Dobrý deň, PC pri štarte opakovane padá do modrej smrti, po opakovaných pokusoch nakoniec začne fungovať normálne. Skúsim zazálohovať dáta a následne by som poprosil o pomoc s diagnostikou. Bude treba log z RSIT, alebo hneď niečo iné? Dnes som dostal hlášku, že pretaktovanie bude obnovené do pôvodnej konfigurácie, nie som si ale vedomý toho, že by som proceror pretaktoval (iba, že by sa to stalo samovoľne po opakovanom stlačení tlačítka restart). Mohol by sa ma, prosím, niekto ujať a dal mi inštrukcie, ako postupovať?
Díky
AL
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Modrá smrť
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
Zdravím!
Otevřte adresář windows\minidump. Jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Otevřte adresář windows\minidump. Jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
Rudy, musím kvitovať rýchlosť,s akou ste sa ma ujal. Paráda, díky moc. Požadované posielam v prílohe.
- Přílohy
-
- ModraSmrt.rar
- (31.68 KiB) Staženo 102 x
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
Vypadá to na zavirování, nebo systémový problém. Pozorujete (kromě těch pádů) ještě nějaký další problém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
Dobrý deň, po opakovaných pokusoch o reštart, keď sa nakoniec podarí, tak občas vytuhne IE. Inak v zásade nič vážne nepozorujem. Ale PC pomerne dlho bootuje, poslednou dobou sa tie pády množia. Pokiaľ sa mi podarí počítač rozchodiť a do 10 min. nespadne, tak potom už funguje vrámci možností. Poslednou dobou ale dostávam pri pokuse o reštart hlášku o pretaktovaní procesoru, včera som nedokázal PC vypnúť ani pridržaním ON a musel som použiť ten hlavný vypínač vzadu. To je tak všetko čo ma napadlo. Hlášky o možnom probléme s novo inštalovaným HW, ale žiadny som neinštaloval už pár mesiacov. No a včera pri jednom pokuse o reštart zostal visieť a okrem blikajúceho kurzora nebolo na čiernej obrazovke nič. Zrovna som to zapol, a zatiaľ sa pokúšam o tretí reštart. Píšem z notebooku, ktorý beží v pohode..
Ešte občas zachrastí disketová mechanika na floppy disky, inak ma nič nenapadá.
Spyware terminator detekuje nejaké tracking cookies, tie mažem, AVG nič...
Teraz konečne nabehol na 6 pokus a zdá sa, že drží. Rád by som to využil k nejakej diagnostike, než zase spadne...
Ešte občas zachrastí disketová mechanika na floppy disky, inak ma nič nenapadá.
Spyware terminator detekuje nejaké tracking cookies, tie mažem, AVG nič...
Teraz konečne nabehol na 6 pokus a zdá sa, že drží. Rád by som to využil k nejakej diagnostike, než zase spadne...
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
OK. Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
Logfile of random's system information tool 1.09 (written by random/random)
Run by Alojz at 2012-07-23 21:09:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 154 GB
Total RAM: 2047 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:22, on 23.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingBar.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingApp.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\11.2.0\ScriptHelper.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Program Files (x86)\Opera9.27\opera.exe
C:\Program Files (x86)\Opera9.27\pluginwrapper\opera_plugin_wrapper.exe
C:\Program Files\trend micro\Alojz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://viry.cz/go.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15566 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=62a47258-cb2d-4752-8b6e-da1be722d40b /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\dff7470b-7d89-4664-8dda-57681767f374-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
WLIDSvcM.exe 2508
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
taskeng.exe {8D141008-33D9-4152-AE04-041875B73234}
taskeng.exe {B543C2B6-032D-4925-B869-8832C0CB4AD8}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {1C786B2D-B924-4B01-A5F4-7CF3A6FDC7D9}
"C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe" -UseTray
"C:\Windows\RAVCpl64.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=bdc88a24-c978-491e-9741-074a46e04b15 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\1e3ec865-e4a4-4074-8adb-d06d66029a5e-af4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingBar.exe" -Embedding
splwow64
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1296 CREDAT:137475
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1296 CREDAT:203010
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingApp.exe" -Embedding
/SCANCFG:11 /SCANTYPE:5 /SCHEDID:1
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=c4ed801a-3c39-4c1d-837d-f6257fbc040d /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /dataPath="C:\ProgramData\AVG2012\"
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe -Embedding
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\11.2.0\ScriptHelper.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe"
"C:\Program Files (x86)\Opera9.27\opera.exe"
"C:\Program Files (x86)\Opera9.27\pluginwrapper\opera_plugin_wrapper.exe" -newprocess "4112 2 0 1 3" -logfolder "C:\Users\Alojz\AppData\Local\Opera\Opera9.27\logs"
wmiadap.exe /R /T
C:\Windows\System32\mobsync.exe -Embedding
"C:\Downloads and Setup files\AntivirusScannery, Vypalovanie, Zálohovanie, Utility, Ovladače, Patche etc\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Defraggler Volume F Task.job
C:\Windows\tasks\Defraggler Volume G Task.job
C:\Windows\tasks\Defraggler Volume H Task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-14 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-14 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1bcec53b-aa13-4de2-814d-2d6a98e7ba79}]
LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll [2009-11-13 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2008-06-19 1190912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24BCDA96-8FCB-4D3B-0500-000000000004}]
SMSender.E.ToolbarsHelper - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-12-18 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-12-14 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-12-14 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll [2012-02-20 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-14 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2008-06-19 1190912]
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll [2009-11-13 2166296]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 256112]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll [2012-02-20 1307928]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-02-15 5018112]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 15933984]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 82464]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2009-01-08 1331024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips Device Manager.lnk]
C:\PROGRA~2\Philips\SA28XX~1\main.exe [2008-08-18 7971634]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-07-10 1107552]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-16 928096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [2012-07-19 36960]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-23 21:09:42 ----DC---- C:\rsit
2012-07-22 21:11:42 ----ASH---- C:\hiberfil.sys
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\mshtmled.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\iertutil.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\jsproxy.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\ieUnatt.exe
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\jscript9.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\system32\jscript.dll
2012-07-11 02:03:49 ----AC---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 02:03:48 ----AC---- C:\Windows\system32\mshtml.dll
2012-07-11 02:03:47 ----AC---- C:\Windows\system32\ieframe.dll
2012-07-11 02:03:46 ----AC---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 02:03:26 ----AC---- C:\Windows\system32\win32k.sys
2012-07-10 22:54:53 ----AC---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\ncrypt.dll
2012-07-10 22:54:47 ----AC---- C:\Windows\SYSWOW64\secur32.dll
2012-07-10 22:54:42 ----AC---- C:\Windows\system32\msxml6.dll
2012-07-10 22:54:41 ----AC---- C:\Windows\system32\msxml3.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-10 22:49:07 ----AC---- C:\Windows\system32\shell32.dll
2012-07-10 22:48:53 ----AC---- C:\Windows\SYSWOW64\shell32.dll
======List of files/folders modified in the last 1 month======
2012-07-23 21:10:22 ----DC---- C:\Program Files\trend micro
2012-07-23 21:10:21 ----DC---- C:\Windows\Temp
2012-07-23 21:10:21 ----ADC---- C:\ProgramData\Temp
2012-07-23 21:10:20 ----DC---- C:\Windows\Prefetch
2012-07-23 21:10:14 ----DC---- C:\Windows\System32
2012-07-23 21:10:14 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 21:10:13 ----DC---- C:\Windows\inf
2012-07-23 20:54:46 ----DC---- C:\Downloads
2012-07-23 20:34:49 ----DC---- C:\ProgramData\MFAData
2012-07-23 20:34:42 ----DC---- C:\Windows\system32\drivers\AVG
2012-07-23 20:33:51 ----DC---- C:\ProgramData\Spyware Terminator
2012-07-22 23:52:09 ----DC---- C:\Windows\Minidump
2012-07-22 23:52:09 ----DC---- C:\Windows\Debug
2012-07-22 23:52:09 ----DC---- C:\Windows
2012-07-22 21:28:40 ----DC---- C:\Windows\system32\catroot2
