Prikladám log RSIT:
Dnes jsem klikl na jeden blby odkaz a bojim se viru. Bohuzel jsem nechcene zaspamoval pratele na fb. Notebook se mi castecne spomalil a nasel jsem jeden process csrss.exe nevim na co je. Muze mi nejaka dobra dusa mrknut na log.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lukas at 2013-03-17 20:28:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 323 GB (68%) free of 477 GB
Total RAM: 3566 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:14, on 17.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\helppane.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\trend micro\Lukas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [iFunBoxConnector] "C:\Program Files\i-Funbox DevTeam\ifb_conn.exe"
O4 - Startup: Dropbox.lnk = Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O10 - Unknown file in Winsock LSP: c:\program files\agilent\io libraries suite\lximdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agilent IO Libraries Service (AgilentIOLibrariesService) - Agilent - C:\Program Files\Agilent\IO Libraries Suite\AgilentIOLibrariesService.exe
O23 - Service: Agilent PXI Resource Manager (AgilentPXIResourceManager) - Agilent - C:\Program Files\Agilent\IO Libraries Suite\AgilentPXIResourceManager.exe
O23 - Service: Agilent mDNS Responder Service (AgtMdnsResponder) - Agilent - C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: FileOpen Manager Service (FileOpenManagerService) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 7870 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2ughkc4u.default
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2ughkc4u.default\extensions\
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-01-09 92232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-07 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-07 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-01-09 609864]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2012-07-04 3154464]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-10-03 38768]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-10-02 640376]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [2012-11-07 840624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iFunBoxConnector"=C:\Program Files\i-Funbox DevTeam\ifb_conn.exe [2012-11-20 812544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-10-02 640376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-10-03 38768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
C:\PROGRA~1\AIRMOU~1\AIRMOU~1\AIRMOU~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IO Control.lnk]
C:\Windows\INSTAL~1\{5D1F7~1\NEF379~1.EXE [2013-02-23 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
C:\Windows\INSTAL~1\{21E24~1\ICON3E~1.ICO [2013-02-22 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2011-07-20 275736]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-03-17 20:28:47 ----D---- C:\rsit
2013-03-17 20:28:47 ----D---- C:\Program Files\trend micro
2013-03-17 20:07:46 ----D---- C:\ProgramData\Mozilla
2013-03-17 20:07:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-17 20:07:44 ----D---- C:\Program Files\Mozilla Firefox
2013-03-17 20:00:46 ----SHD---- C:\$RECYCLE.BIN
2013-03-17 20:00:45 ----D---- C:\Windows\temp
2013-03-17 20:00:43 ----A---- C:\ComboFix.txt
2013-03-17 19:47:49 ----A---- C:\Windows\zip.exe
2013-03-17 19:47:49 ----A---- C:\Windows\SWSC.exe
2013-03-17 19:47:49 ----A---- C:\Windows\SWREG.exe
2013-03-17 19:47:49 ----A---- C:\Windows\sed.exe
2013-03-17 19:47:49 ----A---- C:\Windows\PEV.exe
2013-03-17 19:47:49 ----A---- C:\Windows\NIRCMD.exe
2013-03-17 19:47:49 ----A---- C:\Windows\MBR.exe
2013-03-17 19:47:49 ----A---- C:\Windows\grep.exe
2013-03-17 19:46:44 ----D---- C:\Qoobox
2013-03-17 19:46:25 ----D---- C:\Windows\erdnt
2013-03-17 17:43:29 ----A---- C:\Windows\ntbtlog.txt
2013-03-17 17:35:28 ----D---- C:\Windows\system32\appmgmt
2013-03-16 10:37:02 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-03-16 10:36:24 ----D---- C:\Program Files\iPod
2013-03-16 10:36:23 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-16 10:36:23 ----D---- C:\Program Files\iTunes
2013-03-16 10:12:47 ----D---- C:\Users\Lukas\AppData\Roaming\Software4u
2013-03-13 11:47:32 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 11:47:31 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 11:47:30 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 11:47:30 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 11:47:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 11:47:29 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 11:47:28 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 11:47:28 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 11:47:27 ----A---- C:\Windows\system32\url.dll
2013-03-13 11:47:27 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 11:47:26 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 11:47:25 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 11:47:23 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 11:47:21 ----A---- C:\Windows\system32\ieframe.dll
2013-03-09 12:16:09 ----D---- C:\Users\Lukas\AppData\Roaming\TrueCrypt
2013-03-09 12:15:30 ----A---- C:\Windows\system32\drivers\truecrypt.sys
2013-03-09 12:15:16 ----D---- C:\Program Files\TrueCrypt
2013-03-08 18:14:36 ----D---- C:\Users\Lukas\AppData\Roaming\yWorks
2013-03-08 17:52:35 ----D---- C:\Program Files\yWorks
2013-03-07 21:46:37 ----D---- C:\Windows\Minidump
2013-03-07 18:03:50 ----A---- C:\Windows\system32\javaws.exe
2013-03-07 18:03:43 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-07 18:03:43 ----A---- C:\Windows\system32\javaw.exe
2013-03-07 18:03:43 ----A---- C:\Windows\system32\java.exe
2013-03-07 18:03:31 ----D---- C:\Program Files\Java
2013-03-07 16:01:08 ----D---- C:\Users\Lukas\AppData\Roaming\FileOpen
2013-03-07 16:01:08 ----D---- C:\ProgramData\FileOpen
2013-03-07 10:16:12 ----D---- C:\Users\Lukas\AppData\Roaming\Mozilla
2013-03-07 10:08:41 ----D---- C:\Program Files\FileOpen
2013-03-02 22:59:00 ----D---- C:\Program Files\Marvell
2013-03-01 09:49:04 ----D---- C:\Program Files\ČasPráce
2013-02-28 21:49:11 ----D---- C:\Program Files\Cain
2013-02-28 21:08:20 ----D---- C:\Users\Lukas\AppData\Roaming\Wireshark
2013-02-28 21:04:15 ----D---- C:\Program Files\WinPcap
2013-02-28 21:04:03 ----D---- C:\Program Files\Wireshark
2013-02-27 14:15:05 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 14:14:55 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 14:14:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 14:14:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 14:14:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 14:14:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 14:14:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 14:14:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 14:14:49 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 14:14:48 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 14:14:47 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 14:14:47 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 14:14:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 14:14:47 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 14:14:47 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 14:14:46 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 11:44:48 ----D---- C:\Users\Lukas\AppData\Roaming\dvdcss
2013-02-26 15:29:12 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2013-02-26 15:29:12 ----RA---- C:\Windows\system32\AdobePDF.dll
2013-02-24 10:14:55 ----D---- C:\Users\Lukas\AppData\Roaming\MathWorks
2013-02-24 09:48:35 ----D---- C:\Program Files\MATLAB
2013-02-23 17:42:29 ----D---- C:\Users\Lukas\AppData\Roaming\Corel
2013-02-23 17:42:28 ----D---- C:\ProgramData\Protexis
2013-02-23 17:28:49 ----D---- C:\Users\Lukas\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-02-23 17:09:27 ----D---- C:\Program Files\Microsoft SDKs
2013-02-23 17:09:26 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2013-02-23 17:08:20 ----D---- C:\Program Files\Common Files\Corel
2013-02-23 17:07:57 ----D---- C:\Program Files\Common Files\Protexis
2013-02-23 17:07:55 ----D---- C:\ProgramData\Corel
2013-02-23 17:04:45 ----D---- C:\Program Files\Corel
2013-02-23 17:02:56 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X6
2013-02-23 16:25:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-02-23 16:04:10 ----D---- C:\Program Files\Adobe Media Player
2013-02-23 16:02:55 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-02-23 15:56:51 ----D---- C:\Program Files\MSXML 4.0
2013-02-23 13:38:14 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-02-23 13:38:13 ----D---- C:\Program Files\Common Files\DESIGNER
2013-02-23 13:37:48 ----D---- C:\Windows\PCHEALTH
