Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Samovolné vypínání firewallu a antiviru

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#16 Příspěvek od jiri.machacek »

ComboFix 12-12-29.02 - Jiří Macháček 29.12.2012 13:31:16.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8055.5293 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý MachßŔek\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\_ctypes.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\_elementtree.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\_hashlib.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\_socket.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\_ssl.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\pyexpat.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\pysqlite2._sqlite.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\python26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\pythoncom26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\PyWinTypes26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\select.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\unicodedata.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32api.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32com.shell.shell.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32crypt.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32event.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32file.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32inet.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32pdh.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32process.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32profile.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32security.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\win32ts.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\windows._cacheinvalidation.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._controls_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._core_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._gdi_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._html2.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._misc_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._windows_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wx._wizard.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxbase293u_net_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxbase293u_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxmsw293u_adv_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxmsw293u_core_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxmsw293u_html_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI44442\wxmsw293u_webview_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\_ctypes.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\_elementtree.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\_hashlib.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\_socket.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\_ssl.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\pyexpat.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\pysqlite2._sqlite.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\python26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\pythoncom26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\PyWinTypes26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\select.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\unicodedata.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32api.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32com.shell.shell.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32crypt.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32event.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32file.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32inet.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32pdh.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32process.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32profile.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32security.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\win32ts.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\windows._cacheinvalidation.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._controls_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._core_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._gdi_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._html2.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._misc_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._windows_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wx._wizard.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxbase293u_net_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxbase293u_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxmsw293u_adv_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxmsw293u_core_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxmsw293u_html_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI44442\wxmsw293u_webview_vc.dll
c:\users\Public\AlexaNSISPlugin.2884.dll
c:\windows\PFRO.log
c:\windows\SysWow64\update
c:\windows\SysWow64\update\diablo121016.cl
c:\windows\SysWow64\update\diakgcn121016.cl
c:\windows\SysWow64\update\igfxupdate.exe
c:\windows\SysWow64\update\libcurl-4.dll
c:\windows\SysWow64\update\libeay32.dll
c:\windows\SysWow64\update\libidn-11.dll
c:\windows\SysWow64\update\libusb-1.0.dll
c:\windows\SysWow64\update\phatk121016.cl
c:\windows\SysWow64\update\poclbm121016.cl
c:\windows\SysWow64\update\poclbm121016Intel(R) HD Graphics 4000gv1w256l4.bin
c:\windows\SysWow64\update\pthreadGC2.dll
c:\windows\SysWow64\update\scrypt121016.cl
c:\windows\SysWow64\update\ssleay32.dll
c:\windows\SysWow64\update\zlib1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-28 do 2012-12-29 )))))))))))))))))))))))))))))))
.
.
2012-12-29 09:58 . 2012-12-29 09:58 -------- d-----w- C:\_OTL
2012-12-28 23:36 . 2012-12-28 23:37 -------- d-----w- c:\programdata\TuneUp Software
2012-12-28 23:35 . 2012-12-29 19:05 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-12-28 21:46 . 2012-12-29 10:45 512 ----a-w- C:\PhysicalMBR.bin
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- C:\rsit
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- c:\program files\trend micro
2012-12-28 21:15 . 2012-12-23 11:41 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-12-28 00:58 . 2012-11-08 08:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFF326B4-D41C-4486-9436-79F43597F437}\mpengine.dll
2012-12-23 11:38 . 2012-12-23 11:41 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-12-23 11:38 . 2012-12-23 11:41 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-12-23 11:38 . 2012-12-23 11:41 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-12-21 18:17 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:17 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 13:35 . 2012-12-19 13:35 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\ElevatedDiagnostics
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\programdata\Malwarebytes
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\Programs
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\windows\PCHEALTH
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2012-12-18 16:39 . 2012-12-18 16:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----r- C:\MSOCache
2012-12-11 09:11 . 2012-11-08 08:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-09 21:00 . 2012-12-09 21:00 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\SKIDROW
2012-12-09 20:51 . 2012-12-09 20:51 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64D3E617-8061-48DC-96FF-E51B214F3974}\gapaengine.dll
2012-12-09 20:48 . 2012-12-09 20:48 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-12-09 20:48 . 2012-12-09 20:48 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-09 20:34 . 2012-12-23 11:34 -------- d-----w- C:\Temp
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\programdata\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\users\Jiří Macháček\AppData\Roaming\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 08:27 . 2012-08-07 08:14 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 11:53 . 2012-08-09 12:36 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 11:53 . 2012-08-09 12:36 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 07:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:27 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 07:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 07:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 07:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 07:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 11:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 07:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 07:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 07:49 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 07:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 07:49 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 07:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 07:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 07:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 07:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 07:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 07:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 22:21 . 2012-10-10 18:39 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-02 22:21 . 2012-10-10 18:39 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-10-10 18:39 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-02 22:21 . 2012-10-10 18:39 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-10-10 18:39 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-02 22:21 . 2012-10-10 18:39 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-10-10 18:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-10-10 18:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-10-10 18:39 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-02 22:21 . 2012-10-10 18:39 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-02 22:21 . 2012-10-10 18:39 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-02 22:21 . 2012-10-10 18:39 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-02 22:21 . 2012-10-10 18:39 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-02 22:21 . 2012-06-17 11:19 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-06-17 11:19 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-06-17 11:19 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-02 22:21 . 2012-06-17 11:19 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-02 22:21 . 2012-06-17 11:19 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 19:51 . 2012-06-17 11:19 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-06-17 11:19 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-06-17 11:19 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-06-17 11:19 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-06-17 11:19 866664 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-10-02 19:50 . 2012-06-17 11:19 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-06-17 11:19 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2012-06-17 11:19 440168 ----a-w- c:\windows\SysWow64\oemdspif.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-08-10 22:54 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-11-08 16070136]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
"MuteSync"="c:\program files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe" [2012-02-04 343040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"CAPOSD"="c:\progra~2\Lenovo\LENOVO~3\CAPOSD.exe" [2012-02-09 1876992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"NokiaMusic FastStart"="c:\program files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" [2011-10-21 2193000]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe"="c:\programdata\Adobe\34B184.vbe" [2012-11-11 7300]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-10-24 313960]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-07 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-06-17 57952]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-06-17 39008]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-06-17 13408]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
S2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-06-17 30816]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 11:53]
.
2012-12-29 c:\windows\Tasks\CSEHRYD.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 11:51]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 11:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-30 439064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-06-17 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-17 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-17 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-06-17 206176]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-08-18 500208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - user.js: extentions.y2layers.installId - 85796ece-db3a-49e1-b387-4e41fa6f9722
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-12-29 13:46:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-29 12:46
.
Před spuštěním: Volných bajtů: 637 019 680 768
Po spuštění: Volných bajtů: 639 041 404 928
.
- - End Of File - - 036FEDF6E2DFAC4B83E419DCB49AD11B
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#17 Příspěvek od jiri.machacek »

Musím přitom mít zase vypnutý firewall, antivira všechna okna?
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#18 Příspěvek od jiri.machacek »