2012-07-19 20:33:32 ----DC---- C:\Program Files (x86)\Mozilla Thunderbird
2012-07-19 00:08:37 ----DC---- C:\Program Files (x86)\AVG Secure Search
2012-07-13 22:09:49 ----SHD---- C:\System Volume Information
2012-07-12 00:08:47 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 00:03:36 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-11 23:55:30 ----DC---- C:\Windows\SysWOW64
2012-07-11 23:55:27 ----DC---- C:\Windows\system32\drivers
2012-07-11 23:55:27 ----DC---- C:\Program Files (x86)\Internet Explorer
2012-07-11 23:55:26 ----DC---- C:\Windows\SYSWOW64\migration
2012-07-11 23:55:23 ----DC---- C:\Windows\system32\migration
2012-07-11 23:55:20 ----DC---- C:\Program Files\Internet Explorer
2012-07-11 02:15:39 ----D---- C:\Windows\winsxs
2012-07-11 02:15:25 ----SHDC---- C:\Windows\Installer
2012-07-11 02:15:18 ----SHDC---- C:\Config.Msi
2012-07-11 02:15:18 ----DC---- C:\ProgramData\Microsoft Help
2012-07-11 02:06:56 ----AC---- C:\Windows\system32\mrt.exe
2012-07-11 02:05:04 ----DC---- C:\Windows\system32\catroot
2012-06-29 06:51:32 ----DC---- C:\MetaStock Data
2012-06-28 00:10:22 ----DC---- C:\Program Files (x86)\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 DwProt;DrWeb Protection; C:\Windows\system32\drivers\dwprot.sys [2011-12-18 153880]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2007-08-09 130080]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-14 51496]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-02-14 1016616]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-11-18 1484448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 9477408]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 26624]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Windows\syswow64\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2009-01-08 58608]
R2 APC UPS Service;APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [2007-02-27 689672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2000-08-06 7442493]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 357376]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-10 935008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe [2012-02-20 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe [2012-02-20 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-14 182768]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2000-08-06 303170]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by Alojz at 2012-07-23 21:09:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 154 GB
Total RAM: 2047 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:22, on 23.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingBar.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingApp.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\11.2.0\ScriptHelper.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe
C:\Program Files (x86)\Opera9.27\opera.exe
C:\Program Files (x86)\Opera9.27\pluginwrapper\opera_plugin_wrapper.exe
C:\Program Files\trend micro\Alojz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://viry.cz/go.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15566 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=62a47258-cb2d-4752-8b6e-da1be722d40b /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\dff7470b-7d89-4664-8dda-57681767f374-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
WLIDSvcM.exe 2508
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
taskeng.exe {8D141008-33D9-4152-AE04-041875B73234}
taskeng.exe {B543C2B6-032D-4925-B869-8832C0CB4AD8}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {1C786B2D-B924-4B01-A5F4-7CF3A6FDC7D9}
"C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe" -UseTray
"C:\Windows\RAVCpl64.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=bdc88a24-c978-491e-9741-074a46e04b15 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\1e3ec865-e4a4-4074-8adb-d06d66029a5e-af4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingBar.exe" -Embedding
splwow64
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1296 CREDAT:137475
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1296 CREDAT:203010
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingApp.exe" -Embedding
/SCANCFG:11 /SCANTYPE:5 /SCHEDID:1
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=c4ed801a-3c39-4c1d-837d-f6257fbc040d /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /dataPath="C:\ProgramData\AVG2012\"
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe -Embedding
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\11.2.0\ScriptHelper.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingSurrogate.exe" -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe"
"C:\Program Files (x86)\Opera9.27\opera.exe"
"C:\Program Files (x86)\Opera9.27\pluginwrapper\opera_plugin_wrapper.exe" -newprocess "4112 2 0 1 3" -logfolder "C:\Users\Alojz\AppData\Local\Opera\Opera9.27\logs"
wmiadap.exe /R /T
C:\Windows\System32\mobsync.exe -Embedding
"C:\Downloads and Setup files\AntivirusScannery, Vypalovanie, Zálohovanie, Utility, Ovladače, Patche etc\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Defraggler Volume F Task.job
C:\Windows\tasks\Defraggler Volume G Task.job
C:\Windows\tasks\Defraggler Volume H Task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-14 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-14 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1bcec53b-aa13-4de2-814d-2d6a98e7ba79}]
LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll [2009-11-13 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2008-06-19 1190912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24BCDA96-8FCB-4D3B-0500-000000000004}]
SMSender.E.ToolbarsHelper - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-12-18 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-12-14 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-12-14 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll [2012-02-20 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-14 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2008-06-19 1190912]
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll [2009-11-13 2166296]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 256112]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll [2012-02-20 1307928]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-02-15 5018112]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 15933984]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 82464]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2009-01-08 1331024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips Device Manager.lnk]
C:\PROGRA~2\Philips\SA28XX~1\main.exe [2008-08-18 7971634]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-07-10 1107552]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-16 928096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [2012-07-19 36960]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-23 21:09:42 ----DC---- C:\rsit
2012-07-22 21:11:42 ----ASH---- C:\hiberfil.sys
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\mshtmled.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\iertutil.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\jsproxy.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\ieUnatt.exe
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\jscript9.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\system32\jscript.dll
2012-07-11 02:03:49 ----AC---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 02:03:48 ----AC---- C:\Windows\system32\mshtml.dll
2012-07-11 02:03:47 ----AC---- C:\Windows\system32\ieframe.dll
2012-07-11 02:03:46 ----AC---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 02:03:26 ----AC---- C:\Windows\system32\win32k.sys
2012-07-10 22:54:53 ----AC---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\ncrypt.dll
2012-07-10 22:54:47 ----AC---- C:\Windows\SYSWOW64\secur32.dll
2012-07-10 22:54:42 ----AC---- C:\Windows\system32\msxml6.dll
2012-07-10 22:54:41 ----AC---- C:\Windows\system32\msxml3.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-10 22:49:07 ----AC---- C:\Windows\system32\shell32.dll
2012-07-10 22:48:53 ----AC---- C:\Windows\SYSWOW64\shell32.dll
======List of files/folders modified in the last 1 month======
2012-07-23 21:10:22 ----DC---- C:\Program Files\trend micro
2012-07-23 21:10:21 ----DC---- C:\Windows\Temp
2012-07-23 21:10:21 ----ADC---- C:\ProgramData\Temp
2012-07-23 21:10:20 ----DC---- C:\Windows\Prefetch
2012-07-23 21:10:14 ----DC---- C:\Windows\System32
2012-07-23 21:10:14 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 21:10:13 ----DC---- C:\Windows\inf
2012-07-23 20:54:46 ----DC---- C:\Downloads
2012-07-23 20:34:49 ----DC---- C:\ProgramData\MFAData
2012-07-23 20:34:42 ----DC---- C:\Windows\system32\drivers\AVG
2012-07-23 20:33:51 ----DC---- C:\ProgramData\Spyware Terminator
2012-07-22 23:52:09 ----DC---- C:\Windows\Minidump
2012-07-22 23:52:09 ----DC---- C:\Windows\Debug
2012-07-22 23:52:09 ----DC---- C:\Windows
2012-07-22 21:28:40 ----DC---- C:\Windows\system32\catroot2
2012-07-19 20:33:32 ----DC---- C:\Program Files (x86)\Mozilla Thunderbird
2012-07-19 00:08:37 ----DC---- C:\Program Files (x86)\AVG Secure Search
2012-07-13 22:09:49 ----SHD---- C:\System Volume Information