2013-02-23 13:37:48 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-02-23 13:35:57 ----D---- C:\Windows\SHELLNEW
2013-02-23 13:35:57 ----D---- C:\Program Files\Microsoft Analysis Services
2013-02-23 13:35:13 ----RD---- C:\MSOCache
2013-02-23 09:46:42 ----D---- C:\ProgramData\FLEXnet
2013-02-23 09:36:25 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-02-23 09:32:36 ----D---- C:\ProgramData\Adobe
2013-02-23 09:32:36 ----D---- C:\Program Files\Common Files\Adobe
2013-02-23 09:32:36 ----D---- C:\Program Files\Adobe
2013-02-23 09:30:16 ----D---- C:\Program Files\7-Zip
2013-02-23 09:29:58 ----D---- C:\ProgramData\Sun
2013-02-23 09:29:57 ----D---- C:\Program Files\Common Files\Java
2013-02-23 09:29:44 ----A---- C:\Windows\system32\deployJava1.dll
2013-02-23 09:29:43 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-02-23 09:12:32 ----D---- C:\Program Files\i-Funbox DevTeam
2013-02-23 09:08:19 ----D---- C:\Program Files\K-Lite Codec Pack
2013-02-23 09:06:42 ----D---- C:\Program Files\CCleaner
2013-02-23 08:43:24 ----D---- C:\Users\Lukas\AppData\Roaming\DiskAid
2013-02-23 08:43:14 ----D---- C:\Program Files\DigiDNA
2013-02-23 08:31:04 ----D---- C:\Users\Lukas\AppData\Roaming\Audacity
2013-02-23 08:30:39 ----D---- C:\Program Files\Audacity
2013-02-23 08:22:56 ----D---- C:\Users\Lukas\AppData\Roaming\Agilent
2013-02-23 08:22:56 ----D---- C:\ProgramData\Agilent
2013-02-23 08:22:56 ----D---- C:\Program Files\Common Files\Agilent
2013-02-23 08:22:56 ----D---- C:\Program Files\Agilent
2013-02-23 08:20:05 ----D---- C:\ProgramData\IVI Foundation
2013-02-23 08:20:05 ----D---- C:\Program Files\IVI Foundation
2013-02-23 07:58:26 ----D---- C:\Users\Lukas\AppData\Roaming\KeePass
2013-02-23 00:02:27 ----D---- C:\Users\Lukas\AppData\Roaming\Apple Computer
2013-02-23 00:02:19 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-23 00:01:19 ----D---- C:\ProgramData\Apple Computer
2013-02-23 00:00:22 ----D---- C:\Program Files\Apple Software Update
2013-02-22 23:59:54 ----D---- C:\Program Files\Bonjour
2013-02-22 23:59:31 ----D---- C:\ProgramData\Apple
2013-02-22 23:59:31 ----D---- C:\Program Files\Common Files\Apple
2013-02-22 23:54:33 ----D---- C:\Users\Lukas\AppData\Roaming\iFunbox_UserCache
2013-02-22 23:48:28 ----D---- C:\Users\Lukas\AppData\Roaming\Mathematica
2013-02-22 23:48:13 ----D---- C:\ProgramData\Mathematica
2013-02-22 23:48:13 ----D---- C:\Program Files\Extras
2013-02-22 23:48:13 ----D---- C:\Program Files\Common Files\Wolfram Research
2013-02-22 23:48:13 ----D---- C:\Program Files\Common Files\ResearchSoft
2013-02-22 23:42:32 ----A---- C:\Windows\system32\mlmodule32.dll
2013-02-22 23:42:32 ----A---- C:\Windows\system32\ml32i3.dll
2013-02-22 23:42:32 ----A---- C:\Windows\system32\ml32i2.dll
2013-02-22 23:42:32 ----A---- C:\Windows\system32\ml32i1.dll
2013-02-22 23:40:28 ----D---- C:\Program Files\Wolfram Research
2013-02-22 22:56:22 ----D---- C:\Windows\pss
2013-02-22 22:49:05 ----D---- C:\Program Files\Common Files\Lingea Shared
2013-02-22 22:48:46 ----D---- C:\Program Files\Lingea
2013-02-22 22:36:08 ----D---- C:\ProgramData\ATI
2013-02-22 21:37:07 ----D---- C:\Users\Lukas\AppData\Roaming\uTorrent
2013-02-22 21:12:52 ----D---- C:\Users\Lukas\AppData\Roaming\Adobe
2013-02-22 21:09:21 ----D---- C:\Users\Lukas\AppData\Roaming\Cisco
2013-02-22 21:09:21 ----D---- C:\ProgramData\Cisco
2013-02-22 21:09:20 ----D---- C:\Users\Lukas\AppData\Roaming\Macromedia
2013-02-22 21:09:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-22 21:09:10 ----D---- C:\Windows\system32\Macromed
2013-02-22 21:05:49 ----D---- C:\Program Files\Cisco Aspire Networking Academy Edition
2013-02-22 21:05:37 ----D---- C:\Users\Lukas\AppData\Roaming\vlc
2013-02-22 21:05:17 ----D---- C:\Program Files\VideoLAN
2013-02-22 21:04:28 ----D---- C:\Windows\system32\Adobe
2013-02-22 20:54:23 ----D---- C:\Program Files\Cisco Packet Tracer 5.3.3
2013-02-22 20:53:19 ----D---- C:\Program Files\DirectVobSub
2013-02-22 20:37:06 ----D---- C:\Program Files\PDF Architect
2013-02-22 20:33:08 ----D---- C:\Users\Lukas\AppData\Roaming\Ashampoo
2013-02-22 20:32:51 ----D---- C:\ProgramData\Ashampoo
2013-02-22 20:32:46 ----D---- C:\Program Files\Ashampoo
2013-02-22 20:29:07 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-02-22 20:29:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-02-22 20:29:06 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-02-22 20:29:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-02-22 20:29:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-02-22 20:29:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-02-22 20:29:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-02-22 20:29:02 ----A---- C:\Windows\system32\fsutil.exe
2013-02-22 20:29:02 ----A---- C:\Windows\system32\esent.dll
2013-02-22 20:29:02 ----A---- C:\Windows\system32\drivers\storport.sys
2013-02-22 20:29:02 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-02-22 20:29:01 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-02-22 20:29:01 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-02-22 20:29:01 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-02-22 20:29:01 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-02-22 20:29:01 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-02-22 20:28:56 ----A---- C:\Windows\system32\iisRtl.dll
2013-02-22 20:28:55 ----A---- C:\Windows\system32\wamregps.dll
2013-02-22 20:28:55 ----A---- C:\Windows\system32\iisrstap.dll
2013-02-22 20:28:55 ----A---- C:\Windows\system32\iisreset.exe
2013-02-22 20:28:55 ----A---- C:\Windows\system32\ahadmin.dll
2013-02-22 20:28:55 ----A---- C:\Windows\system32\admwprox.dll
2013-02-22 20:28:53 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-02-22 20:28:53 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-02-22 20:26:46 ----D---- C:\Users\Lukas\AppData\Roaming\Dropbox
2013-02-22 20:09:21 ----D---- C:\ProgramData\PDF Architect
2013-02-22 20:06:32 ----D---- C:\Program Files\ATI Technologies
2013-02-22 20:06:21 ----D---- C:\Program Files\ATI
2013-02-22 19:02:12 ----A---- C:\Windows\system32\PdfDll32.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\Lvkrn14n.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\LtTtf14n.Dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\LTSGM14n.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\ltserial.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\ltkrn14n.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\ltimg14n.dll
2013-02-22 19:02:12 ----A---- C:\Windows\system32\ltfil14n.dll
2013-02-22 19:02:11 ----A---- C:\Windows\system32\LTEml14n.dll
2013-02-22 19:02:11 ----A---- C:\Windows\system32\ltefx14n.dll
2013-02-22 19:02:11 ----A---- C:\Windows\system32\ltdoc14n.dll
2013-02-22 19:02:11 ----A---- C:\Windows\system32\LTDIS14n.dll
2013-02-22 19:02:11 ----A---- C:\Windows\system32\LTDic14n.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\LTCLR14n.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\ltann14n.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\LtAct14n.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\ltact.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\LPWSE05n.exe
2013-02-22 19:02:10 ----A---- C:\Windows\system32\LPUNI05N.dll
2013-02-22 19:02:10 ----A---- C:\Windows\system32\LPUMD05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPUIT05N.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPUIR05r.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPUID05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpTxt05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpRTF05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPRPC05u.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPRNT05N.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPRES05N.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPPMN05u.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpPdf05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPKRN05N.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPINS05N.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpHTM05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPEML05N.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpEmf05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\Lpdrv05n.DLL
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LpDoc05n.dll
2013-02-22 19:02:09 ----A---- C:\Windows\system32\LPDLG05N.DLL
2013-02-22 19:02:08 ----A---- C:\Windows\system32\LPCPN05N.dll
2013-02-22 19:02:08 ----A---- C:\Windows\system32\Lfwmf14n.dll
2013-02-22 19:02:08 ----A---- C:\Windows\system32\lfpdf14n.dll
2013-02-22 19:02:08 ----A---- C:\Windows\system32\lfjb214n.dll
2013-02-22 19:02:08 ----A---- C:\Windows\system32\lffax14n.dll
2013-02-22 19:02:08 ----A---- C:\Windows\system32\LFCMP14n.dll
