C-4A5B-8C8A-0CBFA477DF80}"
"ccSvcHst_ccAppPlgMgr_1088"="{A8AEC242-2FBE-412C-A399-EA703264118E}"
"ccSvcHst_ccAppPlgMgr_2520"="{0A5A5D8C-C8E3-4025-B658-E817303F1DE6}"
"ccSvcHst_ccAppPlgMgr_4696"="{F81C2E67-DC4A-4236-9B20-AAC5E46B9CB2}"
"ccSvcHst_ccAppPlgMgr_5088"="{3514E0D8-235D-45E7-9839-31B589243935}"
"ccSvcHst_ccAppPlgMgr_5116"="{01AFC30D-5808-434F-865F-BD969065E872}"
"ccSvcHst_ccAppPlgMgr_3364"="{9D883239-C778-4A15-8739-5C68178F4797}"
"ccSvcHst_ccAppPlgMgr_3228"="{24D3BA91-8522-43A5-883E-0E785588B941}"
"ShieldDataServiceChannel"="{056D96DF-1E26-4B23-B594-F96D39E5B81E}"
"ccSvcHst_ccAppPlgMgr_5216"="{2A00FC50-F9AA-4D17-863A-D166F63B1E8E}"
"ccSvcHst_ccAppPlgMgr_11272"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"AvProdSession_02"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"ToasterNotify\\SessionID_2"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}2"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"ccSvcHst_ccAppPlgMgr_4268"="{F2C9C0C6-6489-4153-8E07-54DF768E91A0}"
"ccSvcHst_ccAppPlgMgr_3272"="{A752FF86-E1D6-47D2-9959-5614B1687818}"
"ccSvcHst_ccAppPlgMgr_3860"="{01571C5C-CE9A-46C7-AFAC-74C5392480E9}"
"ccSvcHst_ccAppPlgMgr_2968"="{C81A5D5E-E32E-4526-95B6-C0263A67FC5B}"
"ccSvcHst_ccAppPlgMgr_512"="{1084C286-FECE-45A7-BFEB-B716C21BA9D3}"
"ccSvcHst_ccAppPlgMgr_4668"="{9F856B66-292F-423D-8F70-A66DD41A2EE7}"
"ccSvcHst_ccAppPlgMgr_5376"="{81826A82-3B6A-4344-8949-07414867AE8E}"
"ccSvcHst_ccAppPlgMgr_3732"="{07B77386-10F7-4D01-B726-EF8CAD27D487}"
"ccSvcHst_ccAppPlgMgr_3476"="{20D12F3B-AE38-4D7B-B330-84C021B9638A}"
"ccSvcHst_ccAppPlgMgr_4580"="{351F0169-18F4-401F-81C5-16C19DC37BE4}"
"ccSvcHst_ccAppPlgMgr_3308"="{2A9B79EC-8BCF-418B-95AA-B9224ADC464D}"
"ccSvcHst_ccAppPlgMgr_4488"="{1BDA0463-D607-4E49-AD98-9AE0CDF68F66}"
"ccSvcHst_ccAppPlgMgr_616"="{22FDC351-B145-484F-9072-69FD7C896F2E}"
"ccSvcHst_ccAppPlgMgr_1848"="{F40685DF-196E-412F-B5E7-638DFF6F2E35}"
"ccSvcHst_ccAppPlgMgr_3736"="{6A4223E3-D94A-4C03-A060-8E5738B46054}"
"ccSvcHst_ccAppPlgMgr_3604"="{86CCFEA4-CFBA-4670-A51A-F782CB00050F}"
"ccSvcHst_ccAppPlgMgr_1168"="{83C6D49E-AFA1-459B-9F60-920F7A5B48C0}"
"ccSvcHst_ccAppPlgMgr_4492"="{71559A4B-889C-4B74-B925-7856B228417D}"
"ccSvcHst_ccAppPlgMgr_3832"="{C6BBE1B5-C2D8-4FC8-8874-A2DF7AE210E9}"
"ccSvcHst_ccAppPlgMgr_2064"="{26CB9FBA-932F-4975-9C89-106429CCB783}"
"ccSvcHst_ccAppPlgMgr_1176"="{4D10B59E-EBD4-434F-A940-AADFAACEAEF2}"
"ccSvcHst_ccAppPlgMgr_5084"="{66B87F95-27C1-47F4-8191-A35609A69ADB}"
"ccSvcHst_ccAppPlgMgr_5124"="{6A5FF3B7-86BC-497A-8245-2B1425FB6B49}"
"ccSvcHst_ccAppPlgMgr_4464"="{E1CD2B7A-54BC-4865-AC7F-05A01002FB6C}"
"ccSvcHst_ccAppPlgMgr_2928"="{6002A14D-FC82-46EA-8A7B-C8B9BD351F43}"
"ccSvcHst_ccAppPlgMgr_1624"="{8313E1E1-3D0D-4406-ACCB-13ADA1A15685}"
"ccSvcHst_ccAppPlgMgr_5940"="{3D1022FB-CD49-414D-AA44-6DBCE95A4680}"
"ccSvcHst_ccAppPlgMgr_4636"="{2BDDDA70-02C7-4BE6-A4AC-53027745117E}"
"ccSvcHst_ccAppPlgMgr_5160"="{1C27563A-2DAD-4950-AA28-4C2F57160DC2}"
"ccSvcHst_ccAppPlgMgr_2464"="{BB8312CB-6074-4345-B293-CBB5E5EAA165}"
"ccSvcHst_ccAppPlgMgr_1104"="{E10B5CD0-0E9E-4158-9718-8A2C61C2898D}"
"ccSvcHst_ccAppPlgMgr_2556"="{A3DF93F3-2599-46BC-AA22-4CA255F37DB6}"
"ccSvcHst_ccAppPlgMgr_4556"="{D6AF380F-F6F6-45D4-8DCC-C6D2B662E314}"
"ccSvcHst_ccAppPlgMgr_3092"="{C244F965-CBF9-4014-B434-B36FB9113DD0}"
"ccSvcHst_ccAppPlgMgr_1404"="{0694E8E5-42D4-4092-B57D-D5F8084D3814}"
"ccSvcHst_ccAppPlgMgr_4412"="{C9600ABF-081D-4305-8048-EA4387E3D6D4}"
"ccSvcHst_ccAppPlgMgr_4344"="{D750C928-FDB0-4991-98F8-07A871D44B58}"
"ccSvcHst_ccAppPlgMgr_5008"="{BFFC751C-5075-4200-A669-5142EDD63820}"
"ccSvcHst_ccAppPlgMgr_5728"="{BEECA4B0-24E1-44A6-82BF-65E5125BBDE6}"
"ccSvcHst_ccAppPlgMgr_5440"="{435E6D9C-6991-4028-85EA-43978E9052C9}"
"ccSvcHst_ccAppPlgMgr_6092"="{D3AFBE5B-BBD5-40CC-A8E9-354DE95EB073}"
"ccSvcHst_ccAppPlgMgr_5692"="{B390BEDD-8F72-470E-9011-5545281F4732}"
"ccSvcHst_ccAppPlgMgr_5828"="{86B35C16-BF4B-4FA5-82D3-1EF9271E2160}"
"ccSvcHst_ccAppPlgMgr_2200"="{6C462473-77E8-4B0F-A86E-6EE1229C5BE8}"
"ccSvcHst_ccAppPlgMgr_780"="{188D84FA-0B64-4A09-9181-3907CC31E714}"
"ccSvcHst_ccAppPlgMgr_4372"="{DAC61AA1-E345-4B03-B3AC-0FD0EAD00B64}"
"ccSvcHst_ccAppPlgMgr_4660"="{630E0EF7-0397-4BD8-8712-AD9DEB96B7BC}"
"ccSvcHst_ccAppPlgMgr_4632"="{127F23A7-B4A1-4887-8E74-15ED50A09FD7}"
"ccSvcHst_ccAppPlgMgr_4700"="{945C40ED-13A9-44D4-B259-5FCCD87BB95B}"
"ccSvcHst_ccAppPlgMgr_4616"="{7F3A1643-E415-457C-B4DD-D9E6060DC83A}"
"ccSvcHst_ccAppPlgMgr_2624"="{E3BCE9EE-7C8D-43D5-9E06-A0CEAFE113B2}"
"ccSvcHst_ccAppPlgMgr_4860"="{A5754293-A3B2-4374-B669-55986ADFDF2A}"
"ccSvcHst_ccAppPlgMgr_4716"="{BD8895DB-EFD8-4A8A-8926-77B4F78A5211}"
"ccSvcHst_ccAppPlgMgr_2268"="{4A8BA90B-54A6-43A5-92EA-EAA9B5D15945}"
"ccSvcHst_ccAppPlgMgr_4308"="{5019809A-6B0E-4576-BE38-4AC620E1F3E1}"
"ccSvcHst_ccAppPlgMgr_5148"="{BE7836D9-440A-4751-961B-448CFA5D4A6D}"
"ccSvcHst_ccAppPlgMgr_5964"="{C992A09E-78F0-40E9-8DB7-06C66300E5D5}"
"ccSvcHst_ccAppPlgMgr_3872"="{27CDD427-0590-458E-AFBD-DCAE45F249A9}"
"ccSvcHst_ccAppPlgMgr_5576"="{7DA0230A-760B-4DAA-AA8E-D9D748D61CDA}"
"ccSvcHst_ccAppPlgMgr_3416"="{58566120-4586-44C7-AFD8-5CBAEACC01CE}"
"LastCrawlSeedStatus"=dword:00000000
"ccSvcHst_ccAppPlgMgr_4604"="{4212070F-006F-46D6-9A98-28991E787D93}"
"ccSvcHst_ccAppPlgMgr_4168"="{7A992D99-83C6-4C71-B507-0AFE6CC7A3CB}"
"ccSvcHst_ccAppPlgMgr_3660"="{82DCE6B7-3B34-48A9-A458-E23EB63CA0BE}"
"ccSvcHst_ccAppPlgMgr_5760"="{0521257F-8173-493B-AB6C-4E77DC2C3752}"
"ccSvcHst_ccAppPlgMgr_3684"="{91BAFF76-E437-495D-86AA-3129FCD4A95A}"
"ccSvcHst_ccAppPlgMgr_2748"="{A0A9C393-5E72-4916-A1FC-BBE16A8B17AC}"
"ccSvcHst_ccAppPlgMgr_3004"="{5E72917E-8F49-4682-B0D4-45A8C430ECEA}"
"ccSvcHst_ccAppPlgMgr_2508"="{47C41849-46B1-43AB-9BEC-A30A5579810E}"
"ccSvcHst_ccAppPlgMgr_2280"="{BA3B331F-E01A-4405-BA11-B58F7F5A50AA}"
"ccSvcHst_ccAppPlgMgr_4536"="{E731D4BA-AD54-4FAF-8F87-CA27DEC828C7}"
"ccSvcHst_ccAppPlgMgr_4080"="{E9CB2A65-24A0-4017-9F16-56BE3216C4D6}"
"ccSvcHst_ccAppPlgMgr_2852"="{B260DC06-B874-4832-9131-812DDE42B48B}"
"ccSvcHst_ccAppPlgMgr_5244"="{E7AAE335-FF9D-4080-9034-B4FCB763034B}"
"ccSvcHst_ccAppPlgMgr_1184"="{7AFAD398-5213-4090-ACC1-995D58CF43B5}"
"ccSvcHst_ccAppPlgMgr_5280"="{5147F84D-CE74-4358-9219-DBE1B5B52D3B}"
"ccSvcHst_ccAppPlgMgr_4336"="{719944E5-06A9-4295-8EC5-101C8B3C3A15}"
"ccSvcHst_ccAppPlgMgr_3108"="{622957D2-0B3B-43CA-B160-FEE2F065BC1D}"