2012-07-12 00:08:47 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 00:03:36 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-11 23:55:30 ----DC---- C:\Windows\SysWOW64
2012-07-11 23:55:27 ----DC---- C:\Windows\system32\drivers
2012-07-11 23:55:27 ----DC---- C:\Program Files (x86)\Internet Explorer
2012-07-11 23:55:26 ----DC---- C:\Windows\SYSWOW64\migration
2012-07-11 23:55:23 ----DC---- C:\Windows\system32\migration
2012-07-11 23:55:20 ----DC---- C:\Program Files\Internet Explorer
2012-07-11 02:15:39 ----D---- C:\Windows\winsxs
2012-07-11 02:15:25 ----SHDC---- C:\Windows\Installer
2012-07-11 02:15:18 ----SHDC---- C:\Config.Msi
2012-07-11 02:15:18 ----DC---- C:\ProgramData\Microsoft Help
2012-07-11 02:06:56 ----AC---- C:\Windows\system32\mrt.exe
2012-07-11 02:05:04 ----DC---- C:\Windows\system32\catroot
2012-06-29 06:51:32 ----DC---- C:\MetaStock Data
2012-06-28 00:10:22 ----DC---- C:\Program Files (x86)\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 DwProt;DrWeb Protection; C:\Windows\system32\drivers\dwprot.sys [2011-12-18 153880]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2007-08-09 130080]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-14 51496]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-02-14 1016616]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-11-18 1484448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 9477408]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 26624]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Windows\syswow64\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2009-01-08 58608]
R2 APC UPS Service;APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [2007-02-27 689672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2000-08-06 7442493]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 357376]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-10 935008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe [2012-02-20 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe [2012-02-20 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-14 182768]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2000-08-06 303170]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
Je tam především spousta zbytečností. Nejprve vyčistíme. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\PROGRA~2\Crawler
C:\Program Files (x86)\LongTailVideo
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Program Files (x86)\Microsoft\BingBar
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1bcec53b-aa13-4de2-814d-2d6a98e7ba79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
Rudy, po kliku na move it sa PC reštartuje automaticky, je to tak v poriadku? Asi áno, podľa logu z OTM.
Nový RSIT tuná:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Alojz at 2012-07-23 22:15:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 154 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:10, on 23.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\trend micro\Alojz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://viry.cz/go.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
R3 - URLSearchHook: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: BingBar Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe (file missing)
O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14821 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=7f034a15-c031-4427-abb8-6c2c8cf4502d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\6c31f417-60c5-4305-894c-754ab870b24e-214-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {47C81406-3DC1-4949-82FB-AE5250CFA19A}
WLIDSvcM.exe 2476
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3140602C-B1B3-4B25-B81A-8EED91557809}
"C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe" -UseTray
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\07232012_220849.log
taskeng.exe {E5B095FC-49CC-438B-A2DB-A1D60AD47C52}
"C:\Windows\RAVCpl64.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=c910eb7b-8746-4c53-94dd-973df95e7652 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\2dead222-9956-4b7e-8aae-245a3f2d012b-bb0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Downloads and Setup files\AntivirusScannery, Vypalovanie, Zálohovanie, Utility, Ovladače, Patche etc\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Defraggler Volume F Task.job
C:\Windows\tasks\Defraggler Volume G Task.job
C:\Windows\tasks\Defraggler Volume H Task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-14 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1bcec53b-aa13-4de2-814d-2d6a98e7ba79}]
LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24BCDA96-8FCB-4D3B-0500-000000000004}]
SMSender.E.ToolbarsHelper - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-12-18 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll []
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll []
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-02-15 5018112]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 15933984]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 82464]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2009-01-08 1331024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips Device Manager.lnk]
C:\PROGRA~2\Philips\SA28XX~1\main.exe [2008-08-18 7971634]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-07-10 1107552]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-16 928096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [2012-07-19 36960]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-23 22:07:15 ----DC---- C:\_OTM
2012-07-23 21:09:42 ----DC---- C:\rsit
2012-07-22 21:11:42 ----ASH---- C:\hiberfil.sys
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\mshtmled.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\iertutil.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\jsproxy.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\ieUnatt.exe
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\jscript9.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\system32\jscript.dll
2012-07-11 02:03:49 ----AC---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 02:03:48 ----AC---- C:\Windows\system32\mshtml.dll
2012-07-11 02:03:47 ----AC---- C:\Windows\system32\ieframe.dll
2012-07-11 02:03:46 ----AC---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 02:03:26 ----AC---- C:\Windows\system32\win32k.sys
2012-07-10 22:54:53 ----AC---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\ncrypt.dll
2012-07-10 22:54:47 ----AC---- C:\Windows\SYSWOW64\secur32.dll
2012-07-10 22:54:42 ----AC---- C:\Windows\system32\msxml6.dll
2012-07-10 22:54:41 ----AC---- C:\Windows\system32\msxml3.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-10 22:49:07 ----AC---- C:\Windows\system32\shell32.dll
2012-07-10 22:48:53 ----AC---- C:\Windows\SYSWOW64\shell32.dll
======List of files/folders modified in the last 1 month======
2012-07-23 22:16:03 ----DC---- C:\Windows\Temp
2012-07-23 22:16:03 ----DC---- C:\Program Files\trend micro
2012-07-23 22:16:00 ----ADC---- C:\ProgramData\Temp
2012-07-23 22:14:40 ----DC---- C:\Windows\Prefetch
2012-07-23 22:08:22 ----DC---- C:\Program Files (x86)\Microsoft
2012-07-23 22:07:20 ----RDC---- C:\Program Files (x86)
2012-07-23 22:07:20 ----DC---- C:\Program Files (x86)\Google
2012-07-23 21:10:14 ----DC---- C:\Windows\System32
2012-07-23 21:10:14 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 21:10:13 ----DC---- C:\Windows\inf
2012-07-23 20:54:46 ----DC---- C:\Downloads
2012-07-23 20:34:49 ----DC---- C:\ProgramData\MFAData
2012-07-23 20:34:47 ----DC---- C:\Windows\system32\drivers\AVG
2012-07-23 20:33:51 ----DC---- C:\ProgramData\Spyware Terminator
2012-07-22 23:52:09 ----DC---- C:\Windows\Minidump
2012-07-22 23:52:09 ----DC---- C:\Windows\Debug
2012-07-22 23:52:09 ----DC---- C:\Windows
2012-07-22 21:28:40 ----DC---- C:\Windows\system32\catroot2
2012-07-19 20:33:32 ----DC---- C:\Program Files (x86)\Mozilla Thunderbird
2012-07-19 00:08:37 ----DC---- C:\Program Files (x86)\AVG Secure Search
2012-07-13 22:09:49 ----SHD---- C:\System Volume Information
2012-07-12 00:08:47 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 00:03:36 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-11 23:55:30 ----DC---- C:\Windows\SysWOW64
2012-07-11 23:55:27 ----DC---- C:\Windows\system32\drivers
2012-07-11 23:55:27 ----DC---- C:\Program Files (x86)\Internet Explorer
2012-07-11 23:55:26 ----DC---- C:\Windows\SYSWOW64\migration
2012-07-11 23:55:23 ----DC---- C:\Windows\system32\migration
2012-07-11 23:55:20 ----DC---- C:\Program Files\Internet Explorer
2012-07-11 02:15:39 ----D---- C:\Windows\winsxs
2012-07-11 02:15:25 ----SHDC---- C:\Windows\Installer
2012-07-11 02:15:18 ----SHDC---- C:\Config.Msi
2012-07-11 02:15:18 ----DC---- C:\ProgramData\Microsoft Help
2012-07-11 02:06:56 ----AC---- C:\Windows\system32\mrt.exe
2012-07-11 02:05:04 ----DC---- C:\Windows\system32\catroot
2012-06-29 06:51:32 ----DC---- C:\MetaStock Data
2012-06-28 00:10:22 ----DC---- C:\Program Files (x86)\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 DwProt;DrWeb Protection; C:\Windows\system32\drivers\dwprot.sys [2011-12-18 153880]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2007-08-09 130080]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-14 51496]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-02-14 1016616]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-11-18 1484448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 9477408]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 26624]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Windows\syswow64\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2009-01-08 58608]