2013-02-22 18:59:53 ----D---- C:\Program Files\OriginLab
2013-02-22 18:57:11 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2013-02-22 18:57:07 ----D---- C:\Program Files\Common Files\Skype
2013-02-22 18:57:06 ----RD---- C:\Program Files\Skype
2013-02-22 18:57:03 ----D---- C:\ProgramData\Skype
2013-02-22 18:53:39 ----D---- C:\Users\Lukas\AppData\Roaming\InstallShield
2013-02-22 18:32:37 ----D---- C:\Users\Lukas\AppData\Roaming\ESET
2013-02-22 18:28:06 ----D---- C:\ProgramData\ESET
2013-02-22 18:28:06 ----D---- C:\Program Files\ESET
2013-02-22 18:14:20 ----D---- C:\ProgramData\Microsoft Help
2013-02-22 18:14:20 ----D---- C:\Program Files\Microsoft Office
2013-02-22 18:00:15 ----D---- C:\Users\Lukas\AppData\Roaming\ATI
2013-02-22 17:59:07 ----D---- C:\Program Files\Common Files\Deterministic Networks
2013-02-22 17:59:06 ----D---- C:\Program Files\Cisco Systems
2013-02-22 17:56:05 ----D---- C:\Program Files\Elaborate Bytes
2013-02-22 17:43:17 ----D---- C:\ProgramData\Sony Corporation
2013-02-22 17:43:12 ----D---- C:\Program Files\Sony
2013-02-22 17:36:15 ----D---- C:\Windows\SysWOW64
2013-02-22 17:25:21 ----D---- C:\Program Files\Microsoft Games
2013-02-22 17:25:19 ----D---- C:\Windows\system32\BestPractices
2013-02-22 17:25:17 ----D---- C:\inetpub
2013-02-22 17:00:47 ----D---- C:\Program Files\Google
2013-02-22 16:59:40 ----D---- C:\Program Files\Microsoft.NET
2013-02-22 16:59:18 ----SHD---- C:\Windows\Installer
2013-02-22 16:55:33 ----D---- C:\Windows\system32\Wat
2013-02-22 16:55:10 ----A---- C:\Windows\system32\psisdecd.dll
2013-02-22 16:37:53 ----A---- C:\Windows\system32\MRT.exe
2013-02-22 16:37:12 ----A---- C:\Windows\system32\fontsub.dll
2013-02-22 16:37:12 ----A---- C:\Windows\system32\atmlib.dll
2013-02-22 16:37:12 ----A---- C:\Windows\system32\atmfd.dll
2013-02-22 16:36:28 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-02-22 16:36:28 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-02-22 16:36:28 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-02-22 16:36:28 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-02-22 16:36:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-02-22 16:36:28 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-02-22 16:36:27 ----A---- C:\Windows\system32\wksprtPS.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\wksprt.exe
2013-02-22 16:36:27 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-02-22 16:36:27 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\tsgqec.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\rdpudd.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\mstsc.exe
2013-02-22 16:36:27 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-02-22 16:36:27 ----A---- C:\Windows\system32\aaclient.dll
2013-02-22 16:36:26 ----A---- C:\Windows\system32\rdpcorets.dll
2013-02-22 16:36:26 ----A---- C:\Windows\system32\mstscax.dll
2013-02-22 16:26:48 ----A---- C:\Windows\system32\Wdfres.dll
2013-02-22 16:26:48 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-02-22 16:26:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-02-22 16:26:17 ----A---- C:\Windows\system32\WUDFx.dll
2013-02-22 16:26:17 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-02-22 16:26:17 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-02-22 16:26:17 ----A---- C:\Windows\system32\WUDFHost.exe
2013-02-22 16:26:17 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-02-22 16:26:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-02-22 16:26:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-02-22 16:25:59 ----A---- C:\Windows\system32\wmi.dll
2013-02-22 16:25:59 ----A---- C:\Windows\system32\imagehlp.dll
2013-02-22 16:25:59 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-02-22 16:25:24 ----A---- C:\Windows\system32\browserchoice.exe
2013-02-22 16:22:41 ----N---- C:\Windows\system32\MpSigStub.exe
2013-02-22 16:22:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-02-22 16:22:01 ----A---- C:\Windows\explorer.exe
2013-02-22 16:21:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-02-22 16:21:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-22 16:21:36 ----A---- C:\Windows\system32\win32k.sys
2013-02-22 16:21:35 ----A---- C:\Windows\system32\msxml3r.dll
2013-02-22 16:21:35 ----A---- C:\Windows\system32\msxml3.dll
2013-02-22 16:21:34 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-02-22 16:21:34 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-02-22 16:21:34 ----A---- C:\Windows\system32\dnsapi.dll
2013-02-22 16:21:33 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-02-22 16:21:33 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-02-22 16:21:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-02-22 16:21:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-02-22 16:21:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-02-22 16:21:30 ----A---- C:\Windows\system32\dpnet.dll
2013-02-22 16:21:29 ----A---- C:\Windows\system32\drivers\afd.sys
2013-02-22 16:21:28 ----A---- C:\Windows\system32\spoolsv.exe
2013-02-22 16:21:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-02-22 16:21:24 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-02-22 16:21:24 ----A---- C:\Windows\system32\drivers\srv.sys
2013-02-22 16:21:22 ----A---- C:\Windows\system32\ntdll.dll
2013-02-22 16:21:20 ----A---- C:\Windows\system32\usp10.dll
2013-02-22 16:21:14 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-02-22 16:21:14 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-02-22 16:21:05 ----A---- C:\Windows\system32\msi.dll
2013-02-22 16:20:59 ----A---- C:\Windows\system32\inetcomm.dll
2013-02-22 16:20:54 ----A---- C:\Windows\system32\schannel.dll
2013-02-22 16:20:54 ----A---- C:\Windows\system32\lsasrv.dll
2013-02-22 16:20:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-02-22 16:20:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-02-22 16:20:54 ----A---- C:\Windows\system32\drivers\cng.sys
2013-02-22 16:20:49 ----A---- C:\Windows\system32\Wpc.dll
2013-02-22 16:20:49 ----A---- C:\Windows\system32\gameux.dll
2013-02-22 16:20:44 ----A---- C:\Windows\system32\win32spl.dll
2013-02-22 16:20:44 ----A---- C:\Windows\system32\kerberos.dll
2013-02-22 16:20:42 ----A---- C:\Windows\system32\msxml6.dll
2013-02-22 16:20:38 ----A---- C:\Windows\system32\cdosys.dll
2013-02-22 16:20:36 ----A---- C:\Windows\system32\qdvd.dll
2013-02-22 16:20:33 ----A---- C:\Windows\system32\odbctrac.dll
2013-02-22 16:20:33 ----A---- C:\Windows\system32\odbcjt32.dll
2013-02-22 16:20:33 ----A---- C:\Windows\system32\odbccu32.dll
2013-02-22 16:20:33 ----A---- C:\Windows\system32\odbccr32.dll
2013-02-22 16:20:33 ----A---- C:\Windows\system32\odbccp32.dll
2013-02-22 16:20:32 ----A---- C:\Windows\system32\taskhost.exe
2013-02-22 16:20:31 ----A---- C:\Windows\system32\profsvc.dll
2013-02-22 16:20:30 ----A---- C:\Windows\system32\poqexec.exe
2013-02-22 16:20:30 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-02-22 16:20:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-02-22 16:20:28 ----A---- C:\Windows\system32\prevhost.exe
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-22 16:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-02-22 16:20:14 ----A---- C:\Windows\system32\KernelBase.dll
2013-02-22 16:20:14 ----A---- C:\Windows\system32\kernel32.dll
2013-02-22 16:20:14 ----A---- C:\Windows\system32\conhost.exe
2013-02-22 16:18:45 ----A---- C:\Windows\system32\nlasvc.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\nlaapi.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\netevent.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\netcorehc.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\ncsi.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-02-22 16:18:45 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-02-22 16:18:45 ----A---- C:\Windows\system32\drivers\netio.sys
2013-02-22 16:18:21 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-22 16:17:42 ----A---- C:\Windows\system32\tquery.dll
2013-02-22 16:17:42 ----A---- C:\Windows\system32\mssrch.dll
2013-02-22 16:17:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-02-22 16:17:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-02-22 16:17:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-02-22 16:17:41 ----A---- C:\Windows\system32\mssvp.dll
2013-02-22 16:17:41 ----A---- C:\Windows\system32\mssphtb.dll
2013-02-22 16:17:41 ----A---- C:\Windows\system32\mssph.dll
2013-02-22 16:17:41 ----A---- C:\Windows\system32\msscntrs.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\webio.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\sspisrv.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\sspicli.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\srcore.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\secur32.dll