ComboFix 12-12-29.02 - Jiří Macháček 29.12.2012 15:23:57.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8055.5992 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý MachßŔek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ji°Ý MachßŔek\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\_ctypes.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\_elementtree.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\_hashlib.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\_socket.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\_ssl.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\pyexpat.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\pysqlite2._sqlite.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\python26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\pythoncom26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\PyWinTypes26.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\select.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\unicodedata.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32api.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32com.shell.shell.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32crypt.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32event.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32file.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32inet.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32pdh.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32process.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32profile.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32security.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\win32ts.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\windows._cacheinvalidation.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._controls_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._core_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._gdi_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._html2.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._misc_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._windows_.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wx._wizard.pyd
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxbase293u_net_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxbase293u_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxmsw293u_adv_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxmsw293u_core_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxmsw293u_html_vc.dll
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\wxmsw293u_webview_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\_ctypes.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\_elementtree.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\_hashlib.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\_socket.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\_ssl.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\pyexpat.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\pysqlite2._sqlite.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\python26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\pythoncom26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\PyWinTypes26.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\select.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\unicodedata.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32api.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32com.shell.shell.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32crypt.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32event.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32file.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32inet.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32pdh.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32process.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32profile.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32security.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\win32ts.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\windows._cacheinvalidation.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._controls_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._core_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._gdi_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._html2.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._misc_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._windows_.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wx._wizard.pyd
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxbase293u_net_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxbase293u_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxmsw293u_adv_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxmsw293u_core_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxmsw293u_html_vc.dll
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-28 do 2012-12-29 )))))))))))))))))))))))))))))))
.
.
2012-12-29 14:31 . 2012-12-29 14:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-29 14:31 . 2012-12-29 14:31 -------- d-----w- c:\users\Ji°Ý MachßŔek\AppData\Local\temp
2012-12-29 14:31 . 2012-12-29 14:31 -------- d-----w- c:\users\hedev\AppData\Local\temp
2012-12-29 14:31 . 2012-12-29 14:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-29 09:58 . 2012-12-29 09:58 -------- d-----w- C:\_OTL
2012-12-28 23:36 . 2012-12-28 23:37 -------- d-----w- c:\programdata\TuneUp Software
2012-12-28 23:35 . 2012-12-29 19:05 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-12-28 21:46 . 2012-12-29 10:45 512 ----a-w- C:\PhysicalMBR.bin
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- C:\rsit
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- c:\program files\trend micro
2012-12-28 21:15 . 2012-12-23 11:41 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-12-23 11:38 . 2012-12-23 11:41 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-12-23 11:38 . 2012-12-23 11:41 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-12-23 11:38 . 2012-12-23 11:41 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-12-21 18:17 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:17 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 13:35 . 2012-12-19 13:35 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\ElevatedDiagnostics
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\programdata\Malwarebytes
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\Programs
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\windows\PCHEALTH
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2012-12-18 16:39 . 2012-12-18 16:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----r- C:\MSOCache
2012-12-11 09:11 . 2012-11-08 08:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-09 21:00 . 2012-12-09 21:00 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\SKIDROW
2012-12-09 20:51 . 2012-12-09 20:51 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64D3E617-8061-48DC-96FF-E51B214F3974}\gapaengine.dll
2012-12-09 20:48 . 2012-12-09 20:48 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-12-09 20:48 . 2012-12-29 14:13 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-09 20:34 . 2012-12-23 11:34 -------- d-----w- C:\Temp
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\programdata\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\users\Jiří Macháček\AppData\Roaming\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 08:27 . 2012-08-07 08:14 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 11:53 . 2012-08-09 12:36 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 11:53 . 2012-08-09 12:36 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 07:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:27 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 07:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 07:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 07:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 07:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 11:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 07:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 07:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 07:49 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 07:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 07:49 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 07:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 07:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 07:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 07:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 07:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 07:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 22:21 . 2012-10-10 18:39 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-02 22:21 . 2012-10-10 18:39 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-10-10 18:39 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-02 22:21 . 2012-10-10 18:39 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-10-10 18:39 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-02 22:21 . 2012-10-10 18:39 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-10-10 18:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-10-10 18:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-10-10 18:39 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-02 22:21 . 2012-10-10 18:39 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-02 22:21 . 2012-10-10 18:39 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-02 22:21 . 2012-10-10 18:39 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-02 22:21 . 2012-10-10 18:39 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-02 22:21 . 2012-06-17 11:19 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-06-17 11:19 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-06-17 11:19 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-02 22:21 . 2012-06-17 11:19 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-02 22:21 . 2012-06-17 11:19 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 19:51 . 2012-06-17 11:19 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-06-17 11:19 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-06-17 11:19 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-06-17 11:19 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-06-17 11:19 866664 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-10-02 19:50 . 2012-06-17 11:19 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-06-17 11:19 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2012-06-17 11:19 440168 ----a-w- c:\windows\SysWow64\oemdspif.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-08-10 22:54 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-11-08 16070136]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
"MuteSync"="c:\program files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe" [2012-02-04 343040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"CAPOSD"="c:\progra~2\Lenovo\LENOVO~3\CAPOSD.exe" [2012-02-09 1876992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"NokiaMusic FastStart"="c:\program files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" [2011-10-21 2193000]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe"="c:\programdata\Adobe\34B184.vbe" [2012-11-11 7300]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-10-24 313960]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-07 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-06-17 57952]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-06-17 39008]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-06-17 13408]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
S2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-06-17 30816]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 11:53]
.
2012-12-29 c:\windows\Tasks\CSEHRYD.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 11:51]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-17 11:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-30 439064]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-06-17 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-17 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-17 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-06-17 206176]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-08-18 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - user.js: extentions.y2layers.installId - 85796ece-db3a-49e1-b387-4e41fa6f9722
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-12-29 15:37:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-29 14:37
ComboFix2.txt 2012-12-29 12:46
.
Před spuštěním: Volných bajtů: 639 168 614 400
Po spuštění: Volných bajtů: 639 097 622 528
.
- - End Of File - - 07CBB612542610D53FEA93550DB60C7C
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#19 Příspěvek od jiri.machacek »

Před pár lety na XP jsem tam trochu něco dělal, ale jinak nic moc. Zkus to prosím poslat, když nebudu vůbec vědět, půjčím to někomu zkušenějšímu.
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#20 Příspěvek od jiri.machacek »

svchost.exe *32
googletalkplugin.exe *32
googledrivesync.exe *32
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#21 Příspěvek od jiri.machacek »

C:\Users\JIMACH~1\AppData\Local\Temp\svchost.exe

Image name,Process ID,Parent PID,User,Process path,Work memory ,Running time,File Corporation,Signature (Signed name)