R2 APC UPS Service;APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [2007-02-27 689672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2000-08-06 7442493]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 357376]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-10 935008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-14 182768]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2000-08-06 303170]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Nový RSIT tuná:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Alojz at 2012-07-23 22:15:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 154 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:10, on 23.7.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\trend micro\Alojz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://viry.cz/go.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
R3 - URLSearchHook: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.160.dll/1000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O17 - HKLM\System\CS1\Services\Tcpip\..\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: BingBar Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe (file missing)
O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14821 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=7f034a15-c031-4427-abb8-6c2c8cf4502d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\6c31f417-60c5-4305-894c-754ab870b24e-214-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {47C81406-3DC1-4949-82FB-AE5250CFA19A}
WLIDSvcM.exe 2476
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3140602C-B1B3-4B25-B81A-8EED91557809}
"C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe" -UseTray
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\07232012_220849.log
taskeng.exe {E5B095FC-49CC-438B-A2DB-A1D60AD47C52}
"C:\Windows\RAVCpl64.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=c910eb7b-8746-4c53-94dd-973df95e7652 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\2dead222-9956-4b7e-8aae-245a3f2d012b-bb0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Downloads and Setup files\AntivirusScannery, Vypalovanie, Zálohovanie, Utility, Ovladače, Patche etc\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Defraggler Volume F Task.job
C:\Windows\tasks\Defraggler Volume G Task.job
C:\Windows\tasks\Defraggler Volume H Task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-14 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1bcec53b-aa13-4de2-814d-2d6a98e7ba79}]
LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24BCDA96-8FCB-4D3B-0500-000000000004}]
SMSender.E.ToolbarsHelper - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-12-18 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll []
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\Windows\system32\mscoree.dll [2009-11-08 444752]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - LongTailVideo Toolbar - C:\Program Files (x86)\LongTailVideo\tbLon1.dll []
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-07-10 2074208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2007-02-15 5018112]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 15933984]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 82464]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 138240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2009-01-08 1331024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips Device Manager.lnk]
C:\PROGRA~2\Philips\SA28XX~1\main.exe [2008-08-18 7971634]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-07-10 1107552]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-16 928096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [2012-07-19 36960]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-23 22:07:15 ----DC---- C:\_OTM
2012-07-23 21:09:42 ----DC---- C:\rsit
2012-07-22 21:11:42 ----ASH---- C:\hiberfil.sys
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\url.dll
2012-07-11 02:03:54 ----AC---- C:\Windows\system32\mshtmled.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\urlmon.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\ieui.dll
2012-07-11 02:03:53 ----AC---- C:\Windows\system32\iertutil.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\jsproxy.dll
2012-07-11 02:03:52 ----AC---- C:\Windows\system32\ieUnatt.exe
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\wininet.dll
2012-07-11 02:03:51 ----AC---- C:\Windows\system32\jscript9.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 02:03:50 ----AC---- C:\Windows\system32\jscript.dll
2012-07-11 02:03:49 ----AC---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 02:03:48 ----AC---- C:\Windows\system32\mshtml.dll
2012-07-11 02:03:47 ----AC---- C:\Windows\system32\ieframe.dll
2012-07-11 02:03:46 ----AC---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 02:03:26 ----AC---- C:\Windows\system32\win32k.sys
2012-07-10 22:54:53 ----AC---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\schannel.dll
2012-07-10 22:54:48 ----AC---- C:\Windows\system32\ncrypt.dll
2012-07-10 22:54:47 ----AC---- C:\Windows\SYSWOW64\secur32.dll
2012-07-10 22:54:42 ----AC---- C:\Windows\system32\msxml6.dll
2012-07-10 22:54:41 ----AC---- C:\Windows\system32\msxml3.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-10 22:54:33 ----AC---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-10 22:49:07 ----AC---- C:\Windows\system32\shell32.dll
2012-07-10 22:48:53 ----AC---- C:\Windows\SYSWOW64\shell32.dll
======List of files/folders modified in the last 1 month======
2012-07-23 22:16:03 ----DC---- C:\Windows\Temp
2012-07-23 22:16:03 ----DC---- C:\Program Files\trend micro
2012-07-23 22:16:00 ----ADC---- C:\ProgramData\Temp
2012-07-23 22:14:40 ----DC---- C:\Windows\Prefetch
2012-07-23 22:08:22 ----DC---- C:\Program Files (x86)\Microsoft
2012-07-23 22:07:20 ----RDC---- C:\Program Files (x86)
2012-07-23 22:07:20 ----DC---- C:\Program Files (x86)\Google
2012-07-23 21:10:14 ----DC---- C:\Windows\System32
2012-07-23 21:10:14 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 21:10:13 ----DC---- C:\Windows\inf
2012-07-23 20:54:46 ----DC---- C:\Downloads
2012-07-23 20:34:49 ----DC---- C:\ProgramData\MFAData
2012-07-23 20:34:47 ----DC---- C:\Windows\system32\drivers\AVG
2012-07-23 20:33:51 ----DC---- C:\ProgramData\Spyware Terminator
2012-07-22 23:52:09 ----DC---- C:\Windows\Minidump
2012-07-22 23:52:09 ----DC---- C:\Windows\Debug
2012-07-22 23:52:09 ----DC---- C:\Windows
2012-07-22 21:28:40 ----DC---- C:\Windows\system32\catroot2
2012-07-19 20:33:32 ----DC---- C:\Program Files (x86)\Mozilla Thunderbird
2012-07-19 00:08:37 ----DC---- C:\Program Files (x86)\AVG Secure Search
2012-07-13 22:09:49 ----SHD---- C:\System Volume Information
2012-07-12 00:08:47 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 00:03:36 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-11 23:55:30 ----DC---- C:\Windows\SysWOW64
2012-07-11 23:55:27 ----DC---- C:\Windows\system32\drivers
2012-07-11 23:55:27 ----DC---- C:\Program Files (x86)\Internet Explorer
2012-07-11 23:55:26 ----DC---- C:\Windows\SYSWOW64\migration
2012-07-11 23:55:23 ----DC---- C:\Windows\system32\migration
2012-07-11 23:55:20 ----DC---- C:\Program Files\Internet Explorer
2012-07-11 02:15:39 ----D---- C:\Windows\winsxs
2012-07-11 02:15:25 ----SHDC---- C:\Windows\Installer
2012-07-11 02:15:18 ----SHDC---- C:\Config.Msi
2012-07-11 02:15:18 ----DC---- C:\ProgramData\Microsoft Help
2012-07-11 02:06:56 ----AC---- C:\Windows\system32\mrt.exe
2012-07-11 02:05:04 ----DC---- C:\Windows\system32\catroot
2012-06-29 06:51:32 ----DC---- C:\MetaStock Data
2012-06-28 00:10:22 ----DC---- C:\Program Files (x86)\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 DwProt;DrWeb Protection; C:\Windows\system32\drivers\dwprot.sys [2011-12-18 153880]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2007-08-09 130080]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-14 51496]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2007-02-14 1016616]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-11-18 1484448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 9477408]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 26624]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Windows\syswow64\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2009-01-08 58608]
R2 APC UPS Service;APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [2007-02-27 689672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2000-08-06 7442493]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 357376]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-10 935008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-14 182768]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2000-08-06 303170]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
Dvouklikem na soubor C:\Program Files\trend micro\Alojz.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Dejte log ComboFix.