2013-02-22 16:17:36 ----A---- C:\Windows\system32\lsass.exe
2013-02-22 16:17:24 ----A---- C:\Windows\system32\quartz.dll
2013-02-22 16:17:00 ----A---- C:\Windows\system32\tzres.dll
2013-02-22 16:16:49 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-02-22 16:16:44 ----A---- C:\Windows\system32\netapi32.dll
2013-02-22 16:16:44 ----A---- C:\Windows\system32\browser.dll
2013-02-22 16:16:44 ----A---- C:\Windows\system32\browcli.dll
2013-02-22 16:16:43 ----A---- C:\Windows\system32\shell32.dll
2013-02-22 16:16:39 ----A---- C:\Windows\system32\synceng.dll
2013-02-22 16:16:39 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-02-22 16:16:39 ----A---- C:\Windows\system32\rdpwsx.dll
2013-02-22 16:16:39 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-02-22 16:16:37 ----A---- C:\Windows\system32\cryptsvc.dll
2013-02-22 16:16:37 ----A---- C:\Windows\system32\cryptnet.dll
2013-02-22 16:16:37 ----A---- C:\Windows\system32\crypt32.dll
2013-02-22 16:16:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-22 16:16:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-22 16:16:23 ----A---- C:\Windows\system32\ntshrui.dll
2013-02-22 16:16:20 ----A---- C:\Windows\system32\packager.dll
2013-02-22 16:16:20 ----A---- C:\Windows\system32\oleaut32.dll
2013-02-22 16:16:20 ----A---- C:\Windows\system32\oleacc.dll
2013-02-22 16:16:19 ----A---- C:\Windows\system32\csrsrv.dll
2013-02-22 16:16:18 ----A---- C:\Windows\system32\localspl.dll
2013-02-22 16:16:17 ----A---- C:\Windows\system32\wintrust.dll
2013-02-22 16:16:15 ----A---- C:\Windows\system32\msvcrt.dll
2013-02-22 16:16:15 ----A---- C:\Windows\system32\mfc42u.dll
2013-02-22 16:16:15 ----A---- C:\Windows\system32\mfc42.dll
2013-02-22 16:16:14 ----A---- C:\Windows\system32\ncrypt.dll
2013-02-22 16:16:14 ----A---- C:\Windows\system32\EncDec.dll
2013-02-22 16:16:09 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-02-22 16:16:08 ----A---- C:\Windows\system32\sbe.dll
2013-02-22 16:16:08 ----A---- C:\Windows\system32\CPFilters.dll
2013-02-22 16:16:07 ----A---- C:\Windows\system32\xmllite.dll
2013-02-22 16:16:07 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-02-22 16:16:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-02-22 16:15:02 ----A---- C:\Windows\system32\winsrv.dll
2013-02-22 16:13:29 ----D---- C:\Users\Lukas\AppData\Roaming\GHISLER
2013-02-22 16:08:52 ----A---- C:\Windows\system32\wextract.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\webcheck.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\pngfilt.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\occache.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\msrating.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\msls31.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\mshtmler.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\mshta.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\msfeedssync.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\licmgr10.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\inseng.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\imgutil.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iexpress.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iesysprep.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iesetup.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iernonce.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iepeers.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\iedkcs32.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ieapfltr.dat
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ieakui.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ieaksie.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ieakeng.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-02-22 16:08:52 ----A---- C:\Windows\system32\icardie.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\dxtrans.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\dxtmsft.dll
2013-02-22 16:08:52 ----A---- C:\Windows\system32\admparse.dll
2013-02-22 16:06:53 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-02-22 16:05:44 ----D---- C:\Program Files\totalcmd
2013-02-22 16:05:43 ----D---- C:\Program Files\KeePass Password Safe 2
2013-02-22 15:54:52 ----A---- C:\Windows\system32\rdpcore.dll
2013-02-22 15:54:52 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-02-22 15:51:35 ----A---- C:\Windows\system32\wups2.dll
2013-02-22 15:51:35 ----A---- C:\Windows\system32\wucltux.dll
2013-02-22 15:51:35 ----A---- C:\Windows\system32\wuaueng.dll
2013-02-22 15:51:35 ----A---- C:\Windows\system32\wuauclt.exe
2013-02-22 15:51:28 ----A---- C:\Windows\system32\wups.dll
2013-02-22 15:51:28 ----A---- C:\Windows\system32\wudriver.dll
2013-02-22 15:51:28 ----A---- C:\Windows\system32\wuapi.dll
2013-02-22 15:51:14 ----A---- C:\Windows\system32\wuwebv.dll
2013-02-22 15:51:14 ----A---- C:\Windows\system32\wuapp.exe
2013-02-22 15:51:03 ----D---- C:\Users\Lukas\AppData\Roaming\Identities
2013-02-22 15:50:54 ----SD---- C:\Users\Lukas\AppData\Roaming\Microsoft
2013-02-22 15:50:54 ----D---- C:\Users\Lukas\AppData\Roaming\Media Center Programs
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Šablony
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Plocha
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Oblíbené položky
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Nabídka Start
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Dokumenty
2013-02-22 15:50:43 ----SHD---- C:\ProgramData\Data aplikací
2013-02-22 15:50:43 ----D---- C:\Recovery
2013-02-22 15:36:16 ----D---- C:\Windows\SoftwareDistribution
2013-02-22 15:34:10 ----D---- C:\Windows\Prefetch
2013-02-22 15:33:18 ----ASH---- C:\pagefile.sys
2013-02-22 15:33:16 ----SHD---- C:\System Volume Information
2013-02-22 15:33:16 ----ASH---- C:\hiberfil.sys
2013-02-22 15:32:44 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2013-03-17 20:28:47 ----RD---- C:\Program Files
2013-03-17 20:07:46 ----D---- C:\ProgramData
2013-03-17 20:02:11 ----D---- C:\Windows
2013-03-17 19:58:56 ----A---- C:\Windows\system.ini
2013-03-17 19:58:51 ----D---- C:\Windows\system32\drivers\etc
2013-03-17 19:55:47 ----D---- C:\Windows\system32\config
2013-03-17 19:55:30 ----D---- C:\Windows\system32\drivers
2013-03-17 19:55:30 ----D---- C:\Windows\System32
2013-03-17 19:55:30 ----D---- C:\Windows\AppPatch
2013-03-17 19:55:28 ----D---- C:\Program Files\Common Files
2013-03-17 17:22:19 ----D---- C:\Windows\inf
2013-03-16 23:17:15 ----D---- C:\Windows\system32\catroot
2013-03-16 23:08:26 ----D---- C:\Windows\debug
2013-03-16 10:14:53 ----D---- C:\Windows\system32\DriverStore
2013-03-16 00:59:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-14 22:03:47 ----D---- C:\Windows\system32\NDF
2013-03-14 08:15:27 ----D---- C:\Windows\rescache
2013-03-13 11:52:44 ----D---- C:\Windows\winsxs
2013-03-13 11:51:40 ----D---- C:\Windows\system32\migration
2013-03-13 11:51:40 ----D---- C:\Program Files\Internet Explorer
2013-03-13 11:48:01 ----D---- C:\Windows\system32\catroot2
2013-03-04 19:02:55 ----D---- C:\Windows\system32\Tasks
2013-02-28 21:54:48 ----SD---- C:\ProgramData\Microsoft
2013-02-27 14:18:21 ----D---- C:\Windows\system32\pt-PT
2013-02-27 14:18:21 ----D---- C:\Windows\system32\pt-BR
2013-02-27 14:18:21 ----D---- C:\Windows\system32\pl-PL
2013-02-27 14:18:21 ----D---- C:\Windows\system32\ko-KR
2013-02-27 14:18:21 ----D---- C:\Windows\system32\it-IT
2013-02-27 14:18:20 ----D---- C:\Windows\system32\zh-TW
2013-02-27 14:18:20 ----D---- C:\Windows\system32\zh-HK
2013-02-27 14:18:20 ----D---- C:\Windows\system32\tr-TR
2013-02-27 14:18:20 ----D---- C:\Windows\system32\sv-SE
2013-02-27 14:18:20 ----D---- C:\Windows\system32\nl-NL
2013-02-27 14:18:20 ----D---- C:\Windows\system32\hu-HU
2013-02-27 14:18:20 ----D---- C:\Windows\system32\fr-FR
2013-02-27 14:18:20 ----D---- C:\Windows\system32\fi-FI
2013-02-27 14:18:20 ----D---- C:\Windows\system32\es-ES
2013-02-27 14:18:20 ----D---- C:\Windows\system32\el-GR
2013-02-27 14:18:20 ----D---- C:\Windows\system32\de-DE
2013-02-27 14:18:19 ----D---- C:\Windows\system32\zh-CN
2013-02-27 14:18:19 ----D---- C:\Windows\system32\ru-RU
2013-02-27 14:18:19 ----D---- C:\Windows\system32\nb-NO
2013-02-27 14:18:19 ----D---- C:\Windows\system32\ja-JP
2013-02-27 14:18:19 ----D---- C:\Windows\system32\en-US
2013-02-27 14:18:19 ----D---- C:\Windows\system32\da-DK
2013-02-27 14:18:19 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 13:43:46 ----D---- C:\Windows\system32\wdi
2013-02-25 11:03:26 ----D---- C:\Windows\Logs
2013-02-24 16:35:17 ----RSD---- C:\Windows\assembly
2013-02-24 16:35:17 ----D---- C:\Windows\Microsoft.NET
2013-02-23 17:09:51 ----D---- C:\Program Files\Common Files\microsoft shared
2013-02-23 17:06:09 ----RSD---- C:\Windows\Fonts
2013-02-23 14:05:00 ----D---- C:\Windows\Tasks
