Dobrý den, PC mi zatuhává po startu systému.
Zde jsem vytvořil log. Prosím může mi k tomu někdo napsat jestli nemám v PC nějakej bordel?
Moc děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by vlastRex at 2013-04-29 20:17:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 43 GB (32%) free of 135 GB
Total RAM: 16367 MB (87% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:14, on 29.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\vlastRex.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: Adobe CS6
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc. (IPClampService) - Unknown owner - C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10835 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000438;0000000000000474; /AddRef;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3f0dc04d-226c-4ccb-b2b7-2df3caea4f4e -SystemEventPortName:HostProcess-27c2abcf-36e3-46ec-9bc2-db7d12ae5b2b -IoCancelEventPortName:HostProcess-2c7a9f18-fc4f-49e9-ba16-907cee620437 -NonStateChangingEventPortName:HostProcess-05d981d6-1f9a-49e9-92e6-f602a0b07766 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cb3e2bb6-684f-4406-88d1-479127549563 -DeviceGroupId:WpdFsGroup
/QuitInfo:0000000000000978;0000000000000964; /AddRef;
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2024
/QuitInfo:0000000000000960;0000000000000980;
/loadhooks /Parent:0000000000000A8C
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
RPMDaemon.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3536.0.339899291\83037580" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="3536.1.1311553846\2039947635" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="3536.3.742528152\457926961" /prefetch:3
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3536.5.1835913353\1393699730" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\vlastRex\Desktop\temp_smazat\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default
prefs.js - "browser.startup.homepage" - "http://www.grafika.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-24 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACSW14EN]
C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe [2011-11-17 1231472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RPMKickstart]
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\3dsmax.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\des2.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ltu.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\m3gplayer.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\maxfind.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vrayspawner2012.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\AdobeCS6\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2013-04-29 20:17:05 ----D---- C:\rsit
2013-04-29 20:17:05 ----D---- C:\Program Files\trend micro
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\uqiqc.txt
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\drivers\qoxoy.sys
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\fhhgra.txt
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\drivers\nrfe.sys
2013-04-29 19:59:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-04-24 08:19:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-22 09:04:01 ----D---- C:\Users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 17:48:37 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_usbdev.sys
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 17:48:31 ----D---- C:\Program Files (x86)\Handset WinDriver
2013-04-12 07:46:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 17:47:31 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvoglv64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvinitx.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvhdap64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcompiler.dll
2013-04-10 12:29:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-10 12:29:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-10 12:29:19 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-10 12:29:18 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-10 12:29:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-10 12:29:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-10 12:29:18 ----A---- C:\Windows\system32\url.dll
2013-04-10 12:29:18 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-10 12:29:18 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 12:29:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-10 12:29:17 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 12:29:17 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 12:29:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-10 12:29:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-10 12:29:16 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 12:29:16 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 12:29:16 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 12:29:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-10 12:29:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-10 12:29:15 ----A---- C:\Windows\system32\vbscript.dll
2013-04-10 12:29:15 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 12:29:15 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 12:29:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-10 12:29:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-10 12:29:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-10 12:29:11 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 12:29:09 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 12:29:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-10 08:12:46 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 08:12:44 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 08:12:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 08:12:37 ----A---- C:\Windows\system32\smss.exe