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >Cleanup<. OTM po sobě uklidí. Dále restartujte PC.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
R3 - URLSearchHook: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O2 - BHO: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll (file missing)
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: LongTailVideo Toolbar - {1bcec53b-aa13-4de2-814d-2d6a98e7ba79} - C:\Program Files (x86)\LongTailVideo\tbLon1.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll" (file missing)
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
Dejte log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
ComboFix 12-07-24.01 - Alojz 24.07.2012 0:36.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.777 [GMT 2:00]
Spuštěný z: c:\users\Alojz\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\users\Alojz\AppData\Local\assembly\tmp
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\SMSender.MSOF.160.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Roaming\Microsoft\~DFK8e05ec.tmp
c:\users\Alojz\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Alojz\AppData\Roaming\Microsoft\bass.dll
c:\users\Alojz\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Alojz\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Alojz\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Alojz\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Alojz\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\Downloaded Program Files\Temp
c:\windows\SysWow64\system
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 22:50 . 2012-07-23 22:56 -------- dc----w- c:\users\Alojz\AppData\Local\temp
2012-07-11 00:03 . 2012-06-02 11:57 2382848 -c--a-w- c:\windows\system32\mshtml.tlb
2012-07-10 20:54 . 2012-06-05 16:22 974848 -c--a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-05 16:47 708608 -c--a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-04 15:29 516480 -c--a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:54 . 2012-06-02 00:22 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-07-10 20:54 . 2012-06-02 00:22 254464 -c--a-w- c:\windows\system32\ncrypt.dll
2012-07-10 20:54 . 2012-06-02 00:03 204288 -c--a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-10 20:54 . 2012-06-05 16:22 1797120 -c--a-w- c:\windows\system32\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:22 1869824 -c--a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:54 . 2012-06-05 16:47 1401856 -c--a-w- c:\windows\SysWow64\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:47 1248768 -c--a-w- c:\windows\SysWow64\msxml3.dll
2012-07-10 20:49 . 2012-06-08 17:59 12899840 -c--a-w- c:\windows\system32\shell32.dll
2012-06-29 04:15 . 2012-06-29 04:15 515664 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:08 . 2012-04-10 15:59 426184 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-11 22:08 . 2011-05-18 16:46 70344 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:03 . 2012-04-15 15:05 9226440 -c--a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-11 00:06 . 2006-11-02 12:35 59701280 -c--a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-21 16:05 38424 -c--a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 16:06 2428952 -c--a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 16:06 57880 -c--a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 16:06 44056 -c--a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 16:05 35864 -c--a-w- c:\windows\SysWow64\wups.dll
2012-06-02 22:19 . 2012-06-21 16:05 701976 -c--a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 16:05 577048 -c--a-w- c:\windows\SysWow64\wuapi.dll
2012-06-02 22:15 . 2012-06-21 16:06 2622464 -c--a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 16:05 99840 -c--a-w- c:\windows\system32\wudriver.dll
2012-06-02 22:12 . 2012-06-21 16:05 88576 -c--a-w- c:\windows\SysWow64\wudriver.dll
2012-06-02 13:19 . 2012-06-21 16:05 186752 -c--a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:19 . 2012-06-21 16:05 171904 -c--a-w- c:\windows\SysWow64\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 16:05 36864 -c--a-w- c:\windows\system32\wuapp.exe
2012-06-02 13:12 . 2012-06-21 16:05 33792 -c--a-w- c:\windows\SysWow64\wuapp.exe
2012-06-02 08:25 . 2012-07-11 00:03 1129472 -c--a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 00:22 . 2012-07-10 20:54 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-06-02 00:05 . 2012-07-10 20:54 77312 -c--a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 00:04 . 2012-07-10 20:54 278528 -c--a-w- c:\windows\SysWow64\schannel.dll
2012-05-07 18:09 . 2012-04-26 20:56 188128 -c--a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-05-07 18:07 . 2012-05-06 15:41 112832 -c--a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-06 15:48 . 2012-05-06 15:48 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLA6ED.tmp
2012-05-06 15:48 . 2012-05-06 15:48 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWLA2E7.tmp
2012-05-01 14:29 . 2012-06-13 19:51 209920 -c--a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 21:25 . 2012-04-26 21:25 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWL5D00.tmp
2012-04-26 21:25 . 2012-04-26 21:25 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWL5BC7.tmp
2012-04-26 21:13 . 2012-04-26 21:13 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLF446.tmp
2012-04-26 21:12 . 2012-04-26 21:12 1358 -c--a-w- c:\users\Alojz\AppData\Local\VWL2718.tmp
2012-04-26 20:41 . 2012-04-26 20:41 1316 -c--a-w- c:\users\Alojz\AppData\Local\VWL8CFE.tmp
2012-04-26 20:41 . 2012-04-26 20:38 1750 -c--a-w- c:\users\Alojz\AppData\Local\VWLC59.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-10 19:24 2074208 -c--a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-10 1107552]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
.
c:\users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2007-5-13 267784]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 -c--a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:08]
.
2012-05-01 c:\windows\Tasks\Defraggler Volume F Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-04 c:\windows\Tasks\Defraggler Volume G Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-01 c:\windows\Tasks\Defraggler Volume H Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-02-15 5018112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 15933984]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 82464]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://viry.cz/go.php
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Poslat jako MMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1003
IE: Poslat jako SMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1001
IE: Poslat MMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1002
IE: Poslat SMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1000
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Alojz\AppData\Roaming\Mozilla\Firefox\Profiles\kok7fefk.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=&mid=c4632008de5f9855b87781a5e637bb3c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.18.1&lang=cz&pr=pa&d=2011-12-11%2022%3A16%3A01&sap=ku&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~2\Crawler\Toolbar\CToolbar.exe
AddRemove-LongTailVideo Toolbar - c:\progra~2\LONGTA~1\UNWISE.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}"=hex:51,66,7a,6c,4c,1d,38,12,f1,24,4e,
ea,29,46,6a,01,e6,5b,85,f6,0f,f0,fe,79
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}"=hex:51,66,7a,6c,4c,1d,38,12,95,22,87,
ed,ef,26,9e,05,cb,ba,f4,42,79,f0,6b,0e
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:78,38,4f,2a,e8,b9,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\AVG\AVG2012\avgfws.exe
c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
.
**************************************************************************
.
Celkový čas: 2012-07-24 01:09:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-23 23:09
.
Před spuštěním: Volných bajtů: 24 453 603 328
Po spuštění: Volných bajtů: 24 570 048 512
.