2013-02-22 23:55:09 ----D---- C:\Windows\system32\drivers\UMDF
2013-02-22 22:34:32 ----D---- C:\Windows\LiveKernelReports
2013-02-22 21:18:13 ----D---- C:\Windows\system32\inetsrv
2013-02-22 19:21:12 ----D---- C:\Windows\system32\LogFiles
2013-02-22 19:18:53 ----RD---- C:\Users
2013-02-22 17:28:07 ----D---- C:\Windows\Registration
2013-02-22 17:25:21 ----D---- C:\Program Files\DVD Maker
2013-02-22 17:25:19 ----D---- C:\Windows\system32\wbem
2013-02-22 17:25:19 ----D---- C:\Windows\PolicyDefinitions
2013-02-22 16:42:42 ----D---- C:\Windows\system32\drivers\en-US
2013-02-22 16:42:41 ----D---- C:\Program Files\Common Files\System
2013-02-22 16:42:36 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-02-22 16:10:28 ----D---- C:\Windows\servicing
2013-02-22 15:50:59 ----D---- C:\Windows\system32\restore
2013-02-22 15:50:43 ----D---- C:\Program Files\Windows NT
2013-02-22 15:47:54 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-22 15:36:47 ----D---- C:\Windows\system32\sysprep
2013-02-22 15:34:07 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-29 33656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-09 1096704]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-29 51136]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-07-10 172704]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-29 123760]
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
S1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2013-03-09 231760]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-11-17 308859]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-29 154160]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 AgPciMem;AgPciMem; \??\C:\Program Files\Agilent\IO Libraries Suite\AgPciMem.sys [2011-05-31 13936]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 5431296]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-08 157184]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 5431296]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Lukas\AppData\Local\Temp\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys [2010-06-25 35088]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AgilentIOLibrariesService;Agilent IO Libraries Service; C:\Program Files\Agilent\IO Libraries Suite\AgilentIOLibrariesService.exe [2011-05-31 71016]
S2 AgtMdnsResponder;Agilent mDNS Responder Service; C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe [2011-03-21 331264]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-08 172032]
S2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-11-17 1528624]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2012-07-04 999704]
S2 FileOpenManagerService;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe [2012-11-07 213432]
S2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-22 116648]
S2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
S2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
S2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
S2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-07 161384]
S2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 47616]
S2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 253656]
S3 AgilentPXIResourceManager;Agilent PXI Resource Manager; C:\Program Files\Agilent\IO Libraries Suite\AgilentPXIResourceManager.exe [2011-05-31 124264]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2012-07-04 31056]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2012-07-04 183944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-23 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-22 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-22 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalené PC,
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalené PC,
Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům bez konzultece s rádcem? Hodláte si zbořit systém? Po skenu CF je mi log RSIT k ničemu, neboť předchozí sken (CF) zahladil všechny případné stopy po viru. Dejte log ComboFix, najdeto ho v c:\combofix.txt.
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům bez konzultece s rádcem? Hodláte si zbořit systém? Po skenu CF je mi log RSIT k ničemu, neboť předchozí sken (CF) zahladil všechny případné stopy po viru. Dejte log ComboFix, najdeto ho v c:\combofix.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalené PC,
ComboFix 13-03-17.01 - Lukas 17.03.2013 19:49:46.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3566.1723 [GMT 1:00]
Spuštěný z: c:\users\Lukas\Downloads\ComboFix.exe
AV: ESET Endpoint Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: Eset Pesonálny Firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Endpoint Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-17 18:58 . 2013-03-17 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-16 09:37 . 2012-08-21 12:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-03-16 09:36 . 2013-03-16 09:36 -------- d-----w- c:\program files\iPod
2013-03-16 09:36 . 2013-03-16 09:37 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-16 09:36 . 2013-03-16 09:37 -------- d-----w- c:\program files\iTunes
2013-03-16 08:54 . 2013-03-17 18:54 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{775F69CC-DA3F-4CA2-888D-5D6B6D8E48E0}\offreg.dll
2013-03-15 07:07 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{775F69CC-DA3F-4CA2-888D-5D6B6D8E48E0}\mpengine.dll
2013-03-09 11:15 . 2013-03-09 11:15 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-03-09 11:15 . 2013-03-09 11:15 -------- d-----w- c:\program files\TrueCrypt
2013-03-08 16:52 . 2013-03-08 16:52 -------- d-----w- c:\program files\yWorks
2013-03-07 17:03 . 2013-03-07 17:03 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-07 17:03 . 2013-03-07 17:03 -------- d-----w- c:\program files\Java
2013-03-07 15:01 . 2013-03-07 15:01 -------- d-----w- c:\programdata\FileOpen
2013-03-07 09:08 . 2013-03-07 09:08 -------- d-----w- c:\program files\FileOpen
2013-03-02 21:59 . 2013-03-02 21:59 -------- d-----w- c:\program files\Marvell
2013-03-01 08:49 . 2013-03-01 08:49 -------- d-----w- c:\program files\ČasPráce
2013-02-28 20:49 . 2013-02-28 20:57 -------- d-----w- c:\program files\Cain
2013-02-28 20:04 . 2013-02-28 20:49 -------- d-----w- c:\program files\WinPcap
2013-02-28 20:04 . 2013-02-28 20:05 -------- d-----w- c:\program files\Wireshark
2013-02-27 13:15 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-24 09:09 . 2004-03-01 21:05 407104 ----a-w- c:\windows\system32\MSHFLXGD.OCX
2013-02-24 09:09 . 2004-02-11 13:37 203976 ----a-w- c:\windows\system32\RICHTX32.OCX
2013-02-24 08:48 . 2013-02-24 08:48 -------- d-----w- c:\program files\MATLAB
2013-02-24 08:43 . 2013-02-24 08:43 -------- d-----w- c:\users\Public\Roaming
2013-02-23 16:42 . 2013-02-23 16:42 -------- d-----w- c:\programdata\Protexis
2013-02-23 16:09 . 2013-02-23 16:09 -------- d-----w- c:\program files\Microsoft SDKs
2013-02-23 16:09 . 2013-02-23 16:09 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2013-02-23 16:08 . 2013-02-23 16:08 -------- d-----w- c:\program files\Common Files\Corel
2013-02-23 16:07 . 2013-02-23 16:07 -------- d-----w- c:\program files\Common Files\Protexis
2013-02-23 16:07 . 2013-02-23 16:07 -------- d-----w- c:\programdata\Corel
2013-02-23 16:04 . 2013-02-23 16:04 -------- d-----w- c:\program files\Corel
2013-02-23 15:25 . 2013-02-23 15:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-02-23 15:04 . 2013-02-23 15:04 -------- d-----w- c:\program files\Adobe Media Player
2013-02-23 15:02 . 2013-02-23 15:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2013-02-23 14:56 . 2013-02-23 14:56 -------- d-----w- c:\program files\MSXML 4.0
2013-02-23 12:38 . 2013-02-23 12:38 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-02-23 12:37 . 2013-02-23 12:37 -------- d-----w- c:\windows\PCHEALTH
2013-02-23 12:37 . 2013-02-23 12:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-02-23 12:35 . 2013-02-23 12:36 -------- d-----w- c:\windows\SHELLNEW
2013-02-23 12:35 . 2013-02-23 12:35 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-02-23 12:35 . 2013-02-23 12:35 -------- d-----r- C:\MSOCache
2013-02-23 08:46 . 2013-02-23 08:46 -------- d-----w- c:\programdata\FLEXnet
2013-02-23 08:36 . 2013-02-23 08:36 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-02-23 08:32 . 2013-02-26 14:29 -------- d-----w- c:\program files\Common Files\Adobe
2013-02-23 08:30 . 2013-02-23 08:30 -------- d-----w- c:\program files\7-Zip
2013-02-23 08:29 . 2013-02-23 08:29 -------- d-----w- c:\program files\Common Files\Java
2013-02-23 08:29 . 2013-03-07 17:03 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 08:29 . 2013-03-07 17:03 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-23 08:12 . 2013-02-23 08:12 -------- d-----w- c:\program files\i-Funbox DevTeam