"ccSvcHst_ccAppPlgMgr_3344"="{DF72D641-9BD4-4390-8411-0C7DB012DB57}"
"ccSvcHst_ccAppPlgMgr_1048"="{0AA8A007-7B77-4A6A-82D4-AAB9520BA54D}"
"ccSvcHst_ccAppPlgMgr_5240"="{26AC4EE7-E568-4043-B397-90ED7A43962A}"
"ccSvcHst_ccAppPlgMgr_1732"="{E39E36D6-B7ED-4232-98FC-F4AB39621D08}"
"ccSvcHst_ccAppPlgMgr_2524"="{610821B1-8DD6-45D1-98F1-AFCFBDAF2A43}"
"ccSvcHst_ccAppPlgMgr_2584"="{93378D09-50B4-4E78-9077-BC6F084D73F8}"
"ccSvcHst_ccAppPlgMgr_4836"="{07B734F4-0317-4446-88E4-B5C7BA734377}"
"ccSvcHst_ccAppPlgMgr_3292"="{CEC5F3CD-79AB-4F87-A315-7011EF375265}"
"ccSvcHst_ccAppPlgMgr_3820"="{565560F1-F650-4383-AE10-8669752EF7D4}"
"ccSvcHst_ccAppPlgMgr_5068"="{448450C3-0F7A-4C38-A818-9EFC901F0F81}"
"ccSvcHst_ccAppPlgMgr_3372"="{DA4F0AB2-A96B-4282-9298-46F27532E12F}"
"ccSvcHst_ccAppPlgMgr_2296"="{456472C7-3D95-427A-A1E1-9816EB7445F3}"
"ccSvcHst_ccAppPlgMgr_2628"="{4952ED75-66CD-4C4A-9303-4F429B300963}"
"ccSvcHst_ccAppPlgMgr_5544"="{D2A771C4-1AC3-4C2E-A6CF-A8FDD6FCC849}"
"ccSvcHst_ccAppPlgMgr_2792"="{9A6B6775-4DE8-44D4-B580-A82B2115D4CA}"
"ccSvcHst_ccAppPlgMgr_4128"="{5FA71F65-7FFA-443F-A685-3DD2522922F3}"
"ccSvcHst_ccAppPlgMgr_4392"="{86EECE64-883F-426C-9532-76AA9EDFAEA7}"
"ccSvcHst_ccAppPlgMgr_2560"="{9AF1AABC-0C0E-4EBA-AF78-B6FFF08B4074}"
"ccSvcHst_ccAppPlgMgr_3440"="{A2DEFB78-BA2E-4D79-BAB9-94344CAE8006}"
"ccSvcHst_ccAppPlgMgr_1636"="{F54089B9-48C5-49D5-82A1-0AD2A7D2B70B}"
"ccSvcHst_ccAppPlgMgr_4288"="{F0F71559-EC50-49DF-B502-BB25ADE7CB65}"
"ccSvcHst_ccAppPlgMgr_2104"="{125908B1-5428-42B2-9C47-BA2FE3936353}"
"ccSvcHst_ccAppPlgMgr_2212"="{4E2BECA0-392D-460F-8C66-0A19904A2408}"
"ccSvcHst_ccAppPlgMgr_1164"="{7159116E-08E9-4090-A447-B606D191604A}"
"ccSvcHst_ccAppPlgMgr_3096"="{41C58516-EA7F-4BDA-9410-D91FDA66EF06}"
"ccSvcHst_ccAppPlgMgr_3044"="{4E7C710C-0144-4E63-B1EC-A7853A51DFE1}"
"ccSvcHst_ccAppPlgMgr_3336"="{0C5D95EF-3A3A-4B86-94F3-A5E37018516D}"
"ccSvcHst_ccAppPlgMgr_3264"="{586E3434-E937-43A6-8324-F658A33A2F4A}"
"ccSvcHst_ccAppPlgMgr_4260"="{B3846CF4-EF6A-4889-9951-8FE5F0742994}"
"ccSvcHst_ccAppPlgMgr_2796"="{F7BEBBA9-1396-49AD-96DB-CE98E57DBCDD}"
"ccSvcHst_ccAppPlgMgr_1468"="{22C2022F-2F9E-4821-993C-D00653A6AB83}"
"ccSvcHst_ccAppPlgMgr_3064"="{3203E35B-C419-45E7-8322-CD0B3EC9C502}"
"ccSvcHst_ccAppPlgMgr_5588"="{EEE5AA0B-F583-4E6D-8455-0BC7B5A3AF84}"
"ccSvcHst_ccAppPlgMgr_3852"="{908B8887-AC88-4C51-A68D-2AB1E0602767}"
"ccSvcHst_ccAppPlgMgr_2100"="{24ED07E5-F36A-4CA1-A7AE-9DEC1A577347}"
"ccSvcHst_ccAppPlgMgr_3924"="{D1159B54-25F3-47F6-8415-7641B72D0F7B}"
"ccSvcHst_ccAppPlgMgr_3656"="{10CC10C4-5884-4D80-90DB-9E85D95F6354}"
"ccSvcHst_ccAppPlgMgr_3992"="{EED8E120-D3A1-4F78-A296-2D960B011D2C}"
"ccSvcHst_ccAppPlgMgr_4760"="{BCA5C3D2-626D-42BE-B93A-586D6143A2F6}"
"ccSvcHst_ccAppPlgMgr_2920"="{1C2EC004-67F3-467F-A1E6-A21C2035E0E7}"
"ccSvcHst_ccAppPlgMgr_2996"="{56FF5F58-23C6-4640-B8BB-CA02F83C8682}"
"ccSvcHst_ccAppPlgMgr_3312"="{09A863FF-550E-4A2C-85A1-A595AC7010DB}"
"ccSvcHst_ccAppPlgMgr_4076"="{A51AB2B0-00FA-4007-8689-FC2E384232A3}"
"ccSvcHst_ccAppPlgMgr_1116"="{A384BA3C-E674-408A-9200-391E414B5167}"
"ccSvcHst_ccAppPlgMgr_4064"="{4623BBCA-C9A5-4C32-9882-D63F4A31874E}"
"ccSvcHst_ccAppPlgMgr_3804"="{5346DCE9-FB41-4D36-BC3E-1683575314AC}"
"ccSvcHst_ccAppPlgMgr_3936"="{6D4E7CDB-4699-48A2-B6FA-397D19B10846}"
"ccSvcHst_ccAppPlgMgr_3932"="{58A500D2-12F3-414B-91E5-201C539F9B35}"
"ccSvcHst_ccAppPlgMgr_3244"="{2D72AABB-EE6F-4C86-8053-D34743E79D37}"
"ccSvcHst_ccAppPlgMgr_2616"="{1938E33B-8974-46BE-9A98-C99C9AA6A1DF}"
"ccSvcHst_ccAppPlgMgr_1496"="{88302E8C-3860-4D48-8984-5DFD08377C17}"
"ccSvcHst_ccAppPlgMgr_2068"="{D4F1E788-45E5-4A9D-808A-C4A9A3B90FA2}"
"ccSvcHst_ccAppPlgMgr_5420"="{358A999E-EBEA-4A0E-88E4-176390F8CB25}"
"ccSvcHst_ccAppPlgMgr_2312"="{D149D385-451A-4DCC-ACB6-B430178BA46C}"
"ccSvcHst_ccAppPlgMgr_3196"="{3526B62E-84D6-4862-A8FB-8717F1F57141}"
"ccSvcHst_ccAppPlgMgr_5080"="{5FCC5469-75A1-440D-BBEA-6183859B5245}"
"ccSvcHst_ccAppPlgMgr_2128"="{34B191AA-7013-4450-880D-909384A8FD9D}"
"ccSvcHst_ccAppPlgMgr_3316"="{1199801F-0C54-4EBE-A1DE-3B0BE98EDF8C}"
"ccSvcHst_ccAppPlgMgr_4396"="{7218560B-7736-4D0E-BF2A-22D101A15493}"
"ccSvcHst_ccAppPlgMgr_5432"="{18EAE4FE-F636-44C7-AB3A-0781DEF1F809}"
"ccSvcHst_ccAppPlgMgr_3996"="{971BDB82-755C-42AC-AABA-9E2D69E2AE47}"
"ccSvcHst_ccAppPlgMgr_2124"="{DC34273F-42C6-490E-A2C1-36E01AA1CA4E}"
"ccSvcHst_ccAppPlgMgr_3692"="{BE0FB0AF-9C54-44EA-8CB6-75C7B14B690E}"
"ccSvcHst_ccAppPlgMgr_2176"="{570DFF30-1EE8-444C-8912-B031BD72F007}"
"ccSvcHst_ccAppPlgMgr_3800"="{59A86D87-49BE-4E5B-99DC-D1E7185BB9B7}"
"ccSvcHst_ccAppPlgMgr_4600"="{96DF6CCD-33B4-4EFD-8119-F6234AA0ED70}"
"ccSvcHst_ccAppPlgMgr_5144"="{682D6A91-1A2E-446A-9FEC-7D275D466759}"
"ccSvcHst_ccAppPlgMgr_2488"="{22B5EC7A-A453-4D1B-AF8C-06F68DFE1FA0}"
"ccSvcHst_ccAppPlgMgr_1876"="{4D7A8682-5024-4ADE-A9D5-BC264033C524}"
"ccSvcHst_ccAppPlgMgr_4000"="{845E51CE-491F-40A1-8678-877AED4F567D}"
"ccSvcHst_ccAppPlgMgr_3184"="{BA91A3C4-E1D4-494A-A9ED-2FAE25F0735C}"
"ccSvcHst_ccAppPlgMgr_5260"="{0BCF3CA3-2BC6-443B-A032-7EA22D88FAD3}"
"ccSvcHst_ccAppPlgMgr_3728"="{6F4228BF-8679-4918-B902-62A72B32F1F2}"
"ccSvcHst_ccAppPlgMgr_4292"="{13CFA8CB-268F-47DE-AA62-F859DE514DEB}"
"ccSvcHst_ccAppPlgMgr_3976"="{C918DBA8-9B78-4F49-8144-532DB513452F}"
"ccSvcHst_ccAppPlgMgr_5400"="{F7DFD97F-CB4E-404B-80EA-5C7A131B8C0A}"
"ccSvcHst_ccAppPlgMgr_1376"="{90987E98-DE3C-4383-B27C-0FCDE4D56833}"
"ccSvcHst_ccAppPlgMgr_3868"="{D1EF3A5A-9C39-4256-816A-5A84B44BB4AD}"
"ccSvcHst_ccAppPlgMgr_3756"="{C9F75AD7-AB42-4257-93BA-2ADFF7AB3CDD}"
"ccSvcHst_ccAppPlgMgr_3968"="{B50579C8-2986-4B73-B569-F12686C7C2BA}"
"ccSvcHst_ccAppPlgMgr_4664"="{315AB1CF-9AA8-4149-AAB8-79DA63558F52}"
"ccSvcHst_ccAppPlgMgr_3280"="{A66E950D-6FFC-43ED-AB76-9A9FDED0C141}"
"ccSvcHst_ccAppPlgMgr_2544"="{6779339C-6819-4E14-868D-DF6EF940D1B0}"
"ccSvcHst_ccAppPlgMgr_2860"="{5E3C11CE-28D6-4732-9998-091DCEC53D56}"
"ccSvcHst_ccAppPlgMgr_3760"="{AF68FFE5-1855-42D0-B5CF-32017E3E7AC7}"
"ccSvcHst_ccAppPlgMgr_4724"="{0BFE2BE2-5EC9-492A-8EE1-7C910A148ECD}"
"ccSvcHst_ccAppPlgMgr_4108"="{79B2A449-4E73-4C5E-B417-6B3C7E2030E0}"
"ccSvcHst_ccAppPlgMgr_3900"="{B329EC55-DFE7-4B7A-AA7F-8D204F218AF9}"
"ccSvcHst_ccAppPlgMgr_1608"="{25B4031C-4C01-4460-A3AC-6B3BD8737BAD}"
"ccSvcHst_ccAppPlgMgr_5552"="{CCDFA142-35D6-495C-83B2-D5823BC90B90}"
"ccSvcHst_ccAppPlgMgr_2592"="{E282E5AB-6735-4B33-9506-FBA830C1EB01}"
