Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-07 19:55:03
Microsoft Windows 7 Ultimate
System drive C: has 342 GB (68%) free of 500 GB
Total RAM: 4095 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:16, on 7.3.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Users\Zdenda\AppData\Local\Temp\nsc4A36.tmp\ccsetup.exe
C:\Users\Zdenda\AppData\Local\Temp\nsp76F3.tmp\g\PF-Chrome-W78.exe
C:\Program Files (x86)\Google\GoogleUpdateSetup_latest.exe
C:\Users\Zdenda\AppData\Local\Temp\GUM95A5.tmp\GoogleUpdate.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files\trend micro\Zdenda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11463 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
taskeng.exe {F5E618B7-E65C-4E7F-B451-0DCF4C01C159}
taskeng.exe {267E828A-E9BB-4FAE-9960-CAB7BC1FBC38}
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe /schedule /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7534d1ab-e642-44ee-b933-f4fa12078a4b -SystemEventPortName:HostProcess-4234bb30-fd47-4e25-a25a-f49dc500fddc -IoCancelEventPortName:HostProcess-617c45dd-0165-4777-97cc-30c690ef1d1b -NonStateChangingEventPortName:HostProcess-36d872a8-4783-4d04-8958-775360277707 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a7b99387-1c09-4aae-b072-cbb8e3f24bc0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2052.10b1a100.277295073 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2052 "\\.\pipe\gecko-crash-server-pipe.2052" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe" --proxy-stub-channel=Flash3604.68E173D8.22334 --host-broker-channel=Flash3604.68E173D8.21504 --host-pid=3604 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe" --channel=6628.0041F700.362755329 --proxy-stub-channel=Flash3604.68E173D8.22334 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll" --host-npapi-version=27 --type=renderer
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Windows\system32\wuauclt.exe"
ccsetup.exe /L=1029
C:\Users\Zdenda\AppData\Local\Temp\nsp76F3.tmp\g\PF-Chrome-W78.exe /r1:PRFC /r2:PRFE /b:1
GoogleUpdateSetup_latest.exe /silent /install "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True&brand=PRFC" /appargs "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&installerdata=%7B%22browser%22%3A%7B%22show_home_button%22%3Atrue%7D%2C%22homepage%22%3A%22http%3A%2F%2Fwww.google.com%22%2C%22homepage_is_newtabpage%22%3Afalse%2C%22distribution%22%3A%7B%22oem_bubble%22%3Atrue%2C%22alternate_shortcut_text%22%3Afalse%2C%22skip_first_run_ui%22%3Atrue%2C%22show_welcome_page%22%3Atrue%2C%22import_search_engine%22%3Afalse%2C%22import_history%22%3Afalse%2C%22import_home_page%22%3Afalse%2C%22create_all_shortcuts%22%3Atrue%2C%22do_not_launch_chrome%22%3Atrue%2C%22make_chrome_default%22%3Atrue%2C%22verbose_logging%22%3Afalse%2C%22chrome_shortcut_icon_index%22%3A0%7D%7D"
C:\Users\Zdenda\AppData\Local\Temp\GUM95A5.tmp\GoogleUpdate.exe /silent /install "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&appname=Google%20Chrome&needsadmin=True&brand=PRFC" /appargs "appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}&installerdata=%7B%22browser%22%3A%7B%22show_home_button%22%3Atrue%7D%2C%22homepage%22%3A%22http%3A%2F%2Fwww.google.com%22%2C%22homepage_is_newtabpage%22%3Afalse%2C%22distribution%22%3A%7B%22oem_bubble%22%3Atrue%2C%22alternate_shortcut_text%22%3Afalse%2C%22skip_first_run_ui%22%3Atrue%2C%22show_welcome_page%22%3Atrue%2C%22import_search_engine%22%3Afalse%2C%22import_history%22%3Afalse%2C%22import_home_page%22%3Afalse%2C%22create_all_shortcuts%22%3Atrue%2C%22do_not_launch_chrome%22%3Atrue%2C%22make_chrome_default%22%3Atrue%2C%22verbose_logging%22%3Afalse%2C%22chrome_shortcut_icon_index%22%3A0%7D%7D"
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Users\Zdenda\Downloads\RSITx64.exe"
C:\Windows\system32\msiexec.exe /V
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
2013-02-19 22:12:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-17 19:11:24 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-02-17 11:58:07 ----D---- C:\Users\Zdenda\AppData\Roaming\RadeonPro
2013-02-17 11:57:46 ----D---- C:\Program Files (x86)\RadeonPro
2013-02-14 16:42:46 ----D---- C:\ProgramData\TERA
======List of files/folders modified in the last 1 months======
2013-03-07 19:55:11 ----D---- C:\Windows\Tasks
2013-03-07 19:55:11 ----D---- C:\Windows\system32\Tasks
2013-03-07 19:55:07 ----D---- C:\Windows\Temp
2013-03-07 19:55:04 ----RD---- C:\Program Files
2013-03-07 19:54:34 ----RD---- C:\Program Files (x86)
2013-03-07 19:50:43 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-07 19:34:07 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-07 13:03:36 ----D---- C:\Windows\system32\config
2013-03-07 11:54:14 ----D---- C:\ProgramData\AlawarWrapper
2013-03-07 11:51:38 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-06 20:48:14 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-06 20:18:11 ----D---- C:\Windows\SysWOW64
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:08:16 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:13 ----D---- C:\Windows\Prefetch
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
2013-03-05 19:11:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-05 19:11:02 ----HD---- C:\ProgramData
2013-03-03 20:11:58 ----D---- C:\Windows\System32
2013-03-03 20:11:58 ----D---- C:\Windows\inf
2013-03-03 20:11:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-03 18:03:53 ----SHD---- C:\System Volume Information
2013-03-02 12:40:20 ----D---- C:\Windows
2013-02-25 11:27:20 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-02-24 02:22:18 ----D---- C:\Windows\system32\catroot2
2013-02-21 08:17:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-17 19:11:18 ----RSD---- C:\Windows\assembly
2013-02-13 14:33:24 ----SHD---- C:\Windows\Installer
2013-02-13 14:33:21 ----D---- C:\ProgramData\Skype
2013-02-09 12:45:12 ----D---- C:\Windows\system32\wdi
2013-02-09 10:55:12 ----D---- C:\Windows\LiveKernelReports
2013-02-08 20:25:25 ----D---- C:\Program Files (x86)\McAfee Security Scan
2013-02-08 19:11:40 ----D---- C:\Program Files (x86)\Cheat Engine 6.2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-06 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-19 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
dost se spomalil PC prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: dost se spomalil PC prosim o kontrolu
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?