2013-04-10 08:12:36 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 08:12:36 ----A---- C:\Windows\system32\csrsrv.dll
======List of files/folders modified in the last 1 month======
2013-04-29 20:17:14 ----D---- C:\Windows\Temp
2013-04-29 20:17:14 ----D---- C:\Windows\Prefetch
2013-04-29 20:17:05 ----RD---- C:\Program Files
2013-04-29 20:09:49 ----D---- C:\Windows\system32\catroot2
2013-04-29 20:08:12 ----D---- C:\ProgramData\NVIDIA
2013-04-29 20:07:00 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-29 20:07:00 ----D---- C:\Windows\SysWOW64
2013-04-29 19:59:34 ----D---- C:\Windows
2013-04-29 19:59:29 ----D---- C:\Windows\System32
2013-04-29 19:58:37 ----D---- C:\Windows\system32\config
2013-04-29 19:58:13 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-29 19:52:27 ----D---- C:\Windows\SoftwareDistribution
2013-04-29 19:50:20 ----D---- C:\Windows\inf
2013-04-29 19:36:05 ----D---- C:\Users\vlastRex\AppData\Roaming\Skype
2013-04-29 16:31:52 ----D---- C:\Windows\system32\drivers\etc
2013-04-29 08:46:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-28 12:28:09 ----SD---- C:\Users\vlastRex\AppData\Roaming\Microsoft
2013-04-25 07:10:09 ----D---- C:\Windows\winsxs
2013-04-25 07:09:10 ----D---- C:\Windows\system32\drivers
2013-04-24 14:50:08 ----SHD---- C:\System Volume Information
2013-04-24 08:31:38 ----D---- C:\Windows\system32\wdi
2013-04-24 08:18:15 ----D---- C:\Windows\system32\catroot
2013-04-17 10:48:36 ----D---- C:\Windows\debug
2013-04-17 09:52:22 ----D---- C:\ProgramData\Adobe
2013-04-17 09:52:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-15 12:54:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-13 09:06:37 ----RD---- C:\Program Files (x86)
2013-04-12 18:06:00 ----D---- C:\Windows\system32\Tasks
2013-04-12 17:54:17 ----D---- C:\Windows\system32\drivers\UMDF
2013-04-12 17:48:37 ----D---- C:\Windows\system32\DriverStore
2013-04-11 17:47:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-11 17:47:34 ----SHD---- C:\Windows\Installer
2013-04-11 17:47:34 ----SHD---- C:\Config.Msi
2013-04-11 17:46:15 ----D---- C:\temp
2013-04-10 13:11:44 ----D---- C:\Windows\SYSWOW64\migration
2013-04-10 13:11:44 ----D---- C:\Windows\system32\migration
2013-04-10 13:11:44 ----D---- C:\Program Files\Internet Explorer
2013-04-10 13:11:44 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-10 12:30:34 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 12:29:56 ----D---- C:\ProgramData\Microsoft Help
2013-04-10 12:26:31 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-08 08:13:36 ----D---- C:\ProgramData\Skype
2013-04-08 08:13:34 ----RD---- C:\Program Files (x86)\Skype
2013-04-08 08:13:34 ----D---- C:\Program Files (x86)\Common Files
2013-04-05 18:46:47 ----A---- C:\Windows\win.ini
2013-04-03 08:12:17 ----D---- C:\Program Files\Common Files\Adobe
2013-03-31 13:32:14 ----D---- C:\Program Files (x86)\JDownloader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-29 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-26 3039592]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S0 czsxxjmv;czsxxjmv; C:\Windows\system32\drivers\qoxoy.sys []
S0 ibsscnqq;ibsscnqq; C:\Windows\system32\drivers\nrfe.sys []
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\system32\ []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-12-22 25640]
S3 fdrawcmd;Low-level Floppy Driver; \??\C:\Windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-12 655624]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-17 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
S4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim 
Mate to zavsivene
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Mate to zavsivene
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Děkuji mám malá zpoždění 
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Kontrola -- Datum : 04/30/2013 15:33:26
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3320418AS ATA Device +++++
--- User ---
[MBR] a33e9bc1eb07cc349424c23fb5b7ede3
[BSP] 209669574f186e18d72a40ac7df694a0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 135000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 276686848 | Size: 170143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
--- User ---
[MBR] a2c1272fc7c16eb95c6c865f8f06c040
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8064 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: StoreJet Transcend USB Device +++++
--- User ---
[MBR] ba8219fb848e7d72b8089bc2ccfa9b46
[BSP] 2a6a812678be08e5e4985f89a13991c2 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_04302013_02d1533.txt >>
RKreport[1]_S_04302013_02d1533.txt
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Kontrola -- Datum : 04/30/2013 15:33:26
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3320418AS ATA Device +++++
--- User ---
[MBR] a33e9bc1eb07cc349424c23fb5b7ede3
[BSP] 209669574f186e18d72a40ac7df694a0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 135000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 276686848 | Size: 170143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
--- User ---
[MBR] a2c1272fc7c16eb95c6c865f8f06c040
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8064 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: StoreJet Transcend USB Device +++++
--- User ---
[MBR] ba8219fb848e7d72b8089bc2ccfa9b46
[BSP] 2a6a812678be08e5e4985f89a13991c2 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_04302013_02d1533.txt >>
RKreport[1]_S_04302013_02d1533.txt
Re: Kontrola logu
Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Opět moc děkuji. 