"ccSvcHst_ccAppPlgMgr_4072"="{B0B4A53A-FC74-4313-BD41-C8B9D6F5CD81}"
"ccSvcHst_ccAppPlgMgr_3444"="{DC609A3B-9DA3-4786-9B87-57C1DE01A5BA}"
"ccSvcHst_ccAppPlgMgr_4024"="{B08DF7E9-EED2-4BBC-8801-6AB5827C8CC0}"
"ccSvcHst_ccAppPlgMgr_1356"="{CB0D1CAF-80E0-4EA2-A62F-13C813EABA55}"
"ccSvcHst_ccAppPlgMgr_2944"="{589ECE5D-F3F7-46C4-9A9C-7AAA27ACE1CE}"
"ccSvcHst_ccAppPlgMgr_3788"="{1A9F0086-F880-4C59-AD70-D2A3A0EFAB36}"
"ccSvcHst_ccAppPlgMgr_1148"="{7CBFE6F2-1C5F-4968-88DF-0F03039185E5}"
"ccSvcHst_ccAppPlgMgr_4152"="{D3EDB922-E338-4BBC-A123-0D2340F882A7}"
"ccSvcHst_ccAppPlgMgr_1032"="{934686F6-165B-4D8A-A64D-2FE5620E0BBA}"
"ccSvcHst_ccAppPlgMgr_3352"="{93DB7EA3-11AF-42C4-A700-6C0CEC619BB7}"
"ccSvcHst_ccAppPlgMgr_4444"="{6F3F9DF9-2881-4109-971D-3E5A665B6F0C}"
"ccSvcHst_ccAppPlgMgr_3576"="{A23A237F-18CA-455C-8A92-F978A05A6D23}"
"ccSvcHst_ccAppPlgMgr_3520"="{4C486DDE-07A3-4CFF-96D7-3C44146E5596}"
"ccSvcHst_ccAppPlgMgr_4256"="{7E2CA9D3-8ED0-43A8-AE15-9DDCEE9975D8}"
"ccSvcHst_ccAppPlgMgr_3816"="{D55B6872-2E5E-4550-A362-09860F9094BC}"
"ccSvcHst_ccAppPlgMgr_3532"="{3E597D81-FA57-4F73-B2DC-9C560FB2E1E0}"
"ccSvcHst_ccAppPlgMgr_3928"="{E1A2486E-2475-4E56-9DE2-B363D776097C}"
"ccSvcHst_ccAppPlgMgr_4084"="{38F57E93-6068-4DF5-991A-CE0A6CF7E5A0}"
"ccSvcHst_ccAppPlgMgr_2260"="{D837955F-DD18-4489-B8E8-6949C5E48A8D}"
"ccSvcHst_ccAppPlgMgr_3572"="{231FE632-B98F-4432-8EF2-B49C3BA6C84D}"
"ccSvcHst_ccAppPlgMgr_1408"="{9448654D-95B9-4609-A305-0E02852D1710}"
"ccSvcHst_ccAppPlgMgr_1080"="{5FC1FB4B-01BC-4582-95BF-03540CCE48FF}"
"ccSvcHst_ccAppPlgMgr_2480"="{653294B0-8DF0-44F9-BFE4-42C491E31A55}"
"ccSvcHst_ccAppPlgMgr_2236"="{FB16FD5E-FB1B-47D9-8242-1C70636BF2A3}"
"ccSvcHst_ccAppPlgMgr_2752"="{3C3345EF-A7FA-4292-B4AB-CDFF6A223935}"
"ccSvcHst_ccAppPlgMgr_3792"="{4BED488C-71D4-46B3-804A-A27F2A22A142}"
"ccSvcHst_ccAppPlgMgr_3964"="{B779638B-AF28-4437-8692-B987CC57967A}"
"ccSvcHst_ccAppPlgMgr_3856"="{DEB44772-719D-4266-B1E6-350C674F4FC4}"
"ccSvcHst_ccAppPlgMgr_2256"="{8AE223A6-26ED-41E2-A72E-DB256D1AE1AF}"
"ccSvcHst_ccAppPlgMgr_3696"="{B42293F4-F431-4035-9D9D-E63083934E64}"
"ccSvcHst_ccAppPlgMgr_3720"="{1434A1AB-5618-4E13-A9F2-C1EA74BD005B}"
"ccSvcHst_ccAppPlgMgr_3864"="{0D77D441-1C43-483C-BB7D-222EC7B460B4}"
"ccSvcHst_ccAppPlgMgr_2540"="{6D7E470E-FFED-4830-9310-8E263AA33880}"
"ccSvcHst_ccAppPlgMgr_3512"="{D64734D7-49E9-4C75-8E04-9B7C7E50AC34}"
"ccSvcHst_ccAppPlgMgr_3592"="{A90ABE0F-BE99-408B-9ADE-AEB6F9769400}"
"ccSvcHst_ccAppPlgMgr_3844"="{F5DBC883-5370-48CC-B2FD-7A6D50AFC217}"
"ccSvcHst_ccAppPlgMgr_3580"="{07AC071C-41C6-4A25-8ADC-01A9C41E8F5E}"
"ccSvcHst_ccAppPlgMgr_3960"="{235BF5E5-BA38-47BD-806E-1DFCCC6F0849}"
"ccSvcHst_ccAppPlgMgr_4068"="{3059B6F9-60D5-4809-9F64-5D93ABE51614}"
"ccSvcHst_ccAppPlgMgr_3808"="{BF7AD38A-DD43-409D-90B5-3839D590BD1B}"
"ccSvcHst_ccAppPlgMgr_3748"="{575FC29C-4AF3-4A34-81D4-E554EF5320D9}"
"ccSvcHst_ccAppPlgMgr_3724"="{5020F4D0-5DAB-4910-8376-18CE6171F512}"
"ccSvcHst_ccAppPlgMgr_3776"="{E54FF270-7D00-4023-AD47-D917AC49DFE5}"
"ccSvcHst_ccAppPlgMgr_4112"="{D07263DE-F9D8-4237-90A9-F41582E31DE5}"
"ccSvcHst_ccAppPlgMgr_3780"="{7AA9A0E4-B0F9-463A-97A4-BB3DDD9DB93C}"
"ccSvcHst_ccAppPlgMgr_1264"="{291402F7-219A-41F9-8456-2EE31DDD8523}"
"ccSvcHst_ccAppPlgMgr_1784"="{98C248BF-526F-43C9-8588-1A52EEAE73EF}"
"ccSvcHst_ccAppPlgMgr_3952"="{8C7CCC22-4F82-41F1-B207-CC61566ADE82}"
"ccSvcHst_ccAppPlgMgr_3252"="{03BE85CF-D5D2-40E0-A71A-9F73CC96699A}"
"ccSvcHst_ccAppPlgMgr_976"="{E7570DFD-F964-4ACE-B486-AA49E1CC5859}"
"ccSvcHst_ccAppPlgMgr_3912"="{823BEF70-E287-48E2-8A48-9B94B164673F}"
"ccSvcHst_ccAppPlgMgr_3712"="{5C3B14DD-D972-4A52-BD71-7AD5B23D3998}"
"ccSvcHst_ccAppPlgMgr_3688"="{9CC76BF9-D1E9-4E9A-99FA-950BC8643689}"
"ccSvcHst_ccAppPlgMgr_4092"="{4E7AAFC5-96B2-447E-B959-5D4F571E6B62}"
"ccSvcHst_ccAppPlgMgr_3700"="{252A9464-C4EE-4766-B72A-416F6223684F}"
"ccSvcHst_ccAppPlgMgr_2736"="{8CA04B1D-34FB-445A-85CC-D58A6AE678BB}"
"ccSvcHst_ccAppPlgMgr_3824"="{8D06F2FB-865F-4881-85F8-D1747E9A22FE}"
"ccSvcHst_ccAppPlgMgr_3796"="{12E20FEE-525A-4684-97EF-D3372B0B1F2A}"
"ccSvcHst_ccAppPlgMgr_4008"="{8957CC08-BF53-4F83-A1BF-3D73D7B6965F}"
"ccSvcHst_ccAppPlgMgr_3676"="{CC056EBA-F479-477B-B72C-262CFA59FBA7}"
"ccSvcHst_ccAppPlgMgr_3956"="{AA208122-3FA0-48D6-9DF1-147BD71284BA}"
"ccSvcHst_ccAppPlgMgr_2412"="{BAFF0DED-C1B1-4F6C-8981-41CC8B6E4CE1}"
"ccSvcHst_ccAppPlgMgr_3664"="{AC42D584-A3B2-4511-A2D8-55D55398E9CC}"
"ccSvcHst_ccAppPlgMgr_752"="{CFAC5979-DB7E-45CE-8A27-45D47482304D}"
"ccSvcHst_ccAppPlgMgr_2156"="{29B4EAC6-530E-432C-9693-61F8FB819E87}"
"ccSvcHst_ccSetMgr"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_CLTNetCnService"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"cltIPCServer_Channel"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"ccSettingsService"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineCallbackIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{A6D74B3B-C009-48CE-ADB6-159798ECB2C0}"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"SNDServiceRequestChannel"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"SNDLocationChannel"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_LiveUpdate Notice"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"ccSvcHst_ccEvtMgr"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccEvtCli"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_AvProdSvcComm_"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"NortonNetServiceIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"NetMapServiceIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_IsDataSvcComm_Options"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_IsDataSvcComm_"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"IPS_COMMAND_CHANNEL"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_ccAppPlgMgr_3100"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"{F6EACF09-0C79-4071-8BCE-6D589E72E689}"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"ToasterNotify\\SessionID_1"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"AvProdSession_01"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(660)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
Celkový čas: 2011-09-18 18:38:12
ComboFix-quarantined-files.txt 2011-09-18 16:38
.
Před spuštěním: 6 034 976 768
Po spuštění: 5 919 199 232
.
- - End Of File - - 3240E6A9983CA76868EC7A03CBC68CD4