armsvc.exe *32,3668,812,SYSTEM,C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe,4M,04:07:58,Adobe Systems Incorporated,,
audiodg.exe,5852,604,LOCAL SERVICE,C:\Windows\System32\audiodg.exe,20M,01:31:10,Microsoft Corporation,,
BTTray.exe,4528,3068,Ji,C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe,13M,04:08:20,Broadcom Corporation.,,
btwdins.exe,1608,812,SYSTEM,C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe,6M,04:10:01,Broadcom Corporation.,,
CAPOSD.exe *32,3448,3068,Ji,C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe,7M,04:09:10,LENOVO,,
chrome.exe *32,932,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,103M,04:06:21,Google Inc.,,
chrome.exe *32,1088,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,9M,04:05:56,Google Inc.,,
chrome.exe *32,2128,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,22M,04:05:51,Google Inc.,,
chrome.exe *32,3184,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,51M,01:32:52,Google Inc.,,
chrome.exe *32,4000,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,40M,01:31:37,Google Inc.,,
chrome.exe *32,4436,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,45M,04:06:21,Google Inc.,,
chrome.exe *32,4720,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,48M,04:06:18,Google Inc.,,
chrome.exe *32,4724,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,40M,04:06:21,Google Inc.,,
chrome.exe *32,4948,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,21M,04:06:18,Google Inc.,,
chrome.exe *32,5004,2608,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,191M,04:06:24,Google Inc.,,
chrome.exe *32,5396,5004,Ji,C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,49M,00:14:05,Google Inc.,,
conhost.exe,1428,612,SYSTEM,C:\Windows\System32\conhost.exe,2M,04:10:01,Microsoft Corporation,,
conhost.exe,4252,728,Ji,C:\Windows\System32\conhost.exe,6M,04:08:30,Microsoft Corporation,,
csrss.exe,612,448,,C:\Windows\System32\csrss.exe,4M,04:10:09,Microsoft Corporation,,
csrss.exe,728,712,,C:\Windows\System32\csrss.exe,41M,04:10:06,Microsoft Corporation,,
dwm.exe,2592,432,Ji,C:\Windows\System32\dwm.exe,62M,04:09:56,Microsoft Corporation,,
Energy Management.exe,3848,3068,Ji,C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe,3M,04:09:25,File does not exist,,
EvtEng.exe,2968,812,SYSTEM,C:\Program Files\Intel\WiFi\bin\EvtEng.exe,13M,04:09:50,Intel(R) Corporation,,
explorer.exe,2608,2572,Ji,C:\Windows\explorer.exe,74M,04:09:55,Microsoft Corporation,,
googledrivesync.exe *32,4760,5052,Ji,C:\Program Files (x86)\Google\Drive\googledrivesync.exe,55M,04:08:19,Google,,
googledrivesync.exe *32,5052,3068,Ji,C:\Program Files (x86)\Google\Drive\googledrivesync.exe,3M,04:08:43,Google,,
googletalkplugin.exe *32,4452,1088,Ji,C:\Users\Ji,20M,04:05:55,Google,,
HeciServer.exe,1664,812,SYSTEM,C:\Program Files\Intel\iCLS Client\HeciServer.exe,5M,04:10:01,Intel(R) Corporation,,
hkcmd.exe,4572,3068,Ji,C:\Windows\System32\hkcmd.exe,8M,04:08:54,Intel Corporation,,
igfxpers.exe,4676,3068,Ji,C:\Windows\System32\igfxpers.exe,9M,04:08:53,Intel Corporation,,
igfxtray.exe,4508,3068,Ji,C:\Windows\System32\igfxtray.exe,8M,04:08:54,Intel Corporation,,
igfxupdate.exe *32,3572,1028,SYSTEM,C:\Windows\SysWOW64\igfxupdate.exe,5M,04:09:31,Intel Corporation,,
IntelMeFWService.exe *32,1700,812,SYSTEM,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe,3M,04:10:01,,,
iusb3mon.exe *32,3916,3068,Ji,C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe,6M,04:09:18,Intel Corporation,,
Jhi_service.exe *32,1812,812,SYSTEM,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe,5M,04:10:01,Intel Corporation,,
jusched.exe *32,1956,3068,Ji,C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe,5M,04:09:07,Sun Microsystems, Inc.,,
KMPlayer.exe *32,6016,940,Ji,C:\Program Files (x86)\The KMPlayer\KMPlayer.exe,37M,01:05:36,KMP Media co.,Ltd,,
LMS.exe *32,4552,812,SYSTEM,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe,5M,04:07:25,Intel Corporation,,
lsass.exe,828,704,SYSTEM,C:\Windows\System32\lsass.exe,12M,04:10:04,Microsoft Corporation,,
lsm.exe,836,704,SYSTEM,C:\Windows\System32\lsm.exe,4M,04:10:04,Microsoft Corporation,,
MpCmdRun.exe,2644,4864,,C:\Program Files\Windows Defender\MpCmdRun.exe,5M,00:00:20,Microsoft Corporation,,
MSOSYNC.EXE *32,5080,3068,Ji,C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE,12M,04:08:39,Microsoft Corporation,,
MuteSync.exe,3260,3068,Ji,C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe,28M,04:09:16,Lenovo,,
nvtray.exe,3700,1360,Ji,C:\Program Files\NVIDIA Corporation\Display\nvtray.exe,23M,04:08:13,NVIDIA Corporation,,
nvvsvc.exe,1000,812,SYSTEM,C:\Windows\System32\nvvsvc.exe,7M,04:10:02,NVIDIA Corporation,,
nvvsvc.exe,1376,1000,SYSTEM,C:\Windows\System32\nvvsvc.exe,13M,04:10:01,NVIDIA Corporation,,
nvxdsync.exe,1360,1000,SYSTEM,C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe,18M,04:10:01,NVIDIA Corporation,,
OnekeyStudio.exe,300,3068,Ji,C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe,13M,04:09:19,Lenovo,,
OnekeySupport.exe *32,3988,300,Ji,C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe,5M,04:09:17,,,
OSPPSVC.EXE,5020,812,NETWORK SERVICE,C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE,9M,03:12:02,Microsoft Corporation,,
pcee4.exe,2576,3068,Ji,C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe,37M,04:09:17,Dolby Laboratories Inc.,,
PowerTool.exe *32,5424,2608,Ji,C:\Users\Ji,20M,00:00:22,http://hi.baidu.com/ithurricane,,
RAVBg64.exe,4768,3068,Ji,C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe,11M,04:08:51,Realtek Semiconductor,,
RAVCpl64.exe,4700,3068,Ji,C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe,12M,04:08:51,Realtek Semiconductor,,
RegSrvc.exe,2880,812,SYSTEM,C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe,7M,04:09:50,Intel(R) Corporation,,
rundll32.exe,1744,1504,SYSTEM,C:\Windows\System32\rundll32.exe,528K,04:10:01,Microsoft Corporation,,
rundll32.exe *32,3720,4528,Ji,C:\Windows\SysWOW64\rundll32.exe,6M,04:07:50,Microsoft Corporation,,
SearchFilterHost.exe,5664,2728,SYSTEM,C:\Windows\System32\SearchFilterHost.exe,5M,00:00:22,Microsoft Corporation,,
SearchIndexer.exe,2728,812,SYSTEM,C:\Windows\System32\SearchIndexer.exe,20M,04:09:52,Microsoft Corporation,,
SearchProtocolHost.exe,5824,2728,SYSTEM,C:\Windows\System32\SearchProtocolHost.exe,8M,00:00:22,Microsoft Corporation,,
services.exe,812,704,SYSTEM,C:\Windows\System32\services.exe,10M,04:10:04,Microsoft Corporation,,
smss.exe,384,4,SYSTEM,C:\Windows\System32\smss.exe,1M,04:10:20,Microsoft Corporation,,
spoolsv.exe,2804,812,SYSTEM,C:\Windows\System32\spoolsv.exe,12M,04:09:51,Microsoft Corporation,,
svchost.exe,160,812,NETWORK SERVICE,C:\Windows\System32\svchost.exe,10M,04:10:02,Microsoft Corporation,,
svchost.exe,432,812,SYSTEM,C:\Windows\System32\svchost.exe,140M,04:10:02,Microsoft Corporation,,
svchost.exe,604,812,LOCAL SERVICE,C:\Windows\System32\svchost.exe,20M,04:10:02,Microsoft Corporation,,
svchost.exe,940,812,SYSTEM,C:\Windows\System32\svchost.exe,10M,04:10:03,Microsoft Corporation,,
svchost.exe,1028,812,SYSTEM,C:\Windows\System32\svchost.exe,44M,04:10:02,Microsoft Corporation,,
svchost.exe,1156,812,LOCAL SERVICE,C:\Windows\System32\svchost.exe,12M,04:10:02,Microsoft Corporation,,
svchost.exe,1224,812,NETWORK SERVICE,C:\Windows\System32\svchost.exe,33M,04:10:02,Microsoft Corporation,,
svchost.exe,1492,812,LOCAL SERVICE,C:\Windows\System32\svchost.exe,12M,04:10:01,Microsoft Corporation,,
svchost.exe,1892,812,LOCAL SERVICE,C:\Windows\System32\svchost.exe,6M,04:10:00,Microsoft Corporation,,
svchost.exe,1968,812,SYSTEM,C:\Windows\System32\svchost.exe,33M,04:10:00,Microsoft Corporation,,
svchost.exe,2340,812,NETWORK SERVICE,C:\Windows\System32\svchost.exe,5M,04:09:57,Microsoft Corporation,,
svchost.exe,4996,812,LOCAL SERVICE,C:\Windows\System32\svchost.exe,12M,04:08:45,Microsoft Corporation,,
svchost.exe *32,4164,3356,Ji,C:\Users\JIMACH~1\AppData\Local\Temp\svchost.exe,11M,04:08:33,,,
SynLenovoGestureMgr.exe,2624,3068,Ji,C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe,10M,04:09:19,Synaptics,,
SynTPEnh.exe,2496,3068,Ji,C:\Program Files\Synaptics\SynTP\SynTPEnh.exe,15M,04:09:19,Synaptics Incorporated,,
SynTPHelper.exe,2056,2528,Ji,C:\Program Files\Synaptics\SynTP\SynTPHelper.exe,3M,04:09:14,Synaptics Incorporated,,
System,4,0,,,0K,00:00:00,,,
System,4,0,,,6M,00:00:00,,,
taskeng.exe,1504,1028,SYSTEM,C:\Windows\System32\taskeng.exe,5M,04:10:01,Microsoft Corporation,,
taskeng.exe,3800,1028,Ji,C:\Windows\System32\taskeng.exe,7M,04:09:26,Microsoft Corporation,,
taskhost.exe,2452,812,Ji,C:\Windows\System32\taskhost.exe,8M,04:09:56,Microsoft Corporation,,
TeamViewer_Service.exe *32,3272,812,SYSTEM,C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe,10M,04:09:32,TeamViewer GmbH,,
TouchZone.exe *32,4080,3068,Ji,C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe,37M,04:09:14,,,
UNS.exe *32,3224,812,SYSTEM,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe,9M,04:06:51,Intel Corporation,,
unsecapp.exe,3172,940,,C:\Windows\System32\wbem\unsecapp.exe,5M,04:09:32,Microsoft Corporation,,
utility.exe,3132,3068,Ji,C:\Program Files (x86)\Lenovo\Energy Management\utility.exe,17M,04:09:19,Lenovo(beijing) Limited,,
VM331_STI.EXE *32,3968,3068,Ji,C:\Program Files (x86)\USB Camera\VM331_STI.EXE,7M,04:09:17,Vimicro,,
wininit.exe,704,448,SYSTEM,C:\Windows\System32\wininit.exe,4M,04:10:06,Microsoft Corporation,,
winlogon.exe,768,712,SYSTEM,C:\Windows\System32\winlogon.exe,7M,04:10:05,Microsoft Corporation,,
wlanext.exe,1420,432,SYSTEM,C:\Windows\System32\wlanext.exe,15M,04:10:01,Microsoft Corporation,,
WLIDSVC.EXE,2628,812,SYSTEM,C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE,14M,04:07:18,Microsoft Corp.,,
WLIDSVCM.EXE,4696,2628,SYSTEM,C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE,3M,04:07:17,Microsoft Corp.,,
WmiPrvSE.exe,3288,940,,C:\Windows\System32\wbem\WmiPrvSE.exe,10M,04:09:32,Microsoft Corporation,,
YCMMirage.exe *32,3836,3800,Ji,C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe,568K,04:09:26,CyberLink,,
ZeroConfigService.exe,2012,812,SYSTEM,C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe,14M,04:10:00,Intel,,
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#22 Příspěvek od jiri.machacek »