Zde je první log:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Odebrat -- Datum : 05/01/2013 13:25:14
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3320418AS ATA Device +++++
--- User ---
[MBR] a33e9bc1eb07cc349424c23fb5b7ede3
[BSP] 209669574f186e18d72a40ac7df694a0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 135000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 276686848 | Size: 170143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
--- User ---
[MBR] a2c1272fc7c16eb95c6c865f8f06c040
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8064 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: StoreJet Transcend USB Device +++++
--- User ---
[MBR] ba8219fb848e7d72b8089bc2ccfa9b46
[BSP] 2a6a812678be08e5e4985f89a13991c2 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[3]_D_05012013_02d1325.txt >>
RKreport[1]_S_05012013_02d1323.txt ; RKreport[2]_D_05012013_02d1324.txt ; RKreport[3]_D_05012013_02d1325.txt
A TADY JE DRUHÝ LOG:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/01/2013 13:27:24
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[5]_H_05012013_02d1327.txt >>
RKreport[1]_S_05012013_02d1323.txt ; RKreport[2]_D_05012013_02d1324.txt ; RKreport[3]_D_05012013_02d1325.txt ; RKreport[4]_H_05012013_02d1327.txt ; RKreport[5]_H_05012013_02d1327.txt
MOC DĚKUJI
Zde je první log:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Odebrat -- Datum : 05/01/2013 13:25:14
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3320418AS ATA Device +++++
--- User ---
[MBR] a33e9bc1eb07cc349424c23fb5b7ede3
[BSP] 209669574f186e18d72a40ac7df694a0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 135000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 276686848 | Size: 170143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
--- User ---
[MBR] a2c1272fc7c16eb95c6c865f8f06c040
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 8064 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: StoreJet Transcend USB Device +++++
--- User ---
[MBR] ba8219fb848e7d72b8089bc2ccfa9b46
[BSP] 2a6a812678be08e5e4985f89a13991c2 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[3]_D_05012013_02d1325.txt >>
RKreport[1]_S_05012013_02d1323.txt ; RKreport[2]_D_05012013_02d1324.txt ; RKreport[3]_D_05012013_02d1325.txt
A TADY JE DRUHÝ LOG:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : vlastRex [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/01/2013 13:27:24
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[5]_H_05012013_02d1327.txt >>
RKreport[1]_S_05012013_02d1323.txt ; RKreport[2]_D_05012013_02d1324.txt ; RKreport[3]_D_05012013_02d1325.txt ; RKreport[4]_H_05012013_02d1327.txt ; RKreport[5]_H_05012013_02d1327.txt
MOC DĚKUJI
Re: Kontrola logu
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Děkuji za pomoc, PC se ani nechtělo restartovat 
Zde je Log:
ComboFix 13-05-01.03 - vlastRex 01.05.2013 15:44:02.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16367.14233 [GMT 2:00]
Spuštěný z: c:\users\vlastRex\Desktop\DEKEKEL-PC\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\fabric.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Nature.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Plastic Orange Glossy by Amleto.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Vray_materials.mat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\drivers\hosts
c:\windows\wininit.ini
L:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-01 do 2013-05-01 )))))))))))))))))))))))))))))))
.
.
2013-05-01 13:50 . 2013-05-01 13:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-01 13:50 . 2013-05-01 13:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-30 12:46 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3382A68-E6D5-42C7-810C-3BDED8B504F6}\mpengine.dll
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- C:\rsit
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- c:\program files\trend micro
2013-04-29 18:07 . 2013-04-29 18:07 61440 ----a-w- c:\windows\SysWow64\drivers\qoxoy.sys
2013-04-29 18:04 . 2013-04-29 18:04 61440 ----a-w- c:\windows\SysWow64\drivers\nrfe.sys
2013-04-24 06:19 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 07:09 . 2013-04-29 06:53 -------- d-----r- c:\users\vlastRex\Dropbox
2013-04-22 07:04 . 2013-04-29 16:44 -------- d-----w- c:\users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 15:48 . 2011-10-24 04:04 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 15:48 . 2011-10-24 03:51 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2013-04-12 15:48 . 2010-02-18 23:00 708168 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1533512 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 15:48 . 2013-04-12 15:48 -------- d-----w- c:\program files (x86)\Handset WinDriver
2013-04-11 15:47 . 2013-04-11 15:47 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-04-10 06:12 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 06:12 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 06:12 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 06:12 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 06:12 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 06:12 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 06:13 . 2013-04-08 06:13 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 13:25 . 2012-04-12 17:07 25640 ----a-w- c:\windows\gdrv.sys
2013-04-17 07:52 . 2012-04-24 16:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-17 07:52 . 2012-04-24 16:12 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-10 10:30 . 2012-04-05 19:06 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-04-05 17:34 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-04-05 17:34 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2012-04-05 17:34 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-02-09 20:43 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2012-02-09 20:43 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2012-04-05 17:36 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-04-05 17:36 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-04-05 17:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-04-05 17:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-04-05 17:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-04-05 17:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-11-16 08:31 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-11 23:10 . 2012-04-05 18:23 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-25 22:32 . 2012-04-05 17:35 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 07:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 07:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 07:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 07:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 18:10 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 15:30 . 2013-02-06 10:14 52306 ----a-w- c:\windows\FdUninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2012-4-9 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
.