Dante Aligi · #9 Příspěvek od **Dante Aligi** » 18 zář 2011 18:04

tak tu je dalsi log

ComboFix 11-09-17.06 - ASUS 18.09.2011 17:58:34.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3037.1918 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton AntiVirus *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton AntiVirus *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Plugin Manager\SkypePM.exe
c:\programdata\Xfire
c:\programdata\Xfire\downloads\133.update
c:\programdata\Xfire\downloads\metadata\3696.ini
c:\programdata\Xfire\downloads\metadata\3699.ini
c:\programdata\Xfire\downloads\metadata\fileids.ini
c:\programdata\Xfire\downloads\xfire_games_20110428.zip
c:\programdata\Xfire\channels\channel1000.ini
c:\programdata\Xfire\channels\channel100051.ini
c:\programdata\Xfire\channels\channel100052.ini
c:\programdata\Xfire\channels\channel104147.ini
c:\programdata\Xfire\channels\channel104148.ini
c:\programdata\Xfire\channels\channel104149.ini
c:\programdata\Xfire\channels\channel104157.ini
c:\programdata\Xfire\channels\channel104158.ini
c:\programdata\Xfire\channels\channel104578.ini
c:\programdata\Xfire\channels\channel104683.ini
c:\programdata\Xfire\channels\channel104684.ini
c:\programdata\Xfire\channels\channel104702.ini
c:\programdata\Xfire\channels\channel104745.ini
c:\programdata\Xfire\channels\channel104746.ini
c:\programdata\Xfire\channels\channel105009.ini
c:\programdata\Xfire\channels\channel105034.ini
c:\programdata\Xfire\channels\channel105036.ini
c:\programdata\Xfire\channels\channel105037.ini
c:\programdata\Xfire\channels\channel105476.ini
c:\programdata\Xfire\channels\channel105535.ini
c:\programdata\Xfire\channels\channel105985.ini
c:\programdata\Xfire\channels\channelids.ini
c:\programdata\Xfire\Icons\123kick.ico
c:\programdata\Xfire\Icons\advqw.ico
c:\programdata\Xfire\Icons\anomwze.ico
c:\programdata\Xfire\Icons\aoeonl.ico
c:\programdata\Xfire\Icons\argo.ico
c:\programdata\Xfire\Icons\azs.ico
c:\programdata\Xfire\Icons\bbmog11.ico
c:\programdata\Xfire\Icons\bbmog12.ico
c:\programdata\Xfire\Icons\bfp4f.ico
c:\programdata\Xfire\Icons\blksh.ico
c:\programdata\Xfire\Icons\btft.ico
c:\programdata\Xfire\Icons\bttrprr.ico
c:\programdata\Xfire\Icons\bwrld.ico
c:\programdata\Xfire\Icons\clra.ico
c:\programdata\Xfire\Icons\crimec.ico
c:\programdata\Xfire\Icons\crytao.ico
c:\programdata\Xfire\Icons\csi6.ico
c:\programdata\Xfire\Icons\cso.ico
c:\programdata\Xfire\Icons\dagel.ico
c:\programdata\Xfire\Icons\dlpn.ico
c:\programdata\Xfire\Icons\dspore.ico
c:\programdata\Xfire\Icons\ebedits.ico
c:\programdata\Xfire\Icons\fifaonl2.ico
c:\programdata\Xfire\Icons\fxion.ico
c:\programdata\Xfire\Icons\gmnrue.ico
c:\programdata\Xfire\Icons\gobx.ico
c:\programdata\Xfire\Icons\grmttr.ico
c:\programdata\Xfire\Icons\habboh.ico
c:\programdata\Xfire\Icons\jggrnt.ico
c:\programdata\Xfire\Icons\kghtqst.ico
c:\programdata\Xfire\Icons\legosw3.ico
c:\programdata\Xfire\Icons\lrdltm.ico
c:\programdata\Xfire\Icons\mlb2k11.ico
c:\programdata\Xfire\Icons\mnplymlns.ico
c:\programdata\Xfire\Icons\mrtonl.ico
c:\programdata\Xfire\Icons\mscchllg.ico
c:\programdata\Xfire\Icons\mtgt.ico
c:\programdata\Xfire\Icons\mtlaslt.ico
c:\programdata\Xfire\Icons\myctylf.ico
c:\programdata\Xfire\Icons\netkar.ico
c:\programdata\Xfire\Icons\oni.ico
c:\programdata\Xfire\Icons\port2.ico
c:\programdata\Xfire\Icons\pyrvlle.ico
c:\programdata\Xfire\Icons\qdra.ico
c:\programdata\Xfire\Icons\rawayatof.ico
c:\programdata\Xfire\Icons\rawaytdott.ico
c:\programdata\Xfire\Icons\resev.ico
c:\programdata\Xfire\Icons\rush.ico
c:\programdata\Xfire\Icons\slnstrt.ico
c:\programdata\Xfire\Icons\sowgb.ico
c:\programdata\Xfire\Icons\sprcty.ico
c:\programdata\Xfire\Icons\thps2.ico
c:\programdata\Xfire\Icons\tkitri.ico
c:\programdata\Xfire\Icons\tnbt.ico
c:\programdata\Xfire\Icons\torgtrl.ico
c:\programdata\Xfire\Icons\twitchv.ico
c:\programdata\Xfire\Icons\twrstk.ico
c:\programdata\Xfire\Icons\twwrld.ico
c:\programdata\Xfire\Icons\vba.ico
c:\programdata\Xfire\Icons\wh40kfw.ico
c:\programdata\Xfire\Icons\wiz8.ico
c:\programdata\Xfire\Icons\wrldvmprs.ico
c:\programdata\Xfire\Icons\xonot.ico
c:\programdata\Xfire\Icons\zblz.ico
c:\programdata\Xfire\Icons\zlane.ico
c:\programdata\Xfire\sounds\classic.zip
c:\programdata\Xfire\sounds\defaults.zip
c:\programdata\Xfire\templates\about.tmpl
c:\programdata\Xfire\templates\addfriend.tmpl
c:\programdata\Xfire\templates\clanreminder.tmpl
c:\programdata\Xfire\templates\infoview\aao\filter.css
c:\programdata\Xfire\templates\infoview\aao\filter.js
c:\programdata\Xfire\templates\infoview\aao\server.css
c:\programdata\Xfire\templates\infoview\aao\server.js
c:\programdata\Xfire\templates\infoview\aol_user.tmpl
c:\programdata\Xfire\templates\infoview\bf2\filter.css
c:\programdata\Xfire\templates\infoview\bf2\filter.js
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.css
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.js
c:\programdata\Xfire\templates\infoview\bf2\game_bf2.tmpl
c:\programdata\Xfire\templates\infoview\bf2\game_bf2_js.tmpl
c:\programdata\Xfire\templates\infoview\blank.tmpl
c:\programdata\Xfire\templates\infoview\buddycat.tmpl
c:\programdata\Xfire\templates\infoview\clan.tmpl
c:\programdata\Xfire\templates\infoview\clanfavservercat.tmpl
c:\programdata\Xfire\templates\infoview\codmp\filter.js
c:\programdata\Xfire\templates\infoview\codmp\game_codmp.tmpl
c:\programdata\Xfire\templates\infoview\codmp\game_codmp_js.tmpl
c:\programdata\Xfire\templates\infoview\coduomp\filter.js
c:\programdata\Xfire\templates\infoview\coduomp\game_coduomp.tmpl
c:\programdata\Xfire\templates\infoview\coduomp\game_coduomp_js.tmpl
c:\programdata\Xfire\templates\infoview\cs\filter.css
c:\programdata\Xfire\templates\infoview\cs\filter.js
c:\programdata\Xfire\templates\infoview\cs\game_cs.tmpl
c:\programdata\Xfire\templates\infoview\cs\game_cs_js.tmpl
c:\programdata\Xfire\templates\infoview\css\filter.css
c:\programdata\Xfire\templates\infoview\css\filter.js
c:\programdata\Xfire\templates\infoview\css\game_css.tmpl
c:\programdata\Xfire\templates\infoview\css\game_css_js.tmpl
c:\programdata\Xfire\templates\infoview\customgroup.tmpl
c:\programdata\Xfire\templates\infoview\download.tmpl
c:\programdata\Xfire\templates\infoview\download_header.tmpl
c:\programdata\Xfire\templates\infoview\download_pac_info.tmpl
c:\programdata\Xfire\templates\infoview\download_styles.tmpl
c:\programdata\Xfire\templates\infoview\downloadactive.tmpl
c:\programdata\Xfire\templates\infoview\downloadallchannels.tmpl
c:\programdata\Xfire\templates\infoview\downloadcat.tmpl
c:\programdata\Xfire\templates\infoview\downloadhelp.tmpl
c:\programdata\Xfire\templates\infoview\downloadnewest.tmpl
c:\programdata\Xfire\templates\infoview\downloadpatches.tmpl
c:\programdata\Xfire\templates\infoview\downloadtop10.tmpl
c:\programdata\Xfire\templates\infoview\filter.tmpl
c:\programdata\Xfire\templates\infoview\friends.tmpl
c:\programdata\Xfire\templates\infoview\gw\server.css
c:\programdata\Xfire\templates\infoview\gw\server.js
c:\programdata\Xfire\templates\infoview\channel.tmpl
c:\programdata\Xfire\templates\infoview\chat_rooms_help.tmpl
c:\programdata\Xfire\templates\infoview\chatroom.tmpl
c:\programdata\Xfire\templates\infoview\login.tmpl
c:\programdata\Xfire\templates\infoview\mame32\server.js
c:\programdata\Xfire\templates\infoview\notification.tmpl
c:\programdata\Xfire\templates\infoview\offline.tmpl
c:\programdata\Xfire\templates\infoview\plugin_cat.tmpl
c:\programdata\Xfire\templates\infoview\quake4\server.js
c:\programdata\Xfire\templates\infoview\quakel\server.js
c:\programdata\Xfire\templates\infoview\screenshot.tmpl
c:\programdata\Xfire\templates\infoview\screenshot_cat.tmpl
c:\programdata\Xfire\templates\infoview\screenshot_header.tmpl
c:\programdata\Xfire\templates\infoview\screenshots_help.tmpl
c:\programdata\Xfire\templates\infoview\scripts\activity_report.js
c:\programdata\Xfire\templates\infoview\scripts\AjaxRequest.js
c:\programdata\Xfire\templates\infoview\scripts\blog.js
c:\programdata\Xfire\templates\infoview\scripts\clans.js
c:\programdata\Xfire\templates\infoview\scripts\colorize.js
c:\programdata\Xfire\templates\infoview\scripts\combobox.js
c:\programdata\Xfire\templates\infoview\scripts\download.js
c:\programdata\Xfire\templates\infoview\scripts\filter.js
c:\programdata\Xfire\templates\infoview\scripts\filter_functions.js
c:\programdata\Xfire\templates\infoview\scripts\games_list.js
c:\programdata\Xfire\templates\infoview\scripts\linkify.js
c:\programdata\Xfire\templates\infoview\scripts\personal_file_transfers.js
c:\programdata\Xfire\templates\infoview\scripts\screenshots.js
c:\programdata\Xfire\templates\infoview\scripts\server.js
c:\programdata\Xfire\templates\infoview\scripts\shared.js
c:\programdata\Xfire\templates\infoview\scripts\user.js
c:\programdata\Xfire\templates\infoview\scripts\video.js
c:\programdata\Xfire\templates\infoview\scripts\videocontests.js
c:\programdata\Xfire\templates\infoview\scripts\voicechat.js
c:\programdata\Xfire\templates\infoview\server.tmpl
c:\programdata\Xfire\templates\infoview\servercat.tmpl
c:\programdata\Xfire\templates\infoview\style.tmpl
c:\programdata\Xfire\templates\infoview\styles\clan.css
c:\programdata\Xfire\templates\infoview\styles\filter.css