# AdwCleaner v2.104 - Logfile created 12/30/2012 at 11:02:23
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jiří Macháček - JIRIMACHACEK-PC
# Boot Mode : Normal
# Running from : C:\Users\Jiří Macháček\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\JIMACH~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Jiří Macháček\AppData\Local\Conduit
Folder Found : C:\Users\Jiří Macháček\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jiří Macháček\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKU\S-1-5-21-2856728328-268126089-1173279329-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-2856728328-268126089-1173279329-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41}

-\\ Mozilla Firefox v14.0.1 (cs)

File : C:\Users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Jiří Macháček\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6091 octets] - [30/12/2012 11:02:23]

########## EOF - C:\AdwCleaner[R1].txt - [6151 octets] ##########
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#23 Příspěvek od jiri.machacek »

# AdwCleaner v2.104 - Logfile created 12/30/2012 at 11:06:03
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jiří Macháček - JIRIMACHACEK-PC
# Boot Mode : Normal
# Running from : C:\Users\Jiří Macháček\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\JIMACH~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Jiří Macháček\AppData\Local\Conduit
Folder Deleted : C:\Users\Jiří Macháček\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jiří Macháček\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={ED863D6A-22D4-11E2-BE2A-047D7B8A1D41} --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (cs)

File : C:\Users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\prefs.js

C:\Users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\user.js ... Deleted !

Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Jiří Macháček\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6206 octets] - [30/12/2012 11:02:23]
AdwCleaner[S1].txt - [6147 octets] - [30/12/2012 11:06:03]

########## EOF - C:\AdwCleaner[S1].txt - [6207 octets] ##########
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#24 Příspěvek od jiri.machacek »

googledrivesync.exe *32 tam je dvakrát se stejnou cestou, mám smazat oba?
igfxupdate.exe tam není vůbec
SearchIndexer taky není v Services
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#25 Příspěvek od jiri.machacek »

tyhle jsem nenašel, ostatní ano.
složky:
---------
delete directory
c:\users\Jiří Macháček\AppData\Local\Temp\_MEI45842\
c:\users\JIMACH~1\AppData\Local\Temp\_MEI45842
C:\Windows\SysWOW64\update\

soubory:
------------
force delete
C:\Windows\system32\igfxupdate.exe
c:\windows\SysWow64\igfxupdate.exe
C:\Windows\SysWOW64\update\igfxupdate.exe

C:\Users\Jiří Macháček\AppData\Local\Temp - zde mám vymazat úplně všechny souboru nebo jen JOB?
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#26 Příspěvek od jiri.machacek »

tak snad všechno co jsem našel odstraněno, restartováno. co teď?
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#27 Příspěvek od jiri.machacek »

ComboFix 12-12-29.02 - Jiří Macháček 30.12.2012 13:20:58.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8055.6460 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý MachßŔek\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-28 do 2012-12-30 )))))))))))))))))))))))))))))))
.
.
2012-12-30 12:26 . 2012-12-30 12:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-30 12:26 . 2012-12-30 12:26 -------- d-----w- c:\users\Ji°Ý MachßŔek\AppData\Local\temp
2012-12-30 12:26 . 2012-12-30 12:26 -------- d-----w- c:\users\hedev\AppData\Local\temp
2012-12-30 12:26 . 2012-12-30 12:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-29 09:58 . 2012-12-29 09:58 -------- d-----w- C:\_OTL
2012-12-28 23:36 . 2012-12-28 23:37 -------- d-----w- c:\programdata\TuneUp Software
2012-12-28 23:36 . 2012-12-29 14:42 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-28 23:35 . 2012-12-29 19:05 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-12-28 21:46 . 2012-12-29 10:45 512 ----a-w- C:\PhysicalMBR.bin
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- C:\rsit
2012-12-28 21:27 . 2012-12-28 21:27 -------- d-----w- c:\program files\trend micro
2012-12-23 11:38 . 2012-12-23 11:41 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-12-23 11:38 . 2012-12-23 11:41 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-12-23 11:38 . 2012-12-23 11:41 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-12-21 18:17 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:17 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:17 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 13:35 . 2012-12-19 13:35 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\ElevatedDiagnostics
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\programdata\Malwarebytes
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-19 13:19 . 2012-12-19 13:19 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\Programs
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\windows\PCHEALTH
2012-12-18 16:41 . 2012-12-18 16:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2012-12-18 16:39 . 2012-12-18 16:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-12-18 16:38 . 2012-12-18 16:38 -------- d-----r- C:\MSOCache
2012-12-09 21:00 . 2012-12-09 21:00 -------- d-----w- c:\users\Jiří Macháček\AppData\Local\SKIDROW
2012-12-09 20:34 . 2012-12-23 11:34 -------- d-----w- C:\Temp
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\programdata\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\users\Jiří Macháček\AppData\Roaming\Canneverbe Limited
2012-12-02 17:06 . 2012-12-02 17:06 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 08:27 . 2012-08-07 08:14 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 11:53 . 2012-08-09 12:36 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 11:53 . 2012-08-09 12:36 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 07:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:27 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 07:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 07:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 07:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 07:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 11:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 07:50 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 07:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 07:49 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 07:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 07:49 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 07:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 07:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 07:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 07:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 07:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 07:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-10-02 22:21 . 2012-10-10 18:39 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-02 22:21 . 2012-10-10 18:39 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-02 22:21 . 2012-10-10 18:39 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-02 22:21 . 2012-10-10 18:39 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-02 22:21 . 2012-10-10 18:39 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-10-10 18:39 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-02 22:21 . 2012-10-10 18:39 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-02 22:21 . 2012-10-10 18:39 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-10-10 18:39 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-02 22:21 . 2012-10-10 18:39 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-10-10 18:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-10-10 18:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-10-10 18:39 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-02 22:21 . 2012-10-10 18:39 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-02 22:21 . 2012-10-10 18:39 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-02 22:21 . 2012-10-10 18:39 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-02 22:21 . 2012-10-10 18:39 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-02 22:21 . 2012-06-17 11:19 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-06-17 11:19 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-06-17 11:19 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-02 22:21 . 2012-06-17 11:19 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-02 22:21 . 2012-06-17 11:19 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 19:51 . 2012-06-17 11:19 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-06-17 11:19 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-06-17 11:19 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-06-17 11:19 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-06-17 11:19 866664 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-06-17 11:19 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-10-02 19:50 . 2012-06-17 11:19 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-06-17 11:19 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2012-06-17 11:19 440168 ----a-w- c:\windows\SysWow64\oemdspif.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
"MuteSync"="c:\program files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe" [2012-02-04 343040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"CAPOSD"="c:\progra~2\Lenovo\LENOVO~3\CAPOSD.exe" [2012-02-09 1876992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"NokiaMusic FastStart"="c:\program files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" [2011-10-21 2193000]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-2 1380128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-10-24 313960]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-07 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-06-17 57952]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-06-17 39008]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-06-17 13408]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-29 283200]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-06-17 30816]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-30 439064]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-06-17 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-17 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-17 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-06-17 206176]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-08-18 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jiří Macháček\AppData\Roaming\Mozilla\Firefox\Profiles\2f24sr6l.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-30 13:28:13
ComboFix-quarantined-files.txt 2012-12-30 12:28
ComboFix2.txt 2012-12-29 14:37
ComboFix3.txt 2012-12-29 12:46
.
Před spuštěním: Volných bajtů: 639 562 596 352
Po spuštění: Volných bajtů: 639 522 963 456
.
- - End Of File - - 474AF92F807A004A4D58699819090773
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#28 Příspěvek od jiri.machacek »

nechce mi to dovolit vytvoření archivu i bez BackEnv...
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#29 Příspěvek od jiri.machacek »

z testu SearchIndexer.exe na VT vyšlo Detection ratio: 0/45
v PT jsem smazal všechny tři soubory
MS Essentials mi pak nic nenašel
Nahoru
jiri.machacek
Návštěvník
Návštěvník
Příspěvky: 95
Registrován: 06 čer 2009 13:08

Re: Samovolné vypínání firewallu a antiviru

#30 Příspěvek od jiri.machacek »

škody žádné nezaznamenány

Service Name,Type,Status,Start Type,PID,Image Path,File Corporation,Description,Signature (Signed name),ServiceDll,Description