R0 czsxxjmv;czsxxjmv;c:\windows\system32\drivers\qoxoy.sys [x]
R0 ibsscnqq;ibsscnqq;c:\windows\system32\drivers\nrfe.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-12-22 25640]
R3 fdrawcmd;Low-level Floppy Driver;c:\windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
R4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 10:50 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 07:52]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 14:24]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 14:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-04 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MLPTDR_Q]
"ImagePath"="\??\c:\windows\system32\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DCX\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FPX\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.12"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WBMP\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-01 15:52:19
ComboFix-quarantined-files.txt 2013-05-01 13:52
.
Před spuštěním: Volných bajtů: 43 874 156 544
Po spuštění: Volných bajtů: 43 724 361 728
.
- - End Of File - - 4C4FB2A2DB5868759D4D41E9C962DE46
Zde je Log:
ComboFix 13-05-01.03 - vlastRex 01.05.2013 15:44:02.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16367.14233 [GMT 2:00]
Spuštěný z: c:\users\vlastRex\Desktop\DEKEKEL-PC\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\fabric.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Nature.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Plastic Orange Glossy by Amleto.mat
c:\users\vlastRex\AppData\Roaming\Microsoft\Windows\Recent\Vray_materials.mat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\drivers\hosts
c:\windows\wininit.ini
L:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-01 do 2013-05-01 )))))))))))))))))))))))))))))))
.
.
2013-05-01 13:50 . 2013-05-01 13:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-01 13:50 . 2013-05-01 13:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-30 12:46 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3382A68-E6D5-42C7-810C-3BDED8B504F6}\mpengine.dll
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- C:\rsit
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- c:\program files\trend micro
2013-04-29 18:07 . 2013-04-29 18:07 61440 ----a-w- c:\windows\SysWow64\drivers\qoxoy.sys
2013-04-29 18:04 . 2013-04-29 18:04 61440 ----a-w- c:\windows\SysWow64\drivers\nrfe.sys
2013-04-24 06:19 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 07:09 . 2013-04-29 06:53 -------- d-----r- c:\users\vlastRex\Dropbox
2013-04-22 07:04 . 2013-04-29 16:44 -------- d-----w- c:\users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 15:48 . 2011-10-24 04:04 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 15:48 . 2011-10-24 03:51 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2013-04-12 15:48 . 2010-02-18 23:00 708168 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1533512 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 15:48 . 2013-04-12 15:48 -------- d-----w- c:\program files (x86)\Handset WinDriver
2013-04-11 15:47 . 2013-04-11 15:47 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-04-10 06:12 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 06:12 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 06:12 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 06:12 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 06:12 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 06:12 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 06:13 . 2013-04-08 06:13 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 13:25 . 2012-04-12 17:07 25640 ----a-w- c:\windows\gdrv.sys
2013-04-17 07:52 . 2012-04-24 16:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-17 07:52 . 2012-04-24 16:12 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-10 10:30 . 2012-04-05 19:06 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-04-05 17:34 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-04-05 17:34 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2012-04-05 17:34 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-02-09 20:43 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2012-02-09 20:43 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2012-04-05 17:36 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-04-05 17:36 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-04-05 17:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-04-05 17:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-04-05 17:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-04-05 17:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-11-16 08:31 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-11 23:10 . 2012-04-05 18:23 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-25 22:32 . 2012-04-05 17:35 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 07:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 07:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 07:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 07:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 18:10 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 15:30 . 2013-02-06 10:14 52306 ----a-w- c:\windows\FdUninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2012-4-9 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
.