c:\programdata\Xfire\templates\infoview\styles\server.css
c:\programdata\Xfire\templates\infoview\styles\shared.css
c:\programdata\Xfire\templates\infoview\styles\user.css
c:\programdata\Xfire\templates\infoview\styles\video.css
c:\programdata\Xfire\templates\infoview\swbf2\server.js
c:\programdata\Xfire\templates\infoview\systemmsg.tmpl
c:\programdata\Xfire\templates\infoview\tmo\server.js
c:\programdata\Xfire\templates\infoview\user.tmpl
c:\programdata\Xfire\templates\infoview\ut2k4\game_ut2k4.tmpl
c:\programdata\Xfire\templates\infoview\ut2k4\game_ut2k4_js.tmpl
c:\programdata\Xfire\templates\infoview\video.tmpl
c:\programdata\Xfire\templates\infoview\video_header.tmpl
c:\programdata\Xfire\templates\infoview\videos_help.tmpl
c:\programdata\Xfire\templates\infoview\wow\game_wow.tmpl
c:\programdata\Xfire\templates\infoview\wow\server.css
c:\programdata\Xfire\templates\infoview\wow\server.js
c:\programdata\Xfire\templates\notifications.tmpl
c:\programdata\Xfire\templates\post_game_screenshots.tmpl
c:\programdata\Xfire\templates\post_game_videos.tmpl
c:\programdata\Xfire\templates\registration.tmpl
c:\programdata\Xfire\Xfire.ini
c:\programdata\Xfire\xfire_games.bak
c:\programdata\Xfire\xfire_games.ini
c:\users\ASUS\AppData\Local\ApplicationHistory
c:\users\ASUS\AppData\Local\ApplicationHistory\ngen.exe.2c05686e.ini
c:\users\ASUS\AppData\Local\ApplicationHistory\TurbineInvoker.exe.e6ad22c.ini
c:\users\ASUS\AppData\Local\ApplicationHistory\TurbineLauncher.exe.17d21056.ini
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\no
c:\windows\system32\no\AuthFWSnapIn.Resources.dll
c:\windows\system32\no\AuthFWWizFwk.Resources.dll
c:\windows\system32\no\Narrator.resources.dll
.
c:\windows\system32\userinit.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 15:32 . 2011-09-18 15:32 54016 ----a-w- c:\windows\system32\drivers\brtqowru.sys
2011-09-18 13:25 . 2011-09-18 13:25 -------- d-----w- c:\users\ASUS\AppData\Roaming\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- c:\program files\trend micro
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- C:\rsit
2011-09-11 17:37 . 2011-09-11 17:37 -------- d-----w- c:\program files\iPod
2011-09-11 17:27 . 2011-09-12 20:15 -------- d-----w- c:\program files\Bonjour
2011-09-11 17:16 . 2011-09-12 20:15 -------- d-----w- c:\program files\QuickTime
2011-09-03 21:02 . 2011-09-12 20:15 -------- d-----w- c:\program files\Apple Software Update
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-12 20:21 . 2009-02-23 20:10 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-09-08 10:44 . 2011-05-20 17:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-11 12:30 . 2009-06-05 14:37 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-03 21:18 . 2011-08-03 21:18 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2010-01-21 289584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-03-31 266240]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-01-25 677144]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-12 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-12 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-12 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="d:\programy\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-11-29 443728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\explorer.exe,"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OfficeSAS.lnk
backup=c:\windows\pss\OfficeSAS.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
path=c:\users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-02-23 19:47 37232 ----a-w- c:\windows\ASScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-02-23 19:47 33136 ----a-w- c:\windows\ASScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2008-02-01 13:29 61440 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2009-08-17 12:48 85888 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-13 13:49 136176 ----atw- c:\users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-09-11 03:40 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2008-02-22 10:19 62760 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:45 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2011-08-07 13:58 3077528 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2008-04-02 18:09 87336 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-08-07 10:54 1242448 ----a-w- d:\programy\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
R3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
R4 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-06-25 64160]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2007-09-26 15416]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-13 218688]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110908.001\IDSvix86.sys [2010-09-15 287792]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2007-07-23 38816]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-18 105592]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - aswFsBlk
*Deregistered* - aswMonFlt
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - ehdrv
*Deregistered* - epfwwfpr
*Deregistered* - SCDEmu
.
Obsah adresáře 'Naplánované úlohy'
.
2010-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1083555474-487684997-3636995369-1000Core1cb6c5d95b805b3.job
- c:\users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 13:49]
.
2011-08-23 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - ASUS.job
- c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/home.php?
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - /105
Trusted Zone: kuaiche.com\software
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=sm&tb_ver=1.1.8&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-fsm - (no file)
MSConfigStartUp-AlcoholAutomount - c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-MobileConnect - c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
MSConfigStartUp-RGSC - d:\hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-SCDEmuApp - c:\program files\PowerISO\SCDEmuApp.exe
MSConfigStartUp-UpdatePPShortCut - c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0e,8e,98,09,98,ac,74,95,9f,ac,af,5b,7e,74,8f,65,7d,b0,8a,90,e5,ca,5e,
43,f5,6a,31,b7,57,3e,bc,32,b6,1a,15,0d,77,c6,ec,93,82,51,f0,17,83,04,98,7a,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\License information*]
"datasecu"=hex:69,bf,da,3b,d3,16,fc,3d,81,c6,61,ec,bf,21,a2,58,41,b9,df,b2,3a,
94,8d,a5,5d,29,ff,e4,5b,5a,b2,94,0a,9e,e8,e5,48,3d,4f,bd,77,e9,ca,53,4f,4f,\
"rkeysecu"=hex:b9,dd,9a,18,eb,3d,da,76,ba,5a,25,f1,78,cd,ff,09
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_ccAppPlgMgr_5104"="{EB4A00BB-588C-4135-9B55-98430D465103}"
"ccSvcHst_ccAppPlgMgr_4184"="{74BA3680-2614-4A5F-A2C2-4930CD84C271}"
"ccSvcHst_ccAppPlgMgr_3552"="{52D957E7-18E6-4AF1-A080-50C40431E28A}"
"ccSvcHst_ccAppPlgMgr_5020"="{EAD2FC07-70E8-4CD3-85F0-EF02FB585C0B}"
"ccSvcHst_ccAppPlgMgr_4452"="{5293109B-C38A-495A-AFE8-3F9B9A5CBEF4}"
"ccSvcHst_ccAppPlgMgr_4816"="{6E611A96-1801-4995-8C62-6D74D0560C42}"
"ccSvcHst_ccAppPlgMgr_4544"="{5A1ABCA5-345B-4C70-864C-DB97E266212D}"
"ccSvcHst_ccAppPlgMgr_3488"="{FAF0EB9B-958A-4EDA-93BF-7AD390C34834}"
"ccSvcHst_ccAppPlgMgr_3600"="{482F2450-936C-4311-A066-F09F0D896250}"
"ccSvcHst_ccAppPlgMgr_5464"="{D81EE1E0-2509-40AF-8EE5-5C2127187234}"
"ccSvcHst_ccAppPlgMgr_4136"="{5D1B9279-C448-498E-A94F-7140D5FEA378}"
"ccSvcHst_ccAppPlgMgr_1128"="{3040857B-3EF1-43EF-A26E-AC69B0E74E06}"
"ccSvcHst_ccAppPlgMgr_5152"="{B0FC7869-6FF0-423F-863B-DC5A9F47CE95}"
"ccSvcHst_ccAppPlgMgr_4044"="{C50E1F15-41FF-4DED-9557-6D3608F36A63}"
"ccSvcHst_ccAppPlgMgr_2376"="{40E1C876-C018-4B12-A7D5-2DEDEDF50AAC}"
"ccSvcHst_ccAppPlgMgr_4036"="{6A426963-F93F-4260-8032-93B0F652FC39}"
"ccSvcHst_ccAppPlgMgr_5664"="{1EBC97A3-FDC9-4D07-B341-05363A2C40CB}"
"ccSvcHst_ccAppPlgMgr_5192"="{47E45ECE-AD1D-4C20-85D7-5B28DB6F526D}"
"ccSvcHst_ccAppPlgMgr_4960"="{9FBA5831-7959-45F5-B662-D8648C183F2E}"
"ccSvcHst_ccAppPlgMgr_5000"="{23AAFA2E-DDB2-4D43-AA87-A5EAAD7DF625}"
"ccSvcHst_ccAppPlgMgr_4928"="{817798DF-ACFF-40A9-BF56-E9A3B91EA191}"
"ccSvcHst_ccAppPlgMgr_4672"="{52014DE7-D7D9-4274-A8A5-2D324CEA131C}"
"ccSvcHst_ccAppPlgMgr_3000"="{DC91D47C-A496-40E8-B12A-1324C9DD21AB}"
"ccSvcHst_ccAppPlgMgr_3904"="{155C0B2F-37E6-46FC-A7F2-03F6425BE56F}"
"ccSvcHst_ccAppPlgMgr_2284"="{8D67D1F5-8925-4553-B66B-36FC705428A8}"
"ccSvcHst_ccAppPlgMgr_2808"="{5BB87080-AF51-4B89-A229-6B771E829FED}"
"ccSvcHst_ccAppPlgMgr_3188"="{545BBA88-85DE-410A-BE6A-A0D3297A4654}"
"ccSvcHst_ccAppPlgMgr_4824"="{E3DCF3F2-DFBA-4331-8A23-FD574D408C3B}"
"ccSvcHst_ccAppPlgMgr_4364"="{BB9F9D4F-2466-4949-9281-C5414DE661B7}"
"ccSvcHst_ccAppPlgMgr_1464"="{FB1E9111-85C3-4561-B2DC-1B0E45042007}"
"ccSvcHst_ccAppPlgMgr_5840"="{7DFA3DA9-CD1C-4A5B-8C8A-0CBFA477DF80}"
"ccSvcHst_ccAppPlgMgr_1088"="{A8AEC242-2FBE-412C-A399-EA703264118E}"
"ccSvcHst_ccAppPlgMgr_2520"="{0A5A5D8C-C8E3-4025-B658-E817303F1DE6}"
"ccSvcHst_ccAppPlgMgr_4696"="{F81C2E67-DC4A-4236-9B20-AAC5E46B9CB2}"
"ccSvcHst_ccAppPlgMgr_5088"="{3514E0D8-235D-45E7-9839-31B589243935}"
"ccSvcHst_ccAppPlgMgr_5116"="{01AFC30D-5808-434F-865F-BD969065E872}"
"ccSvcHst_ccAppPlgMgr_3364"="{9D883239-C778-4A15-8739-5C68178F4797}"