Adobe Acrobat Update Service,Own Process,Started,Automatic,2796,"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe",Adobe Systems Incorporated,Adobe Acrobat Updater keeps your Adobe software up to date.,,,,
Adobe Flash Player Update Service,Own Process,Stopped,Manual,,C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe,Adobe Systems Incorporated,Tato slu,,,,
Funk,Share Process,Started,Manual,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Zpracov¨˘v¨˘ po,,%SystemRoot%\System32\aelupsvc.dll,Microsoft Corporation,
Br¨˘na aplika,Own Process,Stopped,Manual,,C:\Windows\System32\alg.exe,Microsoft Corporation,Podporuje moduly plug-in jinych vyrobc,,,,
Identita aplikace,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Ur,,%SystemRoot%\System32\appidsvc.dll,Microsoft Corporation,
Informace o aplikaci,Share Process,Started,Manual,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Zaji,,%SystemRoot%\System32\appinfo.dll,Microsoft Corporation,
ASP.NET State Service,Own Process,Stopped,Manual,,C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe,Microsoft Corporation,Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.,,,,
Koncov¨¦ vytv¨˘,Share Process,Started,Automatic,644,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Spravuje zvukov¨˘ za,,%SystemRoot%\System32\Audiosrv.dll,Microsoft Corporation,
Zvuk syst¨¦mu Windows,Share Process,Started,Automatic,420,C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Spravuje zvukov¨˘ za,,%SystemRoot%\System32\Audiosrv.dll,Microsoft Corporation,
Instala,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k AxInstSVGroup,Microsoft Corporation,Poskytuje ov¨§,,%SystemRoot%\System32\AxInstSV.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,,,%SystemRoot%\System32\bdesvc.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,1652,C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork,Microsoft Corporation,Slu,,%SystemRoot%\System32\bfe.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,P,,%systemroot%\system32\qmgr.dll,Microsoft Corporation,
Ovlada,FS Driver,Started,Manual,,system32\DRIVERS\bowser.sys,Microsoft Corporation,Implementuje p,,,,
Prohled¨˘v¨˘n¨Ş po,Share Process,Started,Manual,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Udr,,%SystemRoot%\System32\browser.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k bthsvcs,Microsoft Corporation,Slu,,%SystemRoot%\system32\bthserv.dll,Microsoft Corporation,
Bluetooth Service,Own Process,Started,Automatic,1804,C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe,Broadcom Corporation.,Handles installation and removal of Bluetooth devices.,,,,
CD/DVD File System Reader,FS Driver,Started,Disabled,,system32\DRIVERS\cdfs.sys,Microsoft Corporation,ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces),,,,
,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Kop¨Şruje u,,%SystemRoot%\System32\certprop.dll,Microsoft Corporation,
Microsoft .NET Framework NGEN v2.0.50727_X86,Own Process,Stopped,Disabled,,C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe,Microsoft Corporation,Microsoft .NET Framework NGEN,,,,
Microsoft .NET Framework NGEN v2.0.50727_X64,Own Process,Stopped,Disabled,,C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe,Microsoft Corporation,Microsoft .NET Framework NGEN,,,,
Microsoft .NET Framework NGEN v4.0.30319_X86,Own Process,Stopped,Automatic,,C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe,Microsoft Corporation,Microsoft .NET Framework NGEN,,,,
Microsoft .NET Framework NGEN v4.0.30319_X64,Own Process,Stopped,Automatic,,C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe,Microsoft Corporation,Microsoft .NET Framework NGEN,,,,
Syst¨¦mov¨˘ aplikace modelu COM+,Own Process,Stopped,Manual,,C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235},Microsoft Corporation,Spravuje konfiguraci a sledov¨˘n¨Ş komponent zalo,,,,
Intel(R) Content Protection HECI Service,Own Process,Stopped,Manual,,C:\Windows\SysWow64\IntelCpHeciSvc.exe,Intel Corporation,Intel(R) Content Protection HECI Service - enables communication with the Content Protection FW,,,,
,Share Process,Started,Automatic,1248,C:\Windows\system32\svchost.exe -k NetworkService,Microsoft Corporation,,,%SystemRoot%\system32\cryptsvc.dll,Microsoft Corporation,
Spou,Share Process,Started,Automatic,900,C:\Windows\system32\svchost.exe -k DcomLaunch,Microsoft Corporation,Slu,,%SystemRoot%\system32\rpcss.dll,Microsoft Corporation,
Defragmentace disku,Own Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k defragsvc,Microsoft Corporation,Poskytuje mo,,%Systemroot%\System32\defragsvc.dll,Microsoft Corporation,
DFS Namespace Client Driver,FS Driver,Started,Automatic,,System32\Drivers\dfsc.sys,Microsoft Corporation,Client driver for access to DFS Namespaces,,,,
Klient DHCP,Share Process,Started,Automatic,420,C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Registruje a aktualizuje IP adresy a z¨˘znamy DNS pro tento po,,%SystemRoot%\system32\dhcpcore.dll,Microsoft Corporation,
Klient DNS,Share Process,Started,Automatic,1248,C:\Windows\system32\svchost.exe -k NetworkService,Microsoft Corporation,Slu,,%SystemRoot%\System32\dnsrslvr.dll,Microsoft Corporation,
Wired AutoConfig Service,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Slu,,%SystemRoot%\System32\dot3svc.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,1652,C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork,Microsoft Corporation,Slu,,%SystemRoot%\system32\dps.dll,Microsoft Corporation,
Protokol EAP (Extensible Authentication Protocol),Share Process,Started,Manual,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Slu,,%SystemRoot%\System32\eapsvc.dll,Microsoft Corporation,
Syst¨¦m soubor,Share Process,Stopped,Manual,,C:\Windows\System32\lsass.exe,Microsoft Corporation,Poskytuje z¨˘kladn¨Ş technologii ,,,,
Slu,Own Process,Stopped,Manual,,C:\Windows\ehome\ehRecvr.exe,Microsoft Corporation,Slu,,,,
Slu,Own Process,Stopped,Manual,,C:\Windows\ehome\ehsched.exe,Microsoft Corporation,Zah¨˘j¨Ş a ukon,,,,
Protokol ud¨˘lost¨Ş syst¨¦mu Windows,Share Process,Started,Automatic,420,C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Tato slu,,,,
Syst¨¦m ud¨˘lost¨Ş COM+,Share Process,Started,Automatic,1180,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Podporuje slu,,%systemroot%\system32\es.dll,Microsoft Corporation,
Intel(R) PROSet/Wireless Event Log,Own Process,Started,Automatic,2196,C:\Program Files\Intel\WiFi\bin\EvtEng.exe,Intel(R) Corporation,Manages the event trace messages for all the Intel,,,,
exFAT File System Driver,FS Driver,Stopped,Manual,,,,exFAT File System Driver,,,,
FAT12/16/32 File System Driver,FS Driver,Stopped,Manual,,,,Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces),,,,
Fax,Own Process,Stopped,Manual,,C:\Windows\system32\fxssvc.exe,Microsoft Corporation,Umo,,,,
Hostitel poskytovatele rozpozn¨˘v¨˘n¨Ş funkce,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,,,%SystemRoot%\system32\fdPHost.dll,Microsoft Corporation,
Publikov¨˘n¨Ş prost,Share Process,Started,Automatic,4116,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Publikuje tento po,,%SystemRoot%\system32\fdrespub.dll,Microsoft Corporation,
File Information FS MiniFilter,FS Driver,Started,Automatic,,\SystemRoot\system32\drivers\fileinfo.sys,Microsoft Corporation,Collects information about files in memory to be consumed by other system services.,,,,
Filetrace,FS Driver,Stopped,Manual,,system32\drivers\filetrace.sys,Microsoft Corporation,ETW File Trace Filter,,,,
Spr¨˘vce filtr,FS Driver,Started,Automatic,,\SystemRoot\system32\drivers\fltmgr.sys,Microsoft Corporation,Ovlada,,,,
Mezipam¨§,Share Process,Started,Automatic,4116,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Optimalizuje vykon aplikac¨Ş ulo,,%SystemRoot%\system32\FntCache.dll,Microsoft Corporation,
Windows Presentation Foundation Font Cache 3.0.0.0,Own Process,Stopped,Manual,,C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe,Microsoft Corporation,Optimalizuje vykon aplikac¨Ş Windows Presentation Foundation (WPF) ukl¨˘d¨˘n¨Şm nej,,,,
File System Dependency Minifilter,FS Driver,Stopped,Manual,,System32\drivers\FsDepends.sys,Microsoft Corporation,This minifilter tracks the dependencies associated with the various nested volumes/filesystems,,,,