2013-02-23 08:08 . 2013-02-23 08:08 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-02-23 08:06 . 2013-02-23 08:06 -------- d-----w- c:\program files\CCleaner
2013-02-23 07:43 . 2013-02-23 07:43 -------- d-----w- c:\program files\DigiDNA
2013-02-23 07:30 . 2013-02-23 07:30 -------- d-----w- c:\program files\Audacity
2013-02-23 07:22 . 2013-02-23 07:34 -------- d-----w- c:\program files\Agilent
2013-02-23 07:22 . 2013-02-23 07:33 -------- d-----w- c:\program files\Common Files\Agilent
2013-02-23 07:22 . 2013-02-23 07:22 -------- d-----w- c:\programdata\Agilent
2013-02-23 07:20 . 2013-02-23 07:21 -------- d-----w- c:\programdata\IVI Foundation
2013-02-23 07:20 . 2013-02-23 07:21 -------- d-----w- c:\program files\IVI Foundation
2013-02-22 23:02 . 2013-03-16 09:37 -------- dc----w- c:\windows\system32\DRVSTORE
2013-02-22 23:01 . 2013-02-22 23:01 -------- d-----w- c:\programdata\Apple Computer
2013-02-22 23:00 . 2013-02-22 23:00 -------- d-----w- c:\program files\Apple Software Update
2013-02-22 22:59 . 2013-02-22 22:59 -------- d-----w- c:\program files\Bonjour
2013-02-22 22:59 . 2013-03-16 09:36 -------- d-----w- c:\program files\Common Files\Apple
2013-02-22 22:59 . 2013-02-22 23:00 -------- d-----w- c:\programdata\Apple
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\programdata\Mathematica
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Common Files\Wolfram Research
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Extras
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Common Files\ResearchSoft
2013-02-22 22:42 . 2013-01-24 18:54 360752 ----a-w- c:\windows\system32\mltcpip32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 95536 ----a-w- c:\windows\system32\mltcp32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 88368 ----a-w- c:\windows\system32\mlshm32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 173360 ----a-w- c:\windows\system32\mlmodule32.dll
2013-02-22 22:42 . 2013-01-24 18:54 78128 ----a-w- c:\windows\system32\mlmap32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 369968 ----a-w- c:\windows\system32\ml32i3.dll
2013-02-22 22:42 . 2013-01-24 18:54 258864 ----a-w- c:\windows\system32\ml32i2.dll
2013-02-22 22:42 . 2013-01-24 18:54 252720 ----a-w- c:\windows\system32\ml32i1.dll
2013-02-22 22:40 . 2013-02-22 22:40 -------- d-----w- c:\program files\Wolfram Research
2013-02-22 21:49 . 2013-02-22 21:49 -------- d-----w- c:\program files\Common Files\Lingea Shared
2013-02-22 21:48 . 2013-02-22 21:48 -------- d-----w- c:\program files\Lingea
2013-02-22 21:36 . 2013-02-22 21:36 -------- d-----w- c:\programdata\ATI
2013-02-22 20:09 . 2013-02-23 07:04 -------- d-----w- c:\programdata\Cisco
2013-02-22 20:09 . 2013-03-12 19:26 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-22 20:09 . 2013-03-12 19:26 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-22 20:09 . 2013-02-22 20:09 -------- d-----w- c:\windows\system32\Macromed
2013-02-22 20:05 . 2013-02-22 20:07 -------- d-----w- c:\program files\Cisco Aspire Networking Academy Edition
2013-02-22 20:05 . 2013-02-22 20:05 -------- d-----w- c:\program files\VideoLAN
2013-02-22 20:04 . 2013-02-22 20:04 -------- d-----w- c:\windows\system32\Adobe
2013-02-22 19:55 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-22 19:54 . 2013-02-22 19:55 -------- d-----w- c:\program files\Cisco Packet Tracer 5.3.3
2013-02-22 19:53 . 2013-03-14 23:26 -------- d-----w- c:\program files\DirectVobSub
2013-02-22 19:37 . 2013-02-22 19:37 -------- d-----w- c:\program files\PDF Architect
2013-02-22 19:32 . 2013-02-22 19:32 -------- d-----w- c:\programdata\Ashampoo
2013-02-22 19:32 . 2013-02-22 19:32 -------- d-----w- c:\program files\Ashampoo
2013-02-22 19:28 . 2012-06-01 04:37 154624 ----a-w- c:\windows\system32\iisRtl.dll
2013-02-22 19:28 . 2012-06-01 04:40 10752 ----a-w- c:\windows\system32\wamregps.dll
2013-02-22 19:28 . 2012-06-01 04:37 8192 ----a-w- c:\windows\system32\iisrstap.dll
2013-02-22 19:28 . 2012-06-01 04:35 26624 ----a-w- c:\windows\system32\ahadmin.dll
2013-02-22 19:28 . 2012-06-01 04:35 50688 ----a-w- c:\windows\system32\admwprox.dll
2013-02-22 19:28 . 2012-06-01 04:34 15360 ----a-w- c:\windows\system32\iisreset.exe
2013-02-22 19:28 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2013-02-22 19:28 . 2011-04-28 03:15 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-02-22 19:19 . 2013-02-22 19:19 0 ----a-w- c:\windows\ativpsrm.bin
2013-02-22 19:09 . 2013-02-22 19:36 -------- d-----w- c:\programdata\PDF Architect
2013-02-22 19:06 . 2013-02-22 21:35 -------- d-----w- c:\program files\ATI Technologies
2013-02-22 19:06 . 2013-02-22 19:06 -------- d-----w- c:\program files\ATI
2013-02-22 18:18 . 2013-02-22 18:18 -------- d-----w- c:\users\DefaultAppPool
2013-02-22 17:59 . 2013-02-22 17:59 -------- d-----w- c:\program files\OriginLab
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----w- c:\program files\Common Files\Skype
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----r- c:\program files\Skype
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----w- c:\programdata\Skype
2013-02-22 17:28 . 2013-02-22 17:28 -------- d-----w- c:\program files\ESET
2013-02-22 17:14 . 2013-02-23 16:11 -------- d-----w- c:\programdata\Microsoft Help
2013-02-22 16:59 . 2013-02-22 16:59 -------- d-----w- c:\program files\Common Files\Deterministic Networks
2013-02-22 16:59 . 2013-02-22 16:59 -------- d-----w- c:\program files\Cisco Systems
2013-02-22 16:56 . 2013-02-22 16:56 -------- d-----w- c:\program files\Elaborate Bytes
2013-02-22 16:43 . 2013-02-22 16:43 -------- d-----w- c:\programdata\Sony Corporation
2013-02-22 16:43 . 2013-02-22 16:43 -------- d-----w- c:\program files\Sony
2013-02-22 16:36 . 2013-02-22 16:36 -------- d-----w- c:\windows\SysWOW64
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- c:\program files\Microsoft Games
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- c:\windows\system32\BestPractices
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- C:\inetpub
2013-02-22 16:00 . 2013-02-23 07:56 -------- d-----w- c:\program files\Google
2013-02-22 15:59 . 2013-02-23 12:37 -------- d-----w- c:\program files\Microsoft.NET
2013-02-22 15:59 . 2013-03-17 16:35 -------- d-sh--w- c:\windows\Installer
2013-02-22 15:55 . 2013-02-22 15:55 -------- d-----w- c:\windows\system32\Wat
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 04:48 . 2013-03-13 06:35 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 06:35 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iFunBoxConnector"="c:\program files\i-Funbox DevTeam\ifb_conn.exe" [2012-11-20 812544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Endpoint Security\egui.exe" [2012-07-04 3154464]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker32.exe" [2012-11-07 840624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-2-15 29428904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IO Control.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\IO Control.lnk
backup=c:\windows\pss\IO Control.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
path=c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2009-10-02 22:32 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2009-10-03 03:08 38768 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe [x]
R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 AgilentIOLibrariesService;Agilent IO Libraries Service;c:\program files\Agilent\IO Libraries Suite\AgilentIOLibrariesService.exe [x]
S2 AgtMdnsResponder;Agilent mDNS Responder Service;c:\program files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Security\ekrn.exe [x]
S2 FileOpenManagerService;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerService32.exe [x]
S2 ftpsvc;Služba Microsoft FTP Service;c:\windows\system32\svchost.exe [x]
S2 iprip;Naslouchání RIP;c:\windows\System32\svchost.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x]
S3 AgilentPXIResourceManager;Agilent PXI Resource Manager;c:\program files\Agilent\IO Libraries Suite\AgilentPXIResourceManager.exe [x]
S3 AgPciMem;AgPciMem;c:\program files\Agilent\IO Libraries Suite\AgPciMem.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
ftpsvc REG_MULTI_SZ ftpsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
ipripsvc REG_MULTI_SZ iprip
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 07:05 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-22 19:26]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-22 16:00]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-22 16:00]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.1.10
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-iFunBoxConnector - c:\users\Lukas\Downloads\ifunbox.win\ifb_conn.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-17 20:00:43
ComboFix-quarantined-files.txt 2013-03-17 19:00
.