"ccSvcHst_ccAppPlgMgr_3228"="{24D3BA91-8522-43A5-883E-0E785588B941}"
"ShieldDataServiceChannel"="{056D96DF-1E26-4B23-B594-F96D39E5B81E}"
"ccSvcHst_ccAppPlgMgr_5216"="{2A00FC50-F9AA-4D17-863A-D166F63B1E8E}"
"ccSvcHst_ccAppPlgMgr_11272"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"AvProdSession_02"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"ToasterNotify\\SessionID_2"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}2"="{D63C4DF8-0EC9-4D37-8258-DE90D78899A2}"
"ccSvcHst_ccAppPlgMgr_4268"="{F2C9C0C6-6489-4153-8E07-54DF768E91A0}"
"ccSvcHst_ccAppPlgMgr_3272"="{A752FF86-E1D6-47D2-9959-5614B1687818}"
"ccSvcHst_ccAppPlgMgr_3860"="{01571C5C-CE9A-46C7-AFAC-74C5392480E9}"
"ccSvcHst_ccAppPlgMgr_2968"="{C81A5D5E-E32E-4526-95B6-C0263A67FC5B}"
"ccSvcHst_ccAppPlgMgr_512"="{1084C286-FECE-45A7-BFEB-B716C21BA9D3}"
"ccSvcHst_ccAppPlgMgr_4668"="{9F856B66-292F-423D-8F70-A66DD41A2EE7}"
"ccSvcHst_ccAppPlgMgr_5376"="{81826A82-3B6A-4344-8949-07414867AE8E}"
"ccSvcHst_ccAppPlgMgr_3732"="{07B77386-10F7-4D01-B726-EF8CAD27D487}"
"ccSvcHst_ccAppPlgMgr_3476"="{20D12F3B-AE38-4D7B-B330-84C021B9638A}"
"ccSvcHst_ccAppPlgMgr_4580"="{351F0169-18F4-401F-81C5-16C19DC37BE4}"
"ccSvcHst_ccAppPlgMgr_3308"="{2A9B79EC-8BCF-418B-95AA-B9224ADC464D}"
"ccSvcHst_ccAppPlgMgr_4488"="{1BDA0463-D607-4E49-AD98-9AE0CDF68F66}"
"ccSvcHst_ccAppPlgMgr_616"="{22FDC351-B145-484F-9072-69FD7C896F2E}"
"ccSvcHst_ccAppPlgMgr_1848"="{F40685DF-196E-412F-B5E7-638DFF6F2E35}"
"ccSvcHst_ccAppPlgMgr_3736"="{6A4223E3-D94A-4C03-A060-8E5738B46054}"
"ccSvcHst_ccAppPlgMgr_3604"="{86CCFEA4-CFBA-4670-A51A-F782CB00050F}"
"ccSvcHst_ccAppPlgMgr_1168"="{83C6D49E-AFA1-459B-9F60-920F7A5B48C0}"
"ccSvcHst_ccAppPlgMgr_4492"="{71559A4B-889C-4B74-B925-7856B228417D}"
"ccSvcHst_ccAppPlgMgr_3832"="{C6BBE1B5-C2D8-4FC8-8874-A2DF7AE210E9}"
"ccSvcHst_ccAppPlgMgr_2064"="{26CB9FBA-932F-4975-9C89-106429CCB783}"
"ccSvcHst_ccAppPlgMgr_1176"="{4D10B59E-EBD4-434F-A940-AADFAACEAEF2}"
"ccSvcHst_ccAppPlgMgr_5084"="{66B87F95-27C1-47F4-8191-A35609A69ADB}"
"ccSvcHst_ccAppPlgMgr_5124"="{6A5FF3B7-86BC-497A-8245-2B1425FB6B49}"
"ccSvcHst_ccAppPlgMgr_4464"="{E1CD2B7A-54BC-4865-AC7F-05A01002FB6C}"
"ccSvcHst_ccAppPlgMgr_2928"="{6002A14D-FC82-46EA-8A7B-C8B9BD351F43}"
"ccSvcHst_ccAppPlgMgr_1624"="{8313E1E1-3D0D-4406-ACCB-13ADA1A15685}"
"ccSvcHst_ccAppPlgMgr_5940"="{3D1022FB-CD49-414D-AA44-6DBCE95A4680}"
"ccSvcHst_ccAppPlgMgr_4636"="{2BDDDA70-02C7-4BE6-A4AC-53027745117E}"
"ccSvcHst_ccAppPlgMgr_5160"="{1C27563A-2DAD-4950-AA28-4C2F57160DC2}"
"ccSvcHst_ccAppPlgMgr_2464"="{BB8312CB-6074-4345-B293-CBB5E5EAA165}"
"ccSvcHst_ccAppPlgMgr_1104"="{E10B5CD0-0E9E-4158-9718-8A2C61C2898D}"
"ccSvcHst_ccAppPlgMgr_2556"="{A3DF93F3-2599-46BC-AA22-4CA255F37DB6}"
"ccSvcHst_ccAppPlgMgr_4556"="{D6AF380F-F6F6-45D4-8DCC-C6D2B662E314}"
"ccSvcHst_ccAppPlgMgr_3092"="{C244F965-CBF9-4014-B434-B36FB9113DD0}"
"ccSvcHst_ccAppPlgMgr_1404"="{0694E8E5-42D4-4092-B57D-D5F8084D3814}"
"ccSvcHst_ccAppPlgMgr_4412"="{C9600ABF-081D-4305-8048-EA4387E3D6D4}"
"ccSvcHst_ccAppPlgMgr_4344"="{D750C928-FDB0-4991-98F8-07A871D44B58}"
"ccSvcHst_ccAppPlgMgr_5008"="{BFFC751C-5075-4200-A669-5142EDD63820}"
"ccSvcHst_ccAppPlgMgr_5728"="{BEECA4B0-24E1-44A6-82BF-65E5125BBDE6}"
"ccSvcHst_ccAppPlgMgr_5440"="{435E6D9C-6991-4028-85EA-43978E9052C9}"
"ccSvcHst_ccAppPlgMgr_6092"="{D3AFBE5B-BBD5-40CC-A8E9-354DE95EB073}"
"ccSvcHst_ccAppPlgMgr_5692"="{B390BEDD-8F72-470E-9011-5545281F4732}"
"ccSvcHst_ccAppPlgMgr_5828"="{86B35C16-BF4B-4FA5-82D3-1EF9271E2160}"
"ccSvcHst_ccAppPlgMgr_2200"="{6C462473-77E8-4B0F-A86E-6EE1229C5BE8}"
"ccSvcHst_ccAppPlgMgr_780"="{188D84FA-0B64-4A09-9181-3907CC31E714}"
"ccSvcHst_ccAppPlgMgr_4372"="{DAC61AA1-E345-4B03-B3AC-0FD0EAD00B64}"
"ccSvcHst_ccAppPlgMgr_4660"="{630E0EF7-0397-4BD8-8712-AD9DEB96B7BC}"
"ccSvcHst_ccAppPlgMgr_4632"="{127F23A7-B4A1-4887-8E74-15ED50A09FD7}"
"ccSvcHst_ccAppPlgMgr_4700"="{945C40ED-13A9-44D4-B259-5FCCD87BB95B}"
"ccSvcHst_ccAppPlgMgr_4616"="{7F3A1643-E415-457C-B4DD-D9E6060DC83A}"
"ccSvcHst_ccAppPlgMgr_2624"="{E3BCE9EE-7C8D-43D5-9E06-A0CEAFE113B2}"
"ccSvcHst_ccAppPlgMgr_4860"="{A5754293-A3B2-4374-B669-55986ADFDF2A}"
"ccSvcHst_ccAppPlgMgr_4716"="{BD8895DB-EFD8-4A8A-8926-77B4F78A5211}"
"ccSvcHst_ccAppPlgMgr_2268"="{4A8BA90B-54A6-43A5-92EA-EAA9B5D15945}"
"ccSvcHst_ccAppPlgMgr_4308"="{5019809A-6B0E-4576-BE38-4AC620E1F3E1}"
"ccSvcHst_ccAppPlgMgr_5148"="{BE7836D9-440A-4751-961B-448CFA5D4A6D}"
"ccSvcHst_ccAppPlgMgr_5964"="{C992A09E-78F0-40E9-8DB7-06C66300E5D5}"
"ccSvcHst_ccAppPlgMgr_3872"="{27CDD427-0590-458E-AFBD-DCAE45F249A9}"
"ccSvcHst_ccAppPlgMgr_5576"="{7DA0230A-760B-4DAA-AA8E-D9D748D61CDA}"
"ccSvcHst_ccAppPlgMgr_3416"="{58566120-4586-44C7-AFD8-5CBAEACC01CE}"
"LastCrawlSeedStatus"=dword:00000000
"ccSvcHst_ccAppPlgMgr_4604"="{4212070F-006F-46D6-9A98-28991E787D93}"
"ccSvcHst_ccAppPlgMgr_4168"="{7A992D99-83C6-4C71-B507-0AFE6CC7A3CB}"
"ccSvcHst_ccAppPlgMgr_3660"="{82DCE6B7-3B34-48A9-A458-E23EB63CA0BE}"
"ccSvcHst_ccAppPlgMgr_5760"="{0521257F-8173-493B-AB6C-4E77DC2C3752}"
"ccSvcHst_ccAppPlgMgr_3684"="{91BAFF76-E437-495D-86AA-3129FCD4A95A}"
"ccSvcHst_ccAppPlgMgr_2748"="{A0A9C393-5E72-4916-A1FC-BBE16A8B17AC}"
"ccSvcHst_ccAppPlgMgr_3004"="{5E72917E-8F49-4682-B0D4-45A8C430ECEA}"
"ccSvcHst_ccAppPlgMgr_2508"="{47C41849-46B1-43AB-9BEC-A30A5579810E}"
"ccSvcHst_ccAppPlgMgr_2280"="{BA3B331F-E01A-4405-BA11-B58F7F5A50AA}"
"ccSvcHst_ccAppPlgMgr_4536"="{E731D4BA-AD54-4FAF-8F87-CA27DEC828C7}"
"ccSvcHst_ccAppPlgMgr_4080"="{E9CB2A65-24A0-4017-9F16-56BE3216C4D6}"
"ccSvcHst_ccAppPlgMgr_2852"="{B260DC06-B874-4832-9131-812DDE42B48B}"
"ccSvcHst_ccAppPlgMgr_5244"="{E7AAE335-FF9D-4080-9034-B4FCB763034B}"
"ccSvcHst_ccAppPlgMgr_1184"="{7AFAD398-5213-4090-ACC1-995D58CF43B5}"
"ccSvcHst_ccAppPlgMgr_5280"="{5147F84D-CE74-4358-9219-DBE1B5B52D3B}"
"ccSvcHst_ccAppPlgMgr_4336"="{719944E5-06A9-4295-8EC5-101C8B3C3A15}"
"ccSvcHst_ccAppPlgMgr_3108"="{622957D2-0B3B-43CA-B160-FEE2F065BC1D}"
"ccSvcHst_ccAppPlgMgr_3344"="{DF72D641-9BD4-4390-8411-0C7DB012DB57}"
"ccSvcHst_ccAppPlgMgr_1048"="{0AA8A007-7B77-4A6A-82D4-AAB9520BA54D}"
"ccSvcHst_ccAppPlgMgr_5240"="{26AC4EE7-E568-4043-B397-90ED7A43962A}"
"ccSvcHst_ccAppPlgMgr_1732"="{E39E36D6-B7ED-4232-98FC-F4AB39621D08}"
"ccSvcHst_ccAppPlgMgr_2524"="{610821B1-8DD6-45D1-98F1-AFCFBDAF2A43}"
"ccSvcHst_ccAppPlgMgr_2584"="{93378D09-50B4-4E78-9077-BC6F084D73F8}"
"ccSvcHst_ccAppPlgMgr_4836"="{07B734F4-0317-4446-88E4-B5C7BA734377}"
"ccSvcHst_ccAppPlgMgr_3292"="{CEC5F3CD-79AB-4F87-A315-7011EF375265}"
"ccSvcHst_ccAppPlgMgr_3820"="{565560F1-F650-4383-AE10-8669752EF7D4}"
"ccSvcHst_ccAppPlgMgr_5068"="{448450C3-0F7A-4C38-A818-9EFC901F0F81}"
"ccSvcHst_ccAppPlgMgr_3372"="{DA4F0AB2-A96B-4282-9298-46F27532E12F}"
"ccSvcHst_ccAppPlgMgr_2296"="{456472C7-3D95-427A-A1E1-9816EB7445F3}"
"ccSvcHst_ccAppPlgMgr_2628"="{4952ED75-66CD-4C4A-9303-4F429B300963}"
"ccSvcHst_ccAppPlgMgr_5544"="{D2A771C4-1AC3-4C2E-A6CF-A8FDD6FCC849}"
"ccSvcHst_ccAppPlgMgr_2792"="{9A6B6775-4DE8-44D4-B580-A82B2115D4CA}"
"ccSvcHst_ccAppPlgMgr_4128"="{5FA71F65-7FFA-443F-A685-3DD2522922F3}"
"ccSvcHst_ccAppPlgMgr_4392"="{86EECE64-883F-426C-9532-76AA9EDFAEA7}"
"ccSvcHst_ccAppPlgMgr_2560"="{9AF1AABC-0C0E-4EBA-AF78-B6FFF08B4074}"
"ccSvcHst_ccAppPlgMgr_3440"="{A2DEFB78-BA2E-4D79-BAB9-94344CAE8006}"
"ccSvcHst_ccAppPlgMgr_1636"="{F54089B9-48C5-49D5-82A1-0AD2A7D2B70B}"
"ccSvcHst_ccAppPlgMgr_4288"="{F0F71559-EC50-49DF-B502-BB25ADE7CB65}"
"ccSvcHst_ccAppPlgMgr_2104"="{125908B1-5428-42B2-9C47-BA2FE3936353}"
"ccSvcHst_ccAppPlgMgr_2212"="{4E2BECA0-392D-460F-8C66-0A19904A2408}"
"ccSvcHst_ccAppPlgMgr_1164"="{7159116E-08E9-4090-A447-B606D191604A}"
"ccSvcHst_ccAppPlgMgr_3096"="{41C58516-EA7F-4BDA-9410-D91FDA66EF06}"
"ccSvcHst_ccAppPlgMgr_3044"="{4E7C710C-0144-4E63-B1EC-A7853A51DFE1}"
"ccSvcHst_ccAppPlgMgr_3336"="{0C5D95EF-3A3A-4B86-94F3-A5E37018516D}"
"ccSvcHst_ccAppPlgMgr_3264"="{586E3434-E937-43A6-8324-F658A33A2F4A}"
"ccSvcHst_ccAppPlgMgr_4260"="{B3846CF4-EF6A-4889-9951-8FE5F0742994}"
"ccSvcHst_ccAppPlgMgr_2796"="{F7BEBBA9-1396-49AD-96DB-CE98E57DBCDD}"
"ccSvcHst_ccAppPlgMgr_1468"="{22C2022F-2F9E-4821-993C-D00653A6AB83}"
"ccSvcHst_ccAppPlgMgr_3064"="{3203E35B-C419-45E7-8322-CD0B3EC9C502}"
"ccSvcHst_ccAppPlgMgr_5588"="{EEE5AA0B-F583-4E6D-8455-0BC7B5A3AF84}"
"ccSvcHst_ccAppPlgMgr_3852"="{908B8887-AC88-4C51-A68D-2AB1E0602767}"
"ccSvcHst_ccAppPlgMgr_2100"="{24ED07E5-F36A-4CA1-A7AE-9DEC1A577347}"
"ccSvcHst_ccAppPlgMgr_3924"="{D1159B54-25F3-47F6-8415-7641B72D0F7B}"
"ccSvcHst_ccAppPlgMgr_3656"="{10CC10C4-5884-4D80-90DB-9E85D95F6354}"
"ccSvcHst_ccAppPlgMgr_3992"="{EED8E120-D3A1-4F78-A296-2D960B011D2C}"
"ccSvcHst_ccAppPlgMgr_4760"="{BCA5C3D2-626D-42BE-B93A-586D6143A2F6}"
"ccSvcHst_ccAppPlgMgr_2920"="{1C2EC004-67F3-467F-A1E6-A21C2035E0E7}"
"ccSvcHst_ccAppPlgMgr_2996"="{56FF5F58-23C6-4640-B8BB-CA02F83C8682}"
"ccSvcHst_ccAppPlgMgr_3312"="{09A863FF-550E-4A2C-85A1-A595AC7010DB}"
"ccSvcHst_ccAppPlgMgr_4076"="{A51AB2B0-00FA-4007-8689-FC2E384232A3}"
"ccSvcHst_ccAppPlgMgr_1116"="{A384BA3C-E674-408A-9200-391E414B5167}"
"ccSvcHst_ccAppPlgMgr_4064"="{4623BBCA-C9A5-4C32-9882-D63F4A31874E}"
"ccSvcHst_ccAppPlgMgr_3804"="{5346DCE9-FB41-4D36-BC3E-1683575314AC}"
"ccSvcHst_ccAppPlgMgr_3936"="{6D4E7CDB-4699-48A2-B6FA-397D19B10846}"
"ccSvcHst_ccAppPlgMgr_3932"="{58A500D2-12F3-414B-91E5-201C539F9B35}"
"ccSvcHst_ccAppPlgMgr_3244"="{2D72AABB-EE6F-4C86-8053-D34743E79D37}"