Windows Live Family Safety Service,Own Process,Stopped,Manual,,"C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe",Microsoft Corporation,This service enables Family Safety on the computer. If this service is not running, Family Safety will not work.,,,,
Klient z¨˘sad skupiny,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Slu,,%SystemRoot%\System32\gpsvc.dll,Microsoft Corporation,
P,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Umo,,%SystemRoot%\System32\hidserv.dll,Microsoft Corporation,
Spr¨˘va kl¨Ş,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Poskytuje certifik¨˘t X.509 a slu,,%SystemRoot%\system32\kmsvc.dll,Microsoft Corporation,
Naslouchac¨Ş proces dom¨˘c¨Ş skupiny,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Provede zm¨§ny v m¨Şstn¨Şm po,,%SystemRoot%\system32\ListSvc.dll,Microsoft Corporation,
Zprost,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Provede ¨˛koly pr¨˘ce v s¨Şti spojen¨¦ s konfigurac¨Ş a ¨˛dr,,%SystemRoot%\system32\provsvc.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,"C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe",Microsoft Corporation,Povoluje bezpe,,,,
Slu,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,,,%SystemRoot%\System32\ikeext.dll,Microsoft Corporation,
Intel(R) Capability Licensing Service Interface,Own Process,Started,Automatic,1848,"C:\Program Files\Intel\iCLS Client\HeciServer.exe",Intel(R) Corporation,Version: 1.23.605.1,,,,
Intel(R) ME Service,Own Process,Started,Automatic,1920,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe,,Intel,,,,
Rozpozn¨˘vac¨Ş modul sb¨§rnice PnP-X IP,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Slu,,%SystemRoot%\system32\ipbusenum.dll,Microsoft Corporation,
Pomocn¨˘ slu,Share Process,Started,Automatic,616,C:\Windows\System32\svchost.exe -k NetSvcs,Microsoft Corporation,Umo,,%SystemRoot%\System32\iphlpsvc.dll,Microsoft Corporation,
Intel(R) Dynamic Application Loader Host Interface Service,Own Process,Started,Automatic,472,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe,Intel Corporation,Intel(R) Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel (R) DAL,,,,
Izolace kl¨Ş,Share Process,Started,Manual,792,C:\Windows\system32\lsass.exe,Microsoft Corporation,Hostitelem slu,,,,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation,Microsoft Corporation,Koordinuje transakce mezi slu,,%systemroot%\system32\msdtckrm.dll,Microsoft Corporation,
Server,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Podporuje pro tento po,,%SystemRoot%\System32\srvsvc.dll,Microsoft Corporation,
Pracovn¨Ş stanice,Share Process,Started,Automatic,1248,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,Vytv¨˘,,%SystemRoot%\System32\wkssvc.dll,Microsoft Corporation,
Mapova,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalService,Microsoft Corporation,Vytvo,,%SystemRoot%\System32\lltdsvc.dll,Microsoft Corporation,
Podpora rozhran¨Ş NetBIOS nad protokolem TCP/IP,Share Process,Started,Automatic,420,C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Poskytuje slu,,%SystemRoot%\System32\lmhsvc.dll,Microsoft Corporation,
Intel(R) Management and Security Application Local Management Service,Own Process,Started,Automatic,2328,C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe,Intel Corporation,Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces.,,,,
Virtualizace soubor,FS Driver,Started,Automatic,,\SystemRoot\system32\drivers\luafv.sys,Microsoft Corporation,Virtualizuje chyby z¨˘pisu do souboru do um¨Şst¨§n¨Ş jednotlivych u,,,,
Slu,Share Process,Stopped,Disabled,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Umo,,%SystemRoot%\system32\Mcx2Svc.dll,Microsoft Corporation,
Microsoft SharePoint Workspace Audit Service,Own Process,Stopped,Manual,,"C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice,Microsoft Corporation,,,,,
Slu,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Povol¨Ş relativn¨Ş up,,%SystemRoot%\system32\mmcss.dll,Microsoft Corporation,
Mozilla Maintenance Service,Own Process,Stopped,Manual,,"C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe",Mozilla Foundation,Slu,,,,
Br¨˘na Windows Firewall,Share Process,Started,Automatic,1652,C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork,Microsoft Corporation,Br¨˘na Windows Firewall pom¨˘h¨˘ chr¨˘nit po,,%SystemRoot%\system32\mpssvc.dll,Microsoft Corporation,
Ovlada,FS Driver,Stopped,Manual,,\SystemRoot\system32\drivers\mrxdav.sys,Microsoft Corporation,S¨Ş,,,,
Ob¨˘lka a j¨˘dro minip,FS Driver,Started,Manual,,system32\DRIVERS\mrxsmb.sys,Microsoft Corporation,Implementuje platformu pro p,,,,
Mini-p,FS Driver,Started,Manual,,system32\DRIVERS\mrxsmb10.sys,Microsoft Corporation,Implementuje protokol SMB 1.x (CIFS). Tento protokol zaji,,,,
Mini-p,FS Driver,Started,Manual,,system32\DRIVERS\mrxsmb20.sys,Microsoft Corporation,Implementuje protokol SMB 1.x (CIFS). Tento protokol zaji,,,,
Slu,Own Process,Stopped,Manual,,C:\Windows\System32\msdtc.exe,Microsoft Corporation,Zaji,,,,
Msfs,FS Driver,Started,Automatic,,,,,,,,
Slu,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Spravuje internetov¨¦ relace SCSI (iSCSI) z tohoto po,,%systemroot%\system32\iscsiexe.dll,Microsoft Corporation,
Instala,Own Process,Stopped,Manual,,C:\Windows\system32\msiexec.exe /V,Microsoft Corporation,Umo,,,,
Mup,FS Driver,Started,Automatic,,\SystemRoot\System32\Drivers\mup.sys,Microsoft Corporation,Multiple UNC Provider Driver,,,,
Wireless PAN DHCP Server,Own Process,Stopped,Manual,,C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe,,,,,,
Agent architektury NAP (Network Access Protection),Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,,,%SystemRoot%\system32\qagentRT.dll,Microsoft Corporation,
NetBIOS Interface,FS Driver,Started,Automatic,,system32\DRIVERS\netbios.sys,Microsoft Corporation,NetBIOS Interface,,,,
Slu,Share Process,Stopped,Manual,,C:\Windows\system32\lsass.exe,Microsoft Corporation,Udr,,,,
S¨Ş,Share Process,Started,Manual,644,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Spravuje objekty ve slo,,%SystemRoot%\System32\netman.dll,Microsoft Corporation,
Net.Msmq Listener Adapter,Share Process,Stopped,Disabled,,"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator,Microsoft Corporation,Receives activation requests over the net.msmq and msmq.formatname protocols and passes them to the Windows Process Activation Service.,,,,
Net.Pipe Listener Adapter,Share Process,Stopped,Disabled,,C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe,Microsoft Corporation,Receives activation requests over the net.pipe protocol and passes them to the Windows Process Activation Service.,,,,
Slu,Share Process,Started,Manual,1180,C:\Windows\System32\svchost.exe -k LocalService,Microsoft Corporation,Ozna,,%SystemRoot%\System32\netprofm.dll,Microsoft Corporation,
Net.Tcp Listener Adapter,Share Process,Stopped,Disabled,,C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe,Microsoft Corporation,Receives activation requests over the net.tcp protocol and passes them to the Windows Process Activation Service.,,,,
Net.Tcp Port Sharing Service,Share Process,Stopped,Disabled,,C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe,Microsoft Corporation,Provides ability to share TCP ports over the net.tcp protocol.,,,,
Sledov¨˘n¨Ş um¨Şst¨§n¨Ş v s¨Şti (NLA),Share Process,Started,Automatic,1248,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,Shroma,,%SystemRoot%\System32\nlasvc.dll,Microsoft Corporation,
Npfs,FS Driver,Started,Automatic,,,,,,,,
Fast boot service of lenovo,Own Process,Stopped,Automatic,,C:\Windows\System32\NSDSvc.exe,Lenovo,Fastest Windows boot time need this service.,,,,
Slu,Share Process,Started,Automatic,1180,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Tato slu,,%systemroot%\system32\nsisvc.dll,Microsoft Corporation,
Ntfs,FS Driver,Started,Manual,,,,,,,,
NVIDIA Display Driver Service,Own Process,Started,Automatic,960,C:\Windows\system32\nvvsvc.exe,NVIDIA Corporation,Provides system and desktop level support to the NVIDIA display driver,,,,
NVIDIA Update Service Daemon,Own Process,Stopped,Automatic,,C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe,NVIDIA Corporation,NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server.,,,,