Před spuštěním: Volných bajtů: 338 786 074 624
Po spuštění: Volných bajtů: 338 702 180 352
.
- - End Of File - - 41415BEF16C815ED95AAF3EC1A140C53
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3566.1723 [GMT 1:00]
Spuštěný z: c:\users\Lukas\Downloads\ComboFix.exe
AV: ESET Endpoint Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: Eset Pesonálny Firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Endpoint Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-17 18:58 . 2013-03-17 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-16 09:37 . 2012-08-21 12:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-03-16 09:36 . 2013-03-16 09:36 -------- d-----w- c:\program files\iPod
2013-03-16 09:36 . 2013-03-16 09:37 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-03-16 09:36 . 2013-03-16 09:37 -------- d-----w- c:\program files\iTunes
2013-03-16 08:54 . 2013-03-17 18:54 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{775F69CC-DA3F-4CA2-888D-5D6B6D8E48E0}\offreg.dll
2013-03-15 07:07 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{775F69CC-DA3F-4CA2-888D-5D6B6D8E48E0}\mpengine.dll
2013-03-09 11:15 . 2013-03-09 11:15 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-03-09 11:15 . 2013-03-09 11:15 -------- d-----w- c:\program files\TrueCrypt
2013-03-08 16:52 . 2013-03-08 16:52 -------- d-----w- c:\program files\yWorks
2013-03-07 17:03 . 2013-03-07 17:03 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-07 17:03 . 2013-03-07 17:03 -------- d-----w- c:\program files\Java
2013-03-07 15:01 . 2013-03-07 15:01 -------- d-----w- c:\programdata\FileOpen
2013-03-07 09:08 . 2013-03-07 09:08 -------- d-----w- c:\program files\FileOpen
2013-03-02 21:59 . 2013-03-02 21:59 -------- d-----w- c:\program files\Marvell
2013-03-01 08:49 . 2013-03-01 08:49 -------- d-----w- c:\program files\ČasPráce
2013-02-28 20:49 . 2013-02-28 20:57 -------- d-----w- c:\program files\Cain
2013-02-28 20:04 . 2013-02-28 20:49 -------- d-----w- c:\program files\WinPcap
2013-02-28 20:04 . 2013-02-28 20:05 -------- d-----w- c:\program files\Wireshark
2013-02-27 13:15 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-24 09:09 . 2004-03-01 21:05 407104 ----a-w- c:\windows\system32\MSHFLXGD.OCX
2013-02-24 09:09 . 2004-02-11 13:37 203976 ----a-w- c:\windows\system32\RICHTX32.OCX
2013-02-24 08:48 . 2013-02-24 08:48 -------- d-----w- c:\program files\MATLAB
2013-02-24 08:43 . 2013-02-24 08:43 -------- d-----w- c:\users\Public\Roaming
2013-02-23 16:42 . 2013-02-23 16:42 -------- d-----w- c:\programdata\Protexis
2013-02-23 16:09 . 2013-02-23 16:09 -------- d-----w- c:\program files\Microsoft SDKs
2013-02-23 16:09 . 2013-02-23 16:09 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2013-02-23 16:08 . 2013-02-23 16:08 -------- d-----w- c:\program files\Common Files\Corel
2013-02-23 16:07 . 2013-02-23 16:07 -------- d-----w- c:\program files\Common Files\Protexis
2013-02-23 16:07 . 2013-02-23 16:07 -------- d-----w- c:\programdata\Corel
2013-02-23 16:04 . 2013-02-23 16:04 -------- d-----w- c:\program files\Corel
2013-02-23 15:25 . 2013-02-23 15:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-02-23 15:04 . 2013-02-23 15:04 -------- d-----w- c:\program files\Adobe Media Player
2013-02-23 15:02 . 2013-02-23 15:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2013-02-23 14:56 . 2013-02-23 14:56 -------- d-----w- c:\program files\MSXML 4.0
2013-02-23 12:38 . 2013-02-23 12:38 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-02-23 12:37 . 2013-02-23 12:37 -------- d-----w- c:\windows\PCHEALTH
2013-02-23 12:37 . 2013-02-23 12:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-02-23 12:35 . 2013-02-23 12:36 -------- d-----w- c:\windows\SHELLNEW
2013-02-23 12:35 . 2013-02-23 12:35 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-02-23 12:35 . 2013-02-23 12:35 -------- d-----r- C:\MSOCache
2013-02-23 08:46 . 2013-02-23 08:46 -------- d-----w- c:\programdata\FLEXnet
2013-02-23 08:36 . 2013-02-23 08:36 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-02-23 08:32 . 2013-02-26 14:29 -------- d-----w- c:\program files\Common Files\Adobe
2013-02-23 08:30 . 2013-02-23 08:30 -------- d-----w- c:\program files\7-Zip
2013-02-23 08:29 . 2013-02-23 08:29 -------- d-----w- c:\program files\Common Files\Java
2013-02-23 08:29 . 2013-03-07 17:03 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-23 08:29 . 2013-03-07 17:03 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-23 08:12 . 2013-02-23 08:12 -------- d-----w- c:\program files\i-Funbox DevTeam
2013-02-23 08:08 . 2013-02-23 08:08 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-02-23 08:06 . 2013-02-23 08:06 -------- d-----w- c:\program files\CCleaner
2013-02-23 07:43 . 2013-02-23 07:43 -------- d-----w- c:\program files\DigiDNA
2013-02-23 07:30 . 2013-02-23 07:30 -------- d-----w- c:\program files\Audacity
2013-02-23 07:22 . 2013-02-23 07:34 -------- d-----w- c:\program files\Agilent
2013-02-23 07:22 . 2013-02-23 07:33 -------- d-----w- c:\program files\Common Files\Agilent
2013-02-23 07:22 . 2013-02-23 07:22 -------- d-----w- c:\programdata\Agilent
2013-02-23 07:20 . 2013-02-23 07:21 -------- d-----w- c:\programdata\IVI Foundation
2013-02-23 07:20 . 2013-02-23 07:21 -------- d-----w- c:\program files\IVI Foundation
2013-02-22 23:02 . 2013-03-16 09:37 -------- dc----w- c:\windows\system32\DRVSTORE
2013-02-22 23:01 . 2013-02-22 23:01 -------- d-----w- c:\programdata\Apple Computer
2013-02-22 23:00 . 2013-02-22 23:00 -------- d-----w- c:\program files\Apple Software Update
2013-02-22 22:59 . 2013-02-22 22:59 -------- d-----w- c:\program files\Bonjour
2013-02-22 22:59 . 2013-03-16 09:36 -------- d-----w- c:\program files\Common Files\Apple
2013-02-22 22:59 . 2013-02-22 23:00 -------- d-----w- c:\programdata\Apple
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\programdata\Mathematica
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Common Files\Wolfram Research
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Extras
2013-02-22 22:48 . 2013-02-22 22:48 -------- d-----w- c:\program files\Common Files\ResearchSoft
2013-02-22 22:42 . 2013-01-24 18:54 360752 ----a-w- c:\windows\system32\mltcpip32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 95536 ----a-w- c:\windows\system32\mltcp32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 88368 ----a-w- c:\windows\system32\mlshm32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 173360 ----a-w- c:\windows\system32\mlmodule32.dll
2013-02-22 22:42 . 2013-01-24 18:54 78128 ----a-w- c:\windows\system32\mlmap32.mlp
2013-02-22 22:42 . 2013-01-24 18:54 369968 ----a-w- c:\windows\system32\ml32i3.dll
2013-02-22 22:42 . 2013-01-24 18:54 258864 ----a-w- c:\windows\system32\ml32i2.dll
2013-02-22 22:42 . 2013-01-24 18:54 252720 ----a-w- c:\windows\system32\ml32i1.dll
2013-02-22 22:40 . 2013-02-22 22:40 -------- d-----w- c:\program files\Wolfram Research
2013-02-22 21:49 . 2013-02-22 21:49 -------- d-----w- c:\program files\Common Files\Lingea Shared