- - End Of File - - 255C463DD23000F2738B3A8D88D6DCCA
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.777 [GMT 2:00]
Spuštěný z: c:\users\Alojz\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\users\Alojz\AppData\Local\assembly\tmp
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\SMSender.MSOF.160.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Roaming\Microsoft\~DFK8e05ec.tmp
c:\users\Alojz\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Alojz\AppData\Roaming\Microsoft\bass.dll
c:\users\Alojz\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Alojz\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Alojz\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Alojz\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Alojz\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\Downloaded Program Files\Temp
c:\windows\SysWow64\system
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 22:50 . 2012-07-23 22:56 -------- dc----w- c:\users\Alojz\AppData\Local\temp
2012-07-11 00:03 . 2012-06-02 11:57 2382848 -c--a-w- c:\windows\system32\mshtml.tlb
2012-07-10 20:54 . 2012-06-05 16:22 974848 -c--a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-05 16:47 708608 -c--a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-04 15:29 516480 -c--a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:54 . 2012-06-02 00:22 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-07-10 20:54 . 2012-06-02 00:22 254464 -c--a-w- c:\windows\system32\ncrypt.dll
2012-07-10 20:54 . 2012-06-02 00:03 204288 -c--a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-10 20:54 . 2012-06-05 16:22 1797120 -c--a-w- c:\windows\system32\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:22 1869824 -c--a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:54 . 2012-06-05 16:47 1401856 -c--a-w- c:\windows\SysWow64\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:47 1248768 -c--a-w- c:\windows\SysWow64\msxml3.dll
2012-07-10 20:49 . 2012-06-08 17:59 12899840 -c--a-w- c:\windows\system32\shell32.dll
2012-06-29 04:15 . 2012-06-29 04:15 515664 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:08 . 2012-04-10 15:59 426184 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-11 22:08 . 2011-05-18 16:46 70344 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:03 . 2012-04-15 15:05 9226440 -c--a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-11 00:06 . 2006-11-02 12:35 59701280 -c--a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-21 16:05 38424 -c--a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 16:06 2428952 -c--a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 16:06 57880 -c--a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 16:06 44056 -c--a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 16:05 35864 -c--a-w- c:\windows\SysWow64\wups.dll
2012-06-02 22:19 . 2012-06-21 16:05 701976 -c--a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 16:05 577048 -c--a-w- c:\windows\SysWow64\wuapi.dll
2012-06-02 22:15 . 2012-06-21 16:06 2622464 -c--a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 16:05 99840 -c--a-w- c:\windows\system32\wudriver.dll
2012-06-02 22:12 . 2012-06-21 16:05 88576 -c--a-w- c:\windows\SysWow64\wudriver.dll
2012-06-02 13:19 . 2012-06-21 16:05 186752 -c--a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:19 . 2012-06-21 16:05 171904 -c--a-w- c:\windows\SysWow64\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 16:05 36864 -c--a-w- c:\windows\system32\wuapp.exe
2012-06-02 13:12 . 2012-06-21 16:05 33792 -c--a-w- c:\windows\SysWow64\wuapp.exe
2012-06-02 08:25 . 2012-07-11 00:03 1129472 -c--a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 00:22 . 2012-07-10 20:54 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-06-02 00:05 . 2012-07-10 20:54 77312 -c--a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 00:04 . 2012-07-10 20:54 278528 -c--a-w- c:\windows\SysWow64\schannel.dll
2012-05-07 18:09 . 2012-04-26 20:56 188128 -c--a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-05-07 18:07 . 2012-05-06 15:41 112832 -c--a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-06 15:48 . 2012-05-06 15:48 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLA6ED.tmp
2012-05-06 15:48 . 2012-05-06 15:48 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWLA2E7.tmp
2012-05-01 14:29 . 2012-06-13 19:51 209920 -c--a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 21:25 . 2012-04-26 21:25 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWL5D00.tmp
2012-04-26 21:25 . 2012-04-26 21:25 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWL5BC7.tmp
2012-04-26 21:13 . 2012-04-26 21:13 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLF446.tmp
2012-04-26 21:12 . 2012-04-26 21:12 1358 -c--a-w- c:\users\Alojz\AppData\Local\VWL2718.tmp
2012-04-26 20:41 . 2012-04-26 20:41 1316 -c--a-w- c:\users\Alojz\AppData\Local\VWL8CFE.tmp
2012-04-26 20:41 . 2012-04-26 20:38 1750 -c--a-w- c:\users\Alojz\AppData\Local\VWLC59.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-10 19:24 2074208 -c--a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-10 1107552]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
.
c:\users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2007-5-13 267784]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 -c--a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:08]
.
2012-05-01 c:\windows\Tasks\Defraggler Volume F Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-04 c:\windows\Tasks\Defraggler Volume G Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-01 c:\windows\Tasks\Defraggler Volume H Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-02-15 5018112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 15933984]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 82464]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://viry.cz/go.php
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Poslat jako MMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1003
IE: Poslat jako SMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1001
IE: Poslat MMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1002
IE: Poslat SMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1000
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Alojz\AppData\Roaming\Mozilla\Firefox\Profiles\kok7fefk.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=&mid=c4632008de5f9855b87781a5e637bb3c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.18.1&lang=cz&pr=pa&d=2011-12-11%2022%3A16%3A01&sap=ku&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~2\Crawler\Toolbar\CToolbar.exe
AddRemove-LongTailVideo Toolbar - c:\progra~2\LONGTA~1\UNWISE.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}"=hex:51,66,7a,6c,4c,1d,38,12,f1,24,4e,
ea,29,46,6a,01,e6,5b,85,f6,0f,f0,fe,79
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}"=hex:51,66,7a,6c,4c,1d,38,12,95,22,87,
ed,ef,26,9e,05,cb,ba,f4,42,79,f0,6b,0e
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:78,38,4f,2a,e8,b9,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\AVG\AVG2012\avgfws.exe
c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
.
**************************************************************************
.
Celkový čas: 2012-07-24 01:09:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-23 23:09
.
Před spuštěním: Volných bajtů: 24 453 603 328
Po spuštění: Volných bajtů: 24 570 048 512
.