Office Source Engine,Own Process,Stopped,Manual,,"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE",Microsoft Corporation,Ulo,,,,
Office Software Protection Platform,Own Process,Stopped,Manual,,"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE",Microsoft Corporation,Office Software Protection Platform Service (unlocalized description),,,,
Spr¨˘vce identit s¨Şt¨§ rovnocennych po,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServicePeerNet,Microsoft Corporation,Poskytuje slu,,%SystemRoot%\system32\pnrpsvc.dll,Microsoft Corporation,
Seskupov¨˘n¨Ş v s¨Şt¨Şch peer-to-peer,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServicePeerNet,Microsoft Corporation,Umo,,%SystemRoot%\system32\p2psvc.dll,Microsoft Corporation,
Program Compatibility Assistant Service,Share Process,Started,Automatic,644,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Tato slu,,%SystemRoot%\System32\pcasvc.dll,Microsoft Corporation,
Hostitel knihoven DLL ,Own Process,Stopped,Manual,,C:\Windows\SysWow64\perfhost.exe,Microsoft Corporation,Umo,,,,
Vystrahy a protokolov¨˘n¨Ş vykonu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork,Microsoft Corporation,,,%systemroot%\system32\pla.dll,Microsoft Corporation,
Plug and Play,Share Process,Started,Automatic,900,C:\Windows\system32\svchost.exe -k DcomLaunch,Microsoft Corporation,Umo,,%SystemRoot%\system32\umpnpmgr.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServicePeerNet,Microsoft Corporation,Tato slu,,%SystemRoot%\system32\pnrpauto.dll,Microsoft Corporation,
Protokol PNRP (Peer Name Resolution Protocol),Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServicePeerNet,Microsoft Corporation,Umo,,%SystemRoot%\system32\pnrpsvc.dll,Microsoft Corporation,
Agent z¨˘sad protokolu IPsec,Share Process,Started,Automatic,2584,C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted,Microsoft Corporation,,,%SystemRoot%\System32\ipsecsvc.dll,Microsoft Corporation,
Nap¨˘jen¨Ş,Share Process,Started,Automatic,900,C:\Windows\system32\svchost.exe -k DcomLaunch,Microsoft Corporation,Spravuje z¨˘sady nap¨˘jen¨Ş a doru,,%SystemRoot%\system32\umpo.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Tato slu,,%systemroot%\system32\profsvc.dll,Microsoft Corporation,
Chr¨˘n¨§n¨¦ ¨˛lo,Share Process,Stopped,Manual,,C:\Windows\system32\lsass.exe,Microsoft Corporation,Zaji,,,,
Sada qWave (Quality Windows Audio Video Experience),Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Sada qWave (Quality Windows Audio Video Experience) je s¨Ş,,%windir%\system32\qwave.dll,Microsoft Corporation,
Spr¨˘vce automatick¨¦ho p,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,P,,%SystemRoot%\System32\rasauto.dll,Microsoft Corporation,
Spr¨˘vce vzd¨˘len¨¦ho p,Share Process,Started,Manual,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Vytvo,,%SystemRoot%\System32\rasmans.dll,Microsoft Corporation,
Podsyst¨¦m p,FS Driver,Started,Automatic,,system32\DRIVERS\rdbss.sys,Microsoft Corporation,Poskytuje platformu pro s¨Ş,,,,
Intel(R) PROSet/Wireless Registry Service,Own Process,Started,Automatic,1412,C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe,Intel(R) Corporation,Provides registry access to all Intel,,,,
Sm¨§rov¨˘n¨Ş a vzd¨˘leny p,Share Process,Stopped,Disabled,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Nab¨Şz¨Ş spole,,%SystemRoot%\System32\mprdim.dll,Microsoft Corporation,
Vzd¨˘leny registr,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k regsvc,Microsoft Corporation,Umo,,%SystemRoot%\system32\regsvc.dll,Microsoft Corporation,
Mapova,Share Process,Started,Automatic,1004,C:\Windows\system32\svchost.exe -k RPCSS,Microsoft Corporation,P,,%SystemRoot%\System32\RpcEpMap.dll,Microsoft Corporation,
Lok¨˘tor vzd¨˘len¨¦ho vol¨˘n¨Ş procedur (RPC),Own Process,Stopped,Manual,,C:\Windows\system32\locator.exe,Microsoft Corporation,V syst¨¦mu Windows 2003 a v d,,,,
Vzd¨˘len¨¦ vol¨˘n¨Ş procedur (RPC),Share Process,Started,Automatic,1004,C:\Windows\system32\svchost.exe -k rpcss,Microsoft Corporation,Slu,,%SystemRoot%\System32\rpcss.dll,Microsoft Corporation,
Spr¨˘vce zabezpe,Share Process,Started,Automatic,792,C:\Windows\system32\lsass.exe,Microsoft Corporation,Spu,,,,
,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Spravuje p,,%SystemRoot%\System32\SCardSvr.dll,Microsoft Corporation,
Pl¨˘nova,Share Process,Started,Automatic,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Umo,,%systemroot%\system32\schedsvc.dll,Microsoft Corporation,
Z¨˘sady odebr¨˘n¨Ş ,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Umo,,%SystemRoot%\System32\certprop.dll,Microsoft Corporation,
Windows Z¨˘lohov¨˘n¨Ş,Own Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k SDRSVC,Microsoft Corporation,Poskytuje funkce z¨˘lohov¨˘n¨Ş a obnoven¨Ş syst¨¦mu Windows.,,%Systemroot%\System32\SDRSVC.dll,Microsoft Corporation,
Sekund¨˘rn¨Ş p,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Umo,,%windir%\system32\seclogon.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Monitoruje syst¨¦mov¨¦ ud¨˘losti a upozor¨ľuje na n¨§ p,,%SystemRoot%\system32\sens.dll,Microsoft Corporation,
Adaptivn¨Ş jas,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Sleduje senzory okoln¨Şch sv¨§telnych podm¨Şnek, detekuje jejich zm¨§ny a p,,%SystemRoot%\system32\sensrsvc.dll,Microsoft Corporation,
ServiceLayer,Own Interactive Process,Stopped,Manual,,"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe",Nokia,,,,,
Konfigurace vzd¨˘len¨¦ plochy,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Slu,,%SystemRoot%\system32\sessenv.dll,Microsoft Corporation,
Sd¨Şlen¨Ş p,Share Process,Stopped,Automatic,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Zaji,,%SystemRoot%\System32\ipnathlp.dll,Microsoft Corporation,
Rozpozn¨˘v¨˘n¨Ş hardwaru,Share Process,Started,Automatic,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Zprost,,%SystemRoot%\System32\shsvcs.dll,Microsoft Corporation,
Skype Updater,Own Process,Stopped,Automatic,,"C:\Program Files (x86)\Skype\Updater\Updater.exe",Skype Technologies,Enables the detection, download and installation of updates for Skype.,,,,
Zachyt¨˘v¨˘n¨Ş pro slu,Own Process,Stopped,Manual,,C:\Windows\System32\snmptrap.exe,Microsoft Corporation,P,,,,
Slu,Own Interactive Process,Started,Automatic,2992,C:\Windows\System32\spoolsv.exe,Microsoft Corporation,Na,,,,
Ochrana softwaru,Own Process,Stopped,Automatic,,C:\Windows\system32\sppsvc.exe,Microsoft Corporation,Umo,,,,
Slu,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Poskytuje aktivaci a upozorn¨§n¨Ş slu,,%SystemRoot%\system32\sppuinotify.dll,Microsoft Corporation,
Ovlada,FS Driver,Started,Manual,,System32\DRIVERS\srv.sys,Microsoft Corporation,Povoluje p,,,,
Ovlada,FS Driver,Started,Manual,,System32\DRIVERS\srv2.sys,Microsoft Corporation,Povoluje p,,,,
srvnet,FS Driver,Started,Manual,,System32\DRIVERS\srvnet.sys,Microsoft Corporation,,,,,
SSDP Discovery,Share Process,Started,Manual,4116,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Vyhled¨˘ s¨Ş,,%SystemRoot%\System32\ssdpsrv.dll,Microsoft Corporation,
Slu,Share Process,Started,Manual,1180,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Poskytuje podporu pro p,,%SystemRoot%\system32\sstpsvc.dll,Microsoft Corporation,
Na,Own Process,Started,Automatic,1488,C:\Windows\system32\svchost.exe -k imgsvc,Microsoft Corporation,Poskytuje slu,,%SystemRoot%\System32\wiaservc.dll,Microsoft Corporation,
SwitchBoard,Own Process,Stopped,Manual,,"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe",Adobe Systems Incorporated,,,,,
slu,Own Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k swprv,Microsoft Corporation,Spravuje softwarov¨¦ st¨Şnov¨¦ kopie sejmut¨¦ slu,,%Systemroot%\System32\swprv.dll,Microsoft Corporation,
Superfetch,Share Process,Started,Automatic,644,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,V pr,,%systemroot%\system32\sysmain.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Zap¨Şn¨˘ funkci pera a rukopisu po,,%SystemRoot%\System32\TabSvc.dll,Microsoft Corporation,