"ccSvcHst_ccAppPlgMgr_2616"="{1938E33B-8974-46BE-9A98-C99C9AA6A1DF}"
"ccSvcHst_ccAppPlgMgr_1496"="{88302E8C-3860-4D48-8984-5DFD08377C17}"
"ccSvcHst_ccAppPlgMgr_2068"="{D4F1E788-45E5-4A9D-808A-C4A9A3B90FA2}"
"ccSvcHst_ccAppPlgMgr_5420"="{358A999E-EBEA-4A0E-88E4-176390F8CB25}"
"ccSvcHst_ccAppPlgMgr_2312"="{D149D385-451A-4DCC-ACB6-B430178BA46C}"
"ccSvcHst_ccAppPlgMgr_3196"="{3526B62E-84D6-4862-A8FB-8717F1F57141}"
"ccSvcHst_ccAppPlgMgr_5080"="{5FCC5469-75A1-440D-BBEA-6183859B5245}"
"ccSvcHst_ccAppPlgMgr_2128"="{34B191AA-7013-4450-880D-909384A8FD9D}"
"ccSvcHst_ccAppPlgMgr_3316"="{1199801F-0C54-4EBE-A1DE-3B0BE98EDF8C}"
"ccSvcHst_ccAppPlgMgr_4396"="{7218560B-7736-4D0E-BF2A-22D101A15493}"
"ccSvcHst_ccAppPlgMgr_5432"="{18EAE4FE-F636-44C7-AB3A-0781DEF1F809}"
"ccSvcHst_ccAppPlgMgr_3996"="{971BDB82-755C-42AC-AABA-9E2D69E2AE47}"
"ccSvcHst_ccAppPlgMgr_2124"="{DC34273F-42C6-490E-A2C1-36E01AA1CA4E}"
"ccSvcHst_ccAppPlgMgr_3692"="{BE0FB0AF-9C54-44EA-8CB6-75C7B14B690E}"
"ccSvcHst_ccAppPlgMgr_2176"="{570DFF30-1EE8-444C-8912-B031BD72F007}"
"ccSvcHst_ccAppPlgMgr_3800"="{59A86D87-49BE-4E5B-99DC-D1E7185BB9B7}"
"ccSvcHst_ccAppPlgMgr_4600"="{96DF6CCD-33B4-4EFD-8119-F6234AA0ED70}"
"ccSvcHst_ccAppPlgMgr_5144"="{682D6A91-1A2E-446A-9FEC-7D275D466759}"
"ccSvcHst_ccAppPlgMgr_2488"="{22B5EC7A-A453-4D1B-AF8C-06F68DFE1FA0}"
"ccSvcHst_ccAppPlgMgr_1876"="{4D7A8682-5024-4ADE-A9D5-BC264033C524}"
"ccSvcHst_ccAppPlgMgr_4000"="{845E51CE-491F-40A1-8678-877AED4F567D}"
"ccSvcHst_ccAppPlgMgr_3184"="{BA91A3C4-E1D4-494A-A9ED-2FAE25F0735C}"
"ccSvcHst_ccAppPlgMgr_5260"="{0BCF3CA3-2BC6-443B-A032-7EA22D88FAD3}"
"ccSvcHst_ccAppPlgMgr_3728"="{6F4228BF-8679-4918-B902-62A72B32F1F2}"
"ccSvcHst_ccAppPlgMgr_4292"="{13CFA8CB-268F-47DE-AA62-F859DE514DEB}"
"ccSvcHst_ccAppPlgMgr_3976"="{C918DBA8-9B78-4F49-8144-532DB513452F}"
"ccSvcHst_ccAppPlgMgr_5400"="{F7DFD97F-CB4E-404B-80EA-5C7A131B8C0A}"
"ccSvcHst_ccAppPlgMgr_1376"="{90987E98-DE3C-4383-B27C-0FCDE4D56833}"
"ccSvcHst_ccAppPlgMgr_3868"="{D1EF3A5A-9C39-4256-816A-5A84B44BB4AD}"
"ccSvcHst_ccAppPlgMgr_3756"="{C9F75AD7-AB42-4257-93BA-2ADFF7AB3CDD}"
"ccSvcHst_ccAppPlgMgr_3968"="{B50579C8-2986-4B73-B569-F12686C7C2BA}"
"ccSvcHst_ccAppPlgMgr_4664"="{315AB1CF-9AA8-4149-AAB8-79DA63558F52}"
"ccSvcHst_ccAppPlgMgr_3280"="{A66E950D-6FFC-43ED-AB76-9A9FDED0C141}"
"ccSvcHst_ccAppPlgMgr_2544"="{6779339C-6819-4E14-868D-DF6EF940D1B0}"
"ccSvcHst_ccAppPlgMgr_2860"="{5E3C11CE-28D6-4732-9998-091DCEC53D56}"
"ccSvcHst_ccAppPlgMgr_3760"="{AF68FFE5-1855-42D0-B5CF-32017E3E7AC7}"
"ccSvcHst_ccAppPlgMgr_4724"="{0BFE2BE2-5EC9-492A-8EE1-7C910A148ECD}"
"ccSvcHst_ccAppPlgMgr_4108"="{79B2A449-4E73-4C5E-B417-6B3C7E2030E0}"
"ccSvcHst_ccAppPlgMgr_3900"="{B329EC55-DFE7-4B7A-AA7F-8D204F218AF9}"
"ccSvcHst_ccAppPlgMgr_1608"="{25B4031C-4C01-4460-A3AC-6B3BD8737BAD}"
"ccSvcHst_ccAppPlgMgr_5552"="{CCDFA142-35D6-495C-83B2-D5823BC90B90}"
"ccSvcHst_ccAppPlgMgr_2592"="{E282E5AB-6735-4B33-9506-FBA830C1EB01}"
"ccSvcHst_ccAppPlgMgr_4072"="{B0B4A53A-FC74-4313-BD41-C8B9D6F5CD81}"
"ccSvcHst_ccAppPlgMgr_3444"="{DC609A3B-9DA3-4786-9B87-57C1DE01A5BA}"
"ccSvcHst_ccAppPlgMgr_4024"="{B08DF7E9-EED2-4BBC-8801-6AB5827C8CC0}"
"ccSvcHst_ccAppPlgMgr_1356"="{CB0D1CAF-80E0-4EA2-A62F-13C813EABA55}"
"ccSvcHst_ccAppPlgMgr_2944"="{589ECE5D-F3F7-46C4-9A9C-7AAA27ACE1CE}"
"ccSvcHst_ccAppPlgMgr_3788"="{1A9F0086-F880-4C59-AD70-D2A3A0EFAB36}"
"ccSvcHst_ccAppPlgMgr_1148"="{7CBFE6F2-1C5F-4968-88DF-0F03039185E5}"
"ccSvcHst_ccAppPlgMgr_4152"="{D3EDB922-E338-4BBC-A123-0D2340F882A7}"
"ccSvcHst_ccAppPlgMgr_1032"="{934686F6-165B-4D8A-A64D-2FE5620E0BBA}"
"ccSvcHst_ccAppPlgMgr_3352"="{93DB7EA3-11AF-42C4-A700-6C0CEC619BB7}"
"ccSvcHst_ccAppPlgMgr_4444"="{6F3F9DF9-2881-4109-971D-3E5A665B6F0C}"
"ccSvcHst_ccAppPlgMgr_3576"="{A23A237F-18CA-455C-8A92-F978A05A6D23}"
"ccSvcHst_ccAppPlgMgr_3520"="{4C486DDE-07A3-4CFF-96D7-3C44146E5596}"
"ccSvcHst_ccAppPlgMgr_4256"="{7E2CA9D3-8ED0-43A8-AE15-9DDCEE9975D8}"
"ccSvcHst_ccAppPlgMgr_3816"="{D55B6872-2E5E-4550-A362-09860F9094BC}"
"ccSvcHst_ccAppPlgMgr_3532"="{3E597D81-FA57-4F73-B2DC-9C560FB2E1E0}"
"ccSvcHst_ccAppPlgMgr_3928"="{E1A2486E-2475-4E56-9DE2-B363D776097C}"
"ccSvcHst_ccAppPlgMgr_4084"="{38F57E93-6068-4DF5-991A-CE0A6CF7E5A0}"
"ccSvcHst_ccAppPlgMgr_2260"="{D837955F-DD18-4489-B8E8-6949C5E48A8D}"
"ccSvcHst_ccAppPlgMgr_3572"="{231FE632-B98F-4432-8EF2-B49C3BA6C84D}"
"ccSvcHst_ccAppPlgMgr_1408"="{9448654D-95B9-4609-A305-0E02852D1710}"
"ccSvcHst_ccAppPlgMgr_1080"="{5FC1FB4B-01BC-4582-95BF-03540CCE48FF}"
"ccSvcHst_ccAppPlgMgr_2480"="{653294B0-8DF0-44F9-BFE4-42C491E31A55}"
"ccSvcHst_ccAppPlgMgr_2236"="{FB16FD5E-FB1B-47D9-8242-1C70636BF2A3}"
"ccSvcHst_ccAppPlgMgr_2752"="{3C3345EF-A7FA-4292-B4AB-CDFF6A223935}"
"ccSvcHst_ccAppPlgMgr_3792"="{4BED488C-71D4-46B3-804A-A27F2A22A142}"
"ccSvcHst_ccAppPlgMgr_3964"="{B779638B-AF28-4437-8692-B987CC57967A}"
"ccSvcHst_ccAppPlgMgr_3856"="{DEB44772-719D-4266-B1E6-350C674F4FC4}"
"ccSvcHst_ccAppPlgMgr_2256"="{8AE223A6-26ED-41E2-A72E-DB256D1AE1AF}"
"ccSvcHst_ccAppPlgMgr_3696"="{B42293F4-F431-4035-9D9D-E63083934E64}"
"ccSvcHst_ccAppPlgMgr_3720"="{1434A1AB-5618-4E13-A9F2-C1EA74BD005B}"
"ccSvcHst_ccAppPlgMgr_3864"="{0D77D441-1C43-483C-BB7D-222EC7B460B4}"
"ccSvcHst_ccAppPlgMgr_2540"="{6D7E470E-FFED-4830-9310-8E263AA33880}"
"ccSvcHst_ccAppPlgMgr_3512"="{D64734D7-49E9-4C75-8E04-9B7C7E50AC34}"
"ccSvcHst_ccAppPlgMgr_3592"="{A90ABE0F-BE99-408B-9ADE-AEB6F9769400}"
"ccSvcHst_ccAppPlgMgr_3844"="{F5DBC883-5370-48CC-B2FD-7A6D50AFC217}"
"ccSvcHst_ccAppPlgMgr_3580"="{07AC071C-41C6-4A25-8ADC-01A9C41E8F5E}"
"ccSvcHst_ccAppPlgMgr_3960"="{235BF5E5-BA38-47BD-806E-1DFCCC6F0849}"
"ccSvcHst_ccAppPlgMgr_4068"="{3059B6F9-60D5-4809-9F64-5D93ABE51614}"
"ccSvcHst_ccAppPlgMgr_3808"="{BF7AD38A-DD43-409D-90B5-3839D590BD1B}"
"ccSvcHst_ccAppPlgMgr_3748"="{575FC29C-4AF3-4A34-81D4-E554EF5320D9}"
"ccSvcHst_ccAppPlgMgr_3724"="{5020F4D0-5DAB-4910-8376-18CE6171F512}"
"ccSvcHst_ccAppPlgMgr_3776"="{E54FF270-7D00-4023-AD47-D917AC49DFE5}"
"ccSvcHst_ccAppPlgMgr_4112"="{D07263DE-F9D8-4237-90A9-F41582E31DE5}"
"ccSvcHst_ccAppPlgMgr_3780"="{7AA9A0E4-B0F9-463A-97A4-BB3DDD9DB93C}"
"ccSvcHst_ccAppPlgMgr_1264"="{291402F7-219A-41F9-8456-2EE31DDD8523}"
"ccSvcHst_ccAppPlgMgr_1784"="{98C248BF-526F-43C9-8588-1A52EEAE73EF}"
"ccSvcHst_ccAppPlgMgr_3952"="{8C7CCC22-4F82-41F1-B207-CC61566ADE82}"
"ccSvcHst_ccAppPlgMgr_3252"="{03BE85CF-D5D2-40E0-A71A-9F73CC96699A}"
"ccSvcHst_ccAppPlgMgr_976"="{E7570DFD-F964-4ACE-B486-AA49E1CC5859}"
"ccSvcHst_ccAppPlgMgr_3912"="{823BEF70-E287-48E2-8A48-9B94B164673F}"
"ccSvcHst_ccAppPlgMgr_3712"="{5C3B14DD-D972-4A52-BD71-7AD5B23D3998}"
"ccSvcHst_ccAppPlgMgr_3688"="{9CC76BF9-D1E9-4E9A-99FA-950BC8643689}"
"ccSvcHst_ccAppPlgMgr_4092"="{4E7AAFC5-96B2-447E-B959-5D4F571E6B62}"
"ccSvcHst_ccAppPlgMgr_3700"="{252A9464-C4EE-4766-B72A-416F6223684F}"
"ccSvcHst_ccAppPlgMgr_2736"="{8CA04B1D-34FB-445A-85CC-D58A6AE678BB}"
"ccSvcHst_ccAppPlgMgr_3824"="{8D06F2FB-865F-4881-85F8-D1747E9A22FE}"
"ccSvcHst_ccAppPlgMgr_3796"="{12E20FEE-525A-4684-97EF-D3372B0B1F2A}"
"ccSvcHst_ccAppPlgMgr_4008"="{8957CC08-BF53-4F83-A1BF-3D73D7B6965F}"
"ccSvcHst_ccAppPlgMgr_3676"="{CC056EBA-F479-477B-B72C-262CFA59FBA7}"
"ccSvcHst_ccAppPlgMgr_3956"="{AA208122-3FA0-48D6-9DF1-147BD71284BA}"
"ccSvcHst_ccAppPlgMgr_2412"="{BAFF0DED-C1B1-4F6C-8981-41CC8B6E4CE1}"
"ccSvcHst_ccAppPlgMgr_3664"="{AC42D584-A3B2-4511-A2D8-55D55398E9CC}"
"ccSvcHst_ccAppPlgMgr_752"="{CFAC5979-DB7E-45CE-8A27-45D47482304D}"
"ccSvcHst_ccAppPlgMgr_2156"="{29B4EAC6-530E-432C-9693-61F8FB819E87}"
"ccSvcHst_ccSetMgr"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_CLTNetCnService"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"cltIPCServer_Channel"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"ccSettingsService"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineCallbackIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"{A6D74B3B-C009-48CE-ADB6-159798ECB2C0}"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"SNDServiceRequestChannel"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"SNDLocationChannel"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_LiveUpdate Notice"="{9F15A82B-1847-497C-8CDD-099C40BD6A5D}"
"ccSvcHst_ccEvtMgr"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccEvtCli"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_AvProdSvcComm_"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"NortonNetServiceIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"NetMapServiceIPC"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_IsDataSvcComm_Options"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"_IsDataSvcComm_"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"IPS_COMMAND_CHANNEL"="{D322105F-4429-4EF4-954C-CFB7AA870C2B}"
"ccSvcHst_ccAppPlgMgr_3100"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"{F6EACF09-0C79-4071-8BCE-6D589E72E689}"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"ToasterNotify\\SessionID_1"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
"AvProdSession_01"="{2B6F9F58-C43E-4B14-9A3E-3350B1F61815}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(660)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
Celkový čas: 2011-09-18 18:38:12
ComboFix-quarantined-files.txt 2011-09-18 16:38
.
Před spuštěním: 6 034 976 768
Po spuštění: 5 919 199 232
.
- - End Of File - - 3240E6A9983CA76868EC7A03CBC68CD4