- - End Of File - - 255C463DD23000F2738B3A8D88D6DCCA
Re: Modrá smrť
ComboFix 12-07-24.01 - Alojz 24.07.2012 0:36.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.777 [GMT 2:00]
Spuštěný z: c:\users\Alojz\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\users\Alojz\AppData\Local\assembly\tmp
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\SMSender.MSOF.160.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Roaming\Microsoft\~DFK8e05ec.tmp
c:\users\Alojz\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Alojz\AppData\Roaming\Microsoft\bass.dll
c:\users\Alojz\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Alojz\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Alojz\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Alojz\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Alojz\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\Downloaded Program Files\Temp
c:\windows\SysWow64\system
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 22:50 . 2012-07-23 22:56 -------- dc----w- c:\users\Alojz\AppData\Local\temp
2012-07-11 00:03 . 2012-06-02 11:57 2382848 -c--a-w- c:\windows\system32\mshtml.tlb
2012-07-10 20:54 . 2012-06-05 16:22 974848 -c--a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-05 16:47 708608 -c--a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-04 15:29 516480 -c--a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:54 . 2012-06-02 00:22 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-07-10 20:54 . 2012-06-02 00:22 254464 -c--a-w- c:\windows\system32\ncrypt.dll
2012-07-10 20:54 . 2012-06-02 00:03 204288 -c--a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-10 20:54 . 2012-06-05 16:22 1797120 -c--a-w- c:\windows\system32\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:22 1869824 -c--a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:54 . 2012-06-05 16:47 1401856 -c--a-w- c:\windows\SysWow64\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:47 1248768 -c--a-w- c:\windows\SysWow64\msxml3.dll
2012-07-10 20:49 . 2012-06-08 17:59 12899840 -c--a-w- c:\windows\system32\shell32.dll
2012-06-29 04:15 . 2012-06-29 04:15 515664 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:08 . 2012-04-10 15:59 426184 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-11 22:08 . 2011-05-18 16:46 70344 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:03 . 2012-04-15 15:05 9226440 -c--a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-11 00:06 . 2006-11-02 12:35 59701280 -c--a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-21 16:05 38424 -c--a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 16:06 2428952 -c--a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 16:06 57880 -c--a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 16:06 44056 -c--a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 16:05 35864 -c--a-w- c:\windows\SysWow64\wups.dll
2012-06-02 22:19 . 2012-06-21 16:05 701976 -c--a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 16:05 577048 -c--a-w- c:\windows\SysWow64\wuapi.dll
2012-06-02 22:15 . 2012-06-21 16:06 2622464 -c--a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 16:05 99840 -c--a-w- c:\windows\system32\wudriver.dll
2012-06-02 22:12 . 2012-06-21 16:05 88576 -c--a-w- c:\windows\SysWow64\wudriver.dll
2012-06-02 13:19 . 2012-06-21 16:05 186752 -c--a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:19 . 2012-06-21 16:05 171904 -c--a-w- c:\windows\SysWow64\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 16:05 36864 -c--a-w- c:\windows\system32\wuapp.exe
2012-06-02 13:12 . 2012-06-21 16:05 33792 -c--a-w- c:\windows\SysWow64\wuapp.exe
2012-06-02 08:25 . 2012-07-11 00:03 1129472 -c--a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 00:22 . 2012-07-10 20:54 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-06-02 00:05 . 2012-07-10 20:54 77312 -c--a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 00:04 . 2012-07-10 20:54 278528 -c--a-w- c:\windows\SysWow64\schannel.dll
2012-05-07 18:09 . 2012-04-26 20:56 188128 -c--a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-05-07 18:07 . 2012-05-06 15:41 112832 -c--a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-06 15:48 . 2012-05-06 15:48 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLA6ED.tmp
2012-05-06 15:48 . 2012-05-06 15:48 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWLA2E7.tmp
2012-05-01 14:29 . 2012-06-13 19:51 209920 -c--a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 21:25 . 2012-04-26 21:25 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWL5D00.tmp
2012-04-26 21:25 . 2012-04-26 21:25 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWL5BC7.tmp
2012-04-26 21:13 . 2012-04-26 21:13 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLF446.tmp
2012-04-26 21:12 . 2012-04-26 21:12 1358 -c--a-w- c:\users\Alojz\AppData\Local\VWL2718.tmp
2012-04-26 20:41 . 2012-04-26 20:41 1316 -c--a-w- c:\users\Alojz\AppData\Local\VWL8CFE.tmp
2012-04-26 20:41 . 2012-04-26 20:38 1750 -c--a-w- c:\users\Alojz\AppData\Local\VWLC59.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-10 19:24 2074208 -c--a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-10 1107552]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
.
c:\users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2007-5-13 267784]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 -c--a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:08]
.
2012-05-01 c:\windows\Tasks\Defraggler Volume F Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-04 c:\windows\Tasks\Defraggler Volume G Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-01 c:\windows\Tasks\Defraggler Volume H Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-02-15 5018112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 15933984]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 82464]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://viry.cz/go.php
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Poslat jako MMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1003
IE: Poslat jako SMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1001
IE: Poslat MMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1002
IE: Poslat SMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1000
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Alojz\AppData\Roaming\Mozilla\Firefox\Profiles\kok7fefk.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=&mid=c4632008de5f9855b87781a5e637bb3c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.18.1&lang=cz&pr=pa&d=2011-12-11%2022%3A16%3A01&sap=ku&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~2\Crawler\Toolbar\CToolbar.exe
AddRemove-LongTailVideo Toolbar - c:\progra~2\LONGTA~1\UNWISE.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}"=hex:51,66,7a,6c,4c,1d,38,12,f1,24,4e,
ea,29,46,6a,01,e6,5b,85,f6,0f,f0,fe,79
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}"=hex:51,66,7a,6c,4c,1d,38,12,95,22,87,
ed,ef,26,9e,05,cb,ba,f4,42,79,f0,6b,0e
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:78,38,4f,2a,e8,b9,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\AVG\AVG2012\avgfws.exe
c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
.
**************************************************************************
.
Celkový čas: 2012-07-24 01:09:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-23 23:09
.
Před spuštěním: Volných bajtů: 24 453 603 328
Po spuštění: Volných bajtů: 24 570 048 512
.
- - End Of File - - 255C463DD23000F2738B3A8D88D6DCCA
Rudy, počas behu Combofixu nenastali žiadne problémy, i po reštarte v noci počítač nabiehal v pohode. Ráno som skúsil PC zapnúť a zas nenabehol. Prvýkrát spadol pri zadávaní hesla do Win (modrá smrť), pri druhom pokuse sa sekol ešte počas bootovania - čierna obrazovka.
Mne to celé príde, že sa potrebuje dostať na nejakú prevádzkovú teplotu, ako som zmienil, pokiaľ sa rozbehne, tak potom už drží i celý deň...
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.777 [GMT 2:00]
Spuštěný z: c:\users\Alojz\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\users\Alojz\AppData\Local\assembly\tmp
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\1N2HWAO2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3JT4DNX7\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P3HWAP3\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\3P4JXBQ4\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\5P3IWAP3\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\6R5JYCQ4\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8NY8IS2C\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\8T7M0ES6\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\AR1BLV4E\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ASDXH2GW\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\BR1DNXPY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\CXBQ4IWB\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\D1J4O8SD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ET4FQ2CO\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\G0ES7LZD\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\GW6GPZ9J\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\H1FU8M0E\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HX7HR1AK\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\HZ9LW6GQ\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\IY8N2HWB\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\L3EP0CNX\AddinExpress.ToolbarControls.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\LPZ9JS2O\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\TDS6KYDR\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UAKV4EOY\SMSender.MSOF.160.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\UET7LZES\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VAKU4EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VHVAO2HV\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\VJXCR5K2\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WBLV5EOY\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\WEP1CLV5\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\YKZDS6KZ\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\__AssemblyInfo__.ini