Telefonn¨Ş subsyst¨¦m,Share Process,Started,Manual,1248,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,Poskytuje podporu rozhran¨Ş TAPI pro programy, kter¨¦ ovl¨˘daj¨Ş telefonn¨Ş za,,%SystemRoot%\System32\tapisrv.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Umo,,%SystemRoot%\System32\tbssvc.dll,Microsoft Corporation,
TeamViewer 7,Own Process,Started,Automatic,3532,C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe,TeamViewer GmbH,TeamViewer Remote Software,,,,
Vzd¨˘len¨˘ plocha,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,Umo,,%SystemRoot%\System32\termsrv.dll,Microsoft Corporation,
Motivy,Share Process,Started,Automatic,616,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Zprost,,%SystemRoot%\system32\themeservice.dll,Microsoft Corporation,
Server pro ,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Umo,,%SystemRoot%\system32\mmcss.dll,Microsoft Corporation,
Klient slu,Share Process,Started,Automatic,644,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Spravuje propojen¨Ş mezi soubory NTFS v jednom po,,%SystemRoot%\System32\trkwks.dll,Microsoft Corporation,
Instala,Own Process,Stopped,Manual,,C:\Windows\servicing\TrustedInstaller.exe,Microsoft Corporation,Umo,,,,
udfs,FS Driver,Stopped,Disabled,,system32\DRIVERS\udfs.sys,Microsoft Corporation,Reads/Writes UDF 1.02,1.5,2.0x,2.5 disc formats, usually found on C/DVD discs. (Core) (All pieces),,,,
Zji,Own Interactive Process,Stopped,Manual,,C:\Windows\system32\UI0Detect.exe,Microsoft Corporation,Umo,,,,
Intel(R) Management and Security Application User Notification Service,Own Process,Started,Automatic,2840,"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe",Intel Corporation,Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device.,,,,
Hostitel za,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Povol¨Ş hostov¨˘n¨Ş za,,%SystemRoot%\System32\upnphost.dll,Microsoft Corporation,
Spr¨˘vce relac¨Ş spr¨˘vce oken plochy,Share Process,Started,Automatic,644,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Poskytuje slu,,%SystemRoot%\System32\uxsms.dll,Microsoft Corporation,
Spr¨˘vce pov¨§,Share Process,Started,Automatic,792,C:\Windows\system32\lsass.exe,Microsoft Corporation,Zaji,,,,
Virtu¨˘ln¨Ş disk,Own Process,Stopped,Manual,,C:\Windows\System32\vds.exe,Microsoft Corporation,Poskytuje slu,,,,
St¨Şnov¨˘ kopie svazku,Own Process,Stopped,Manual,,C:\Windows\system32\vssvc.exe,Microsoft Corporation,Spravuje a implementuje st¨Şnov¨¦ kopie pro z¨˘lohov¨˘n¨Ş nebo k jin¨¦mu ¨˛,,,,
Syst¨¦movy ,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Udr,,%systemroot%\system32\w32time.dll,Microsoft Corporation,
Slu,Own Process,Stopped,Manual,,C:\Windows\system32\Wat\WatAdminSvc.exe,Microsoft Corporation,Prov¨˘d¨Ş ov¨§,,,,
Slu,Own Process,Stopped,Manual,,"C:\Windows\system32\wbengine.exe",Microsoft Corporation,Slu,,,,
Biometrick¨˘ slu,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k WbioSvcGroup,Microsoft Corporation,Pomoc¨Ş Biometrick¨¦ slu,,%SystemRoot%\System32\wbiosrvc.dll,Microsoft Corporation,
Technologie Windows Connect Now ¨C Registr¨˘tor konfigurac¨Ş,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation,Microsoft Corporation,Slu,,%SystemRoot%\System32\wcncsvc.dll,Microsoft Corporation,
Syst¨¦m barev syst¨¦mu Windows,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k wcssvc,Microsoft Corporation,,,%SystemRoot%\System32\WcsPlugInService.dll,Microsoft Corporation,
Hostitel diagnostick¨¦ slu,Share Process,Started,Manual,1180,C:\Windows\System32\svchost.exe -k LocalService,Microsoft Corporation,Hostitel diagnostickych slu,,%SystemRoot%\system32\wdi.dll,Microsoft Corporation,
Hostitel diagnostick¨¦ho syst¨¦mu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Hostitel diagnostick¨¦ho syst¨¦mu je vyu,,%SystemRoot%\system32\wdi.dll,Microsoft Corporation,
Webovy klient,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Umo,,%SystemRoot%\System32\webclnt.dll,Microsoft Corporation,
Sb¨§r ud¨˘lost¨Ş syst¨¦mu Windows,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k NetworkService,Microsoft Corporation,Tato slu,,%SystemRoot%\system32\wecsvc.dll,Microsoft Corporation,
Podpora ovl¨˘dac¨Şho panelu Ozn¨˘men¨Ş a ,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k netsvcs,Microsoft Corporation,Tato slu,,%SystemRoot%\System32\wercplsupport.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k WerSvcGroup,Microsoft Corporation,Umo,,%SystemRoot%\System32\WerSvc.dll,Microsoft Corporation,
WIMMount,FS Driver,Stopped,Manual,,system32\drivers\wimmount.sys,Microsoft Corporation,WIM Image mount service driver,,,,
Windows Defender,Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k secsvcs,Microsoft Corporation,Ochrana p,,%ProgramFiles%\Windows Defender\mpsvc.dll,Microsoft Corporation,
Slu,Share Process,Started,Manual,1180,C:\Windows\system32\svchost.exe -k LocalService,Microsoft Corporation,Slu,,winhttp.dll,Microsoft Corporation,
Slu,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Poskytuje b¨§,,%SystemRoot%\system32\wbem\WMIsvc.dll,Microsoft Corporation,
Vzd¨˘len¨˘ spr¨˘va syst¨¦mu Windows (WS-Management),Share Process,Stopped,Manual,,C:\Windows\System32\svchost.exe -k NetworkService,Microsoft Corporation,,,%SystemRoot%\system32\WsmSvc.dll,Microsoft Corporation,
Automatick¨˘ konfigurace s¨Şt¨§ WLAN,Share Process,Started,Automatic,644,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,,,%SystemRoot%\System32\wlansvc.dll,Microsoft Corporation,
Windows Live Mesh remote connections service,Own Process,Stopped,Disabled,,"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe",Microsoft Corporation,Umo,,,,
Windows Live ID Sign-in Assistant,Own Process,Started,Automatic,4228,"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE",Microsoft Corp.,Enables Windows Live ID authentication.,,,,
WMI Performance Adapter,Own Process,Stopped,Manual,,C:\Windows\system32\wbem\WmiApSrv.exe,Microsoft Corporation,Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated.,,,,
Slu,Own Process,Stopped,Manual,,"C:\Program Files\Windows Media Player\wmpnetwk.exe",Microsoft Corporation,Sd¨Şl¨Ş knihovny programu Windows Media Player s ostatn¨Şmi hr¨˘,,,,
Parental Controls,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,Tato slu,,%SystemRoot%\System32\wpcsvc.dll,Microsoft Corporation,
Slu,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Vynucuje z¨˘sady skupiny pro vym¨§niteln¨˘ velkokapacitn¨Ş pam¨§,,%SystemRoot%\system32\wpdbusenum.dll,Microsoft Corporation,
Centrum zabezpe,Share Process,Started,Automatic,420,C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted,Microsoft Corporation,,,%SYSTEMROOT%\system32\wscsvc.dll,Microsoft Corporation,
Windows Search,Own Process,Started,Automatic,2816,C:\Windows\system32\SearchIndexer.exe /Embedding,Microsoft Corporation,Poskytuje indexov¨˘n¨Ş obsahu, ukl¨˘d¨˘n¨Ş vlastnost¨Ş do mezipam¨§ti a vysledky hled¨˘n¨Ş soubor,,,,
Windows Update,Share Process,Started,Automatic,616,C:\Windows\system32\svchost.exe -k netsvcs,Microsoft Corporation,Umo,,%systemroot%\system32\wuaueng.dll,Microsoft Corporation,
Platforma WDF (Windows Driver Foundation) ¨C platforma ovlada,Share Process,Started,Automatic,644,C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted,Microsoft Corporation,Vytv¨˘,,%SystemRoot%\System32\WUDFSvc.dll,Microsoft Corporation,
Automatick¨˘ konfigurace s¨Şt¨§ WWAN,Share Process,Stopped,Manual,,C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork,Microsoft Corporation,Tato slu,,%SystemRoot%\System32\wwansvc.dll,Microsoft Corporation,
Intel(R) PROSet/Wireless Zero Configuration Service,Own Process,Started,Automatic,1836,"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe",Intel,Manages the zero configuration service for all the Intel,,,,
Microsoft Malware Protection Driver,FS Driver,Started,Automatic,,system32\DRIVERS\MpFilter.sys,Microsoft Corporation,Microsoft On-Access Malware Protection Mini-Filter Driver,,,,
Microsoft Antimalware Service,Own Process,Started,Automatic,4920,"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe",Microsoft Corporation,Pom¨˘h¨˘ chr¨˘nit u,,,,
Microsoft Network Inspection,Own Process,Started,Manual,1664,"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe",Microsoft Corporation,Napom¨˘h¨˘ ochran¨§ p,,,,
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“