chodnik74 · #10 Příspěvek od **chodnik74** » 18 zář 2011 18:29

Jak jsem již psal...Odinstalovat Spybot - Search & Destroy,GamePlayLabs,Ad-Aware,ICQ Toolbar a všechny nepotřebné toolbary

Otevřeme si Poznámkový blok Obrázek

(stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)

Vložíme do něj následující script:

Kód: Vybrat vše

KillAll::

Restore::
c:\windows\system32\userinit.exe

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Common Client\ccService\Channels]

Firefox::
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.8&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com

DDS::
Trusted Zone: kuaiche.com\software
Trusted Zone: mojebanka.cz\www

Registry::
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
[-HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
[-HKLM\~\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"Persistence"=-
"SunJavaUpdateSched"=-
"AdobeCS4ServiceManager"=-
"QuickTime Task"=-
"iTunesHelper"=-

Reboot::

Soubor uložíme na Plochu jako CFScript.txt
Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
Poté Combofix provede všechny operace a udělá nový log,který sem vložte

chodnik74 · #11 Příspěvek od **chodnik74** » 18 zář 2011 18:37

stiskneme klávesovou kombinaci WIN+R a napíšeme ,,cmd,, bez úvozovek a dáme enter

a zde napište:

Kód: Vybrat vše

netsh winsock reset

Poté reset pc a měl by být problém vyřešen...

Dante Aligi · #12 Příspěvek od **Dante Aligi** » 18 zář 2011 18:42

ja vse odinstaloval, nechapu jakto ze to log obsahuje, mozna je to stale v registrech, neslo by je nejak nasilne z nich odstranit?

chodnik74 · #13 Příspěvek od **chodnik74** » 18 zář 2011 18:45

je to zahrnuto ve scriptu..pokračujte dle pokynů

Dante Aligi · #14 Příspěvek od **Dante Aligi** » 18 zář 2011 19:52

tak tady je doufejme posledni log
ted jdu na ten prikazovej radek

ComboFix 11-09-17.06 - ASUS 18.09.2011 20:06:02.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3037.2056 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ASUS\Desktop\CFScript.txt
AV: Norton AntiVirus *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton AntiVirus *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton AntiVirus *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
/wow section - STAGE 3
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\defaults\preferences\prefs.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\chrome.manifest
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\chrome\content\ff-overlay.xul
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\chrome\content\icon.png
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\chrome\content\overlay.js
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\chrome\locale\en-US\overlay.properties
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\install.rdf
c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\extensions\plugin2@gameplaylabs.com\setup.ini
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 18:39 . 2011-09-18 18:39 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-09-18 18:39 . 2011-09-18 18:39 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-09-18 18:39 . 2011-09-18 18:39 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-09-18 18:39 . 2011-09-18 18:39 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-09-18 18:39 . 2011-09-18 18:39 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-09-18 18:39 . 2011-09-18 18:39 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-09-18 18:38 . 2011-09-18 18:38 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-09-18 18:38 . 2011-09-18 18:38 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-09-18 18:38 . 2011-09-18 18:38 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-09-18 18:38 . 2011-09-18 18:38 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-09-18 18:38 . 2011-09-18 18:38 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-09-18 18:38 . 2011-09-18 18:38 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-09-18 18:38 . 2011-09-18 18:38 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-09-18 18:38 . 2011-09-18 18:38 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-09-18 18:38 . 2011-09-18 18:38 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-09-18 18:38 . 2011-09-18 18:38 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-09-18 18:38 . 2011-09-18 18:38 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-09-18 18:37 . 2011-09-18 18:40 -------- d-----w- c:\users\ASUS\AppData\Local\temp
2011-09-18 18:37 . 2011-09-18 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-18 13:25 . 2011-09-18 13:25 -------- d-----w- c:\users\ASUS\AppData\Roaming\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-09-18 13:24 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-18 13:24 . 2011-09-18 13:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- c:\program files\trend micro
2011-09-18 11:59 . 2011-09-18 11:59 -------- d-----w- C:\rsit
2011-09-11 17:37 . 2011-09-11 17:37 -------- d-----w- c:\program files\iPod
2011-09-11 17:27 . 2011-09-12 20:15 -------- d-----w- c:\program files\Bonjour
2011-09-11 17:16 . 2011-09-12 20:15 -------- d-----w- c:\program files\QuickTime
2011-09-03 21:02 . 2011-09-12 20:15 -------- d-----w- c:\program files\Apple Software Update
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-12 20:21 . 2009-02-23 20:10 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-09-08 10:44 . 2011-05-20 17:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-11 12:30 . 2009-06-05 14:37 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-03 21:18 . 2011-08-03 21:18 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-03-31 266240]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-01-25 677144]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-12 171032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Taskman"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
R3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
R4 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2008-07-21 273152]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-06-25 64160]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2007-09-26 15416]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-13 218688]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110908.001\IDSvix86.sys [2010-09-15 287792]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2007-07-23 38816]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-18 105592]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - aswFsBlk
*Deregistered* - aswMonFlt
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
*Deregistered* - ehdrv
*Deregistered* - epfwwfpr
*Deregistered* - SCDEmu
.
Obsah adresáře 'Naplánované úlohy'
.
2010-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1083555474-487684997-3636995369-1000Core1cb6c5d95b805b3.job
- c:\users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-13 13:49]
.
2011-08-23 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - ASUS.job
- c:\program files\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/home.php?
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\ASUS\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - /105
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\yrqcudw0.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0e,8e,98,09,98,ac,74,95,9f,ac,af,5b,7e,74,8f,65,7d,b0,8a,90,e5,ca,5e,
43,f5,6a,31,b7,57,3e,bc,32,b6,1a,15,0d,77,c6,ec,93,82,51,f0,17,83,04,98,7a,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-1083555474-487684997-3636995369-1000\Software\SecuROM\License information*]
"datasecu"=hex:69,bf,da,3b,d3,16,fc,3d,81,c6,61,ec,bf,21,a2,58,41,b9,df,b2,3a,
94,8d,a5,5d,29,ff,e4,5b,5a,b2,94,0a,9e,e8,e5,48,3d,4f,bd,77,e9,ca,53,4f,4f,\
"rkeysecu"=hex:b9,dd,9a,18,eb,3d,da,76,ba,5a,25,f1,78,cd,ff,09
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(716)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
- - - - - - - > 'Explorer.exe'(5408)
c:\program files\RocketDock\RocketDock.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
c:\windows\system32\btmmhook.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\program files\Common Files\Ahead\Lib\MediaLibraryNSE.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\System32\IFXTCS.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\IfxPsdSv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\system32\sppsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATK Hotkey\MsgTranAgt.exe
c:\program files\P4G\BatteryLife.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-09-18 20:50:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-18 18:50
ComboFix2.txt 2011-09-18 16:38
.
Před spuštěním: 2 561 118 208
Po spuštění: 2 122 846 208
.
- - End Of File - - EB27E26D7FDE6A86505D132294C5E1FA

Dante Aligi · #15 Příspěvek od **Dante Aligi** » 18 zář 2011 19:54

ouha, takze cmd se nechce spustit ani jako pod spravcem, ukazuje to hlasku:
C:\Windows\System32\cmd.exe

Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění.

EDIT: Tak uz je to v poradku, prave rebootuju, tak jsem zvedavej.

VIRY.CZ

Diagnostic Policy Service (win7 ultimate 32-bit)

Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)

Re: Diagnostic Policy Service (win7 ultimate 32-bit)