2013-02-22 21:48 . 2013-02-22 21:48 -------- d-----w- c:\program files\Lingea
2013-02-22 21:36 . 2013-02-22 21:36 -------- d-----w- c:\programdata\ATI
2013-02-22 20:09 . 2013-02-23 07:04 -------- d-----w- c:\programdata\Cisco
2013-02-22 20:09 . 2013-03-12 19:26 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-22 20:09 . 2013-03-12 19:26 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-22 20:09 . 2013-02-22 20:09 -------- d-----w- c:\windows\system32\Macromed
2013-02-22 20:05 . 2013-02-22 20:07 -------- d-----w- c:\program files\Cisco Aspire Networking Academy Edition
2013-02-22 20:05 . 2013-02-22 20:05 -------- d-----w- c:\program files\VideoLAN
2013-02-22 20:04 . 2013-02-22 20:04 -------- d-----w- c:\windows\system32\Adobe
2013-02-22 19:55 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-22 19:54 . 2013-02-22 19:55 -------- d-----w- c:\program files\Cisco Packet Tracer 5.3.3
2013-02-22 19:53 . 2013-03-14 23:26 -------- d-----w- c:\program files\DirectVobSub
2013-02-22 19:37 . 2013-02-22 19:37 -------- d-----w- c:\program files\PDF Architect
2013-02-22 19:32 . 2013-02-22 19:32 -------- d-----w- c:\programdata\Ashampoo
2013-02-22 19:32 . 2013-02-22 19:32 -------- d-----w- c:\program files\Ashampoo
2013-02-22 19:28 . 2012-06-01 04:37 154624 ----a-w- c:\windows\system32\iisRtl.dll
2013-02-22 19:28 . 2012-06-01 04:40 10752 ----a-w- c:\windows\system32\wamregps.dll
2013-02-22 19:28 . 2012-06-01 04:37 8192 ----a-w- c:\windows\system32\iisrstap.dll
2013-02-22 19:28 . 2012-06-01 04:35 26624 ----a-w- c:\windows\system32\ahadmin.dll
2013-02-22 19:28 . 2012-06-01 04:35 50688 ----a-w- c:\windows\system32\admwprox.dll
2013-02-22 19:28 . 2012-06-01 04:34 15360 ----a-w- c:\windows\system32\iisreset.exe
2013-02-22 19:28 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2013-02-22 19:28 . 2011-04-28 03:15 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-02-22 19:19 . 2013-02-22 19:19 0 ----a-w- c:\windows\ativpsrm.bin
2013-02-22 19:09 . 2013-02-22 19:36 -------- d-----w- c:\programdata\PDF Architect
2013-02-22 19:06 . 2013-02-22 21:35 -------- d-----w- c:\program files\ATI Technologies
2013-02-22 19:06 . 2013-02-22 19:06 -------- d-----w- c:\program files\ATI
2013-02-22 18:18 . 2013-02-22 18:18 -------- d-----w- c:\users\DefaultAppPool
2013-02-22 17:59 . 2013-02-22 17:59 -------- d-----w- c:\program files\OriginLab
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----w- c:\program files\Common Files\Skype
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----r- c:\program files\Skype
2013-02-22 17:57 . 2013-02-22 17:57 -------- d-----w- c:\programdata\Skype
2013-02-22 17:28 . 2013-02-22 17:28 -------- d-----w- c:\program files\ESET
2013-02-22 17:14 . 2013-02-23 16:11 -------- d-----w- c:\programdata\Microsoft Help
2013-02-22 16:59 . 2013-02-22 16:59 -------- d-----w- c:\program files\Common Files\Deterministic Networks
2013-02-22 16:59 . 2013-02-22 16:59 -------- d-----w- c:\program files\Cisco Systems
2013-02-22 16:56 . 2013-02-22 16:56 -------- d-----w- c:\program files\Elaborate Bytes
2013-02-22 16:43 . 2013-02-22 16:43 -------- d-----w- c:\programdata\Sony Corporation
2013-02-22 16:43 . 2013-02-22 16:43 -------- d-----w- c:\program files\Sony
2013-02-22 16:36 . 2013-02-22 16:36 -------- d-----w- c:\windows\SysWOW64
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- c:\program files\Microsoft Games
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- c:\windows\system32\BestPractices
2013-02-22 16:25 . 2013-02-22 16:25 -------- d-----w- C:\inetpub
2013-02-22 16:00 . 2013-02-23 07:56 -------- d-----w- c:\program files\Google
2013-02-22 15:59 . 2013-02-23 12:37 -------- d-----w- c:\program files\Microsoft.NET
2013-02-22 15:59 . 2013-03-17 16:35 -------- d-sh--w- c:\windows\Installer
2013-02-22 15:55 . 2013-02-22 15:55 -------- d-----w- c:\windows\system32\Wat
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 04:48 . 2013-03-13 06:35 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 06:35 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iFunBoxConnector"="c:\program files\i-Funbox DevTeam\ifb_conn.exe" [2012-11-20 812544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Endpoint Security\egui.exe" [2012-07-04 3154464]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker32.exe" [2012-11-07 840624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-2-15 29428904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IO Control.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\IO Control.lnk
backup=c:\windows\pss\IO Control.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
path=c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2009-10-02 22:32 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2009-10-03 03:08 38768 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe [x]
R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 AgilentIOLibrariesService;Agilent IO Libraries Service;c:\program files\Agilent\IO Libraries Suite\AgilentIOLibrariesService.exe [x]
S2 AgtMdnsResponder;Agilent mDNS Responder Service;c:\program files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Security\ekrn.exe [x]
S2 FileOpenManagerService;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerService32.exe [x]
S2 ftpsvc;Služba Microsoft FTP Service;c:\windows\system32\svchost.exe [x]
S2 iprip;Naslouchání RIP;c:\windows\System32\svchost.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x]
S3 AgilentPXIResourceManager;Agilent PXI Resource Manager;c:\program files\Agilent\IO Libraries Suite\AgilentPXIResourceManager.exe [x]
S3 AgPciMem;AgPciMem;c:\program files\Agilent\IO Libraries Suite\AgPciMem.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
ftpsvc REG_MULTI_SZ ftpsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
ipripsvc REG_MULTI_SZ iprip
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 07:05 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-22 19:26]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-22 16:00]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-22 16:00]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.1.10
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-AdobeBridge - (no file)
MSConfigStartUp-iFunBoxConnector - c:\users\Lukas\Downloads\ifunbox.win\ifb_conn.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-17 20:00:43
ComboFix-quarantined-files.txt 2013-03-17 19:00
.
Před spuštěním: Volných bajtů: 338 786 074 624
Po spuštění: Volných bajtů: 338 702 180 352
.
- - End Of File - - 41415BEF16C815ED95AAF3EC1A140C53
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalené PC,
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalené PC,
ahoj dekuji moc, jsem rad, ze jestvuji jeste pritel v nouzi, uzavreno a promin, ze jsem to nedal na spravne misto.
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalené PC,
Nejde tak o místo, ale o ten ComboFix. Jednak riskujete poškození, nebo pád systému a za druhé berete rádci možnost jiného postupu. Nemáte zač! Změnil se stav?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?