c:\users\Alojz\AppData\Local\assembly\tmp\ZGR1DNY9\AddinExpress.MSO.2005.DLL
c:\users\Alojz\AppData\Roaming\Microsoft\~DFK8e05ec.tmp
c:\users\Alojz\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Alojz\AppData\Roaming\Microsoft\bass.dll
c:\users\Alojz\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Alojz\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Alojz\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Alojz\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Alojz\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\Downloaded Program Files\Temp
c:\windows\SysWow64\system
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 22:50 . 2012-07-23 22:56 -------- dc----w- c:\users\Alojz\AppData\Local\temp
2012-07-11 00:03 . 2012-06-02 11:57 2382848 -c--a-w- c:\windows\system32\mshtml.tlb
2012-07-10 20:54 . 2012-06-05 16:22 974848 -c--a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-05 16:47 708608 -c--a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 20:54 . 2012-06-04 15:29 516480 -c--a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:54 . 2012-06-02 00:22 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-07-10 20:54 . 2012-06-02 00:22 254464 -c--a-w- c:\windows\system32\ncrypt.dll
2012-07-10 20:54 . 2012-06-02 00:03 204288 -c--a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-10 20:54 . 2012-06-05 16:22 1797120 -c--a-w- c:\windows\system32\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:22 1869824 -c--a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:54 . 2012-06-05 16:47 1401856 -c--a-w- c:\windows\SysWow64\msxml6.dll
2012-07-10 20:54 . 2012-06-05 16:47 1248768 -c--a-w- c:\windows\SysWow64\msxml3.dll
2012-07-10 20:49 . 2012-06-08 17:59 12899840 -c--a-w- c:\windows\system32\shell32.dll
2012-06-29 04:15 . 2012-06-29 04:15 515664 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:08 . 2012-04-10 15:59 426184 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-11 22:08 . 2011-05-18 16:46 70344 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:03 . 2012-04-15 15:05 9226440 -c--a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-11 00:06 . 2006-11-02 12:35 59701280 -c--a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-21 16:05 38424 -c--a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 16:06 2428952 -c--a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 16:06 57880 -c--a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 16:06 44056 -c--a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 16:05 35864 -c--a-w- c:\windows\SysWow64\wups.dll
2012-06-02 22:19 . 2012-06-21 16:05 701976 -c--a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 16:05 577048 -c--a-w- c:\windows\SysWow64\wuapi.dll
2012-06-02 22:15 . 2012-06-21 16:06 2622464 -c--a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 16:05 99840 -c--a-w- c:\windows\system32\wudriver.dll
2012-06-02 22:12 . 2012-06-21 16:05 88576 -c--a-w- c:\windows\SysWow64\wudriver.dll
2012-06-02 13:19 . 2012-06-21 16:05 186752 -c--a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:19 . 2012-06-21 16:05 171904 -c--a-w- c:\windows\SysWow64\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 16:05 36864 -c--a-w- c:\windows\system32\wuapp.exe
2012-06-02 13:12 . 2012-06-21 16:05 33792 -c--a-w- c:\windows\SysWow64\wuapp.exe
2012-06-02 08:25 . 2012-07-11 00:03 1129472 -c--a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 00:22 . 2012-07-10 20:54 347136 -c--a-w- c:\windows\system32\schannel.dll
2012-06-02 00:05 . 2012-07-10 20:54 77312 -c--a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 00:04 . 2012-07-10 20:54 278528 -c--a-w- c:\windows\SysWow64\schannel.dll
2012-05-07 18:09 . 2012-04-26 20:56 188128 -c--a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-05-07 18:07 . 2012-05-06 15:41 112832 -c--a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-06 15:48 . 2012-05-06 15:48 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLA6ED.tmp
2012-05-06 15:48 . 2012-05-06 15:48 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWLA2E7.tmp
2012-05-01 14:29 . 2012-06-13 19:51 209920 -c--a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 21:25 . 2012-04-26 21:25 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWL5D00.tmp
2012-04-26 21:25 . 2012-04-26 21:25 1328 -c--a-w- c:\users\Alojz\AppData\Local\VWL5BC7.tmp
2012-04-26 21:13 . 2012-04-26 21:13 1310 -c--a-w- c:\users\Alojz\AppData\Local\VWLF446.tmp
2012-04-26 21:12 . 2012-04-26 21:12 1358 -c--a-w- c:\users\Alojz\AppData\Local\VWL2718.tmp
2012-04-26 20:41 . 2012-04-26 20:41 1316 -c--a-w- c:\users\Alojz\AppData\Local\VWL8CFE.tmp
2012-04-26 20:41 . 2012-04-26 20:38 1750 -c--a-w- c:\users\Alojz\AppData\Local\VWLC59.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-10 19:24 2074208 -c--a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-10 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-10 1107552]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
.
c:\users\Alojz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2007-5-13 267784]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 -c--a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:08]
.
2012-05-01 c:\windows\Tasks\Defraggler Volume F Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-04 c:\windows\Tasks\Defraggler Volume G Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
2012-07-01 c:\windows\Tasks\Defraggler Volume H Task.job
- c:\program files\Defraggler\df64.exe [2012-01-16 14:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-02-15 5018112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 15933984]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 82464]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://viry.cz/go.php
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Poslat jako MMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1003
IE: Poslat jako SMS - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1001
IE: Poslat MMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1002
IE: Poslat SMS na - c:\program files (x86)\O2\SMSender\SMSender.E.160.dll/1000
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{46DAE1DA-BA26-479A-B706-9924D2716156}: NameServer = 194.228.41.65,194.228.41.113
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Alojz\AppData\Roaming\Mozilla\Firefox\Profiles\kok7fefk.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=&mid=c4632008de5f9855b87781a5e637bb3c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.18.1&lang=cz&pr=pa&d=2011-12-11%2022%3A16%3A01&sap=ku&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{1BCEC53B-AA13-4DE2-814D-2D6A98E7BA79} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~2\Crawler\Toolbar\CToolbar.exe
AddRemove-LongTailVideo Toolbar - c:\progra~2\LONGTA~1\UNWISE.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EE5D279F-081B-4404-994D-C6B60AAEBA6D}"=hex:51,66,7a,6c,4c,1d,38,12,f1,24,4e,
ea,29,46,6a,01,e6,5b,85,f6,0f,f0,fe,79
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}"=hex:51,66,7a,6c,4c,1d,38,12,95,22,87,
ed,ef,26,9e,05,cb,ba,f4,42,79,f0,6b,0e
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:78,38,4f,2a,e8,b9,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\AVG\AVG2012\avgfws.exe
c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
.
**************************************************************************
.
Celkový čas: 2012-07-24 01:09:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-23 23:09
.
Před spuštěním: Volných bajtů: 24 453 603 328
Po spuštění: Volných bajtů: 24 570 048 512
.
- - End Of File - - 255C463DD23000F2738B3A8D88D6DCCA
Rudy, počas behu Combofixu nenastali žiadne problémy, i po reštarte v noci počítač nabiehal v pohode. Ráno som skúsil PC zapnúť a zas nenabehol. Prvýkrát spadol pri zadávaní hesla do Win (modrá smrť), pri druhom pokuse sa sekol ešte počas bootovania - čierna obrazovka.
Mne to celé príde, že sa potrebuje dostať na nejakú prevádzkovú teplotu, ako som zmienil, pokiaľ sa rozbehne, tak potom už drží i celý deň...
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
To je možné, ještě můžeme provést nějaké testy hardwaru.Rudy, počas behu Combofixu nenastali žiadne problémy, i po reštarte v noci počítač nabiehal v pohode. Ráno som skúsil PC zapnúť a zas nenabehol. Prvýkrát spadol pri zadávaní hesla do Win (modrá smrť), pri druhom pokuse sa sekol ešte počas bootovania - čierna obrazovka.
Mne to celé príde, že sa potrebuje dostať na nejakú prevádzkovú teplotu, ako som zmienil, pokiaľ sa rozbehne, tak potom už drží i celý deň...
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\users\Alojz\AppData\Local\VWLA6ED.tmp
c:\users\Alojz\AppData\Local\VWLA2E7.tmp
c:\users\Alojz\AppData\Local\VWL5D00.tmp
c:\users\Alojz\AppData\Local\VWL5BC7.tmp
c:\users\Alojz\AppData\Local\VWLF446.tmp
c:\users\Alojz\AppData\Local\VWL2718.tmp
c:\users\Alojz\AppData\Local\VWL8CFE.tmp
c:\users\Alojz\AppData\Local\VWLC59.tmp
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modrá smrť
Rudy, počas behu combofixu som dostal hlášku, že program PEV.exe prestal pracovať, dialógové okno som zavrel, CF naďalej beží v tom svojom dosovskom okne a dokončuje jednotlivé fáze. Nie je na škodu, že došlo k zastaveniu behu PEV.exe? NIe je to nejaká súčasť CF? Proste, nemám ten CF spustiť, po tom, čo dobehne, radšej ešte raz?
Budete chcieť vidieť log?
Budete chcieť vidieť log?
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modrá smrť
PEV.exe ja součást CF. Nejdřív však dejte log a pak uvidíme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?