R0 czsxxjmv;czsxxjmv;c:\windows\system32\drivers\qoxoy.sys [x]
R0 ibsscnqq;ibsscnqq;c:\windows\system32\drivers\nrfe.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-12-22 25640]
R3 fdrawcmd;Low-level Floppy Driver;c:\windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
R4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 10:50 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 07:52]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 14:24]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 14:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-04 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MLPTDR_Q]
"ImagePath"="\??\c:\windows\system32\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DCX\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FPX\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.12"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WBMP\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-01 15:52:19
ComboFix-quarantined-files.txt 2013-05-01 13:52
.
Před spuštěním: Volných bajtů: 43 874 156 544
Po spuštění: Volných bajtů: 43 724 361 728
.
- - End Of File - - 4C4FB2A2DB5868759D4D41E9C962DE46
Re: Kontrola logu
No jo, nekdo zase necetl navod. V nem se psalo, cervene, ze se ma vypnout Antivir. Podle logu ale vesele bezel. Achjo.
Chvili potrva, nez sepisu opravny skript.
Chvili potrva, nez sepisu opravny skript.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Presunte ComboFix na plochu. Musi tam byt! Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\drivers\qoxoy.sys
c:\windows\system32\drivers\nrfe.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"=-
"Acrobat Assistant 8.0"=-
"AdobeCS5ServiceManager"=-
"GrooveMonitor"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"QuickTime Task"=-
"<NO NAME>"=-
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Driver::
czsxxjmv
ibsscnqq
SkypeUpdate
SwitchBoard
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Děkuji, vše jsem udělal dle instrukcí 
ComboFix 13-05-01.03 - vlastRex 01.05.2013 20:20:44.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16367.14420 [GMT 2:00]
Spuštěný z: c:\users\vlastRex\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\vlastRex\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\drivers\nrfe.sys"
"c:\windows\system32\drivers\qoxoy.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_czsxxjmv
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ibsscnqq
-------\Service_SkypeUpdate
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-01 do 2013-05-01 )))))))))))))))))))))))))))))))
.
.
2013-05-01 18:27 . 2013-05-01 18:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-30 12:46 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3382A68-E6D5-42C7-810C-3BDED8B504F6}\mpengine.dll
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- C:\rsit
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- c:\program files\trend micro
2013-04-29 18:07 . 2013-04-29 18:07 61440 ----a-w- c:\windows\SysWow64\drivers\qoxoy.sys
2013-04-29 18:04 . 2013-04-29 18:04 61440 ----a-w- c:\windows\SysWow64\drivers\nrfe.sys
2013-04-24 06:19 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 07:09 . 2013-04-29 06:53 -------- d-----r- c:\users\vlastRex\Dropbox
2013-04-22 07:04 . 2013-04-29 16:44 -------- d-----w- c:\users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 15:48 . 2011-10-24 04:04 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 15:48 . 2011-10-24 03:51 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2013-04-12 15:48 . 2010-02-18 23:00 708168 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1533512 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 15:48 . 2013-04-12 15:48 -------- d-----w- c:\program files (x86)\Handset WinDriver
2013-04-11 15:47 . 2013-04-11 15:47 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-04-10 06:12 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 06:12 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 06:12 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 06:12 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 06:12 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 06:12 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 06:13 . 2013-04-08 06:13 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 18:43 . 2012-04-12 17:07 25640 ----a-w- c:\windows\gdrv.sys
2013-04-17 07:52 . 2012-04-24 16:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-17 07:52 . 2012-04-24 16:12 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-10 10:30 . 2012-04-05 19:06 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-04-05 17:34 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-04-05 17:34 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2012-04-05 17:34 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-02-09 20:43 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2012-02-09 20:43 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2012-04-05 17:36 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-04-05 17:36 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-04-05 17:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-04-05 17:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-04-05 17:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-04-05 17:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-11-16 08:31 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-11 23:10 . 2012-04-05 18:23 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-25 22:32 . 2012-04-05 17:35 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 07:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 07:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 07:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 07:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 18:10 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 15:30 . 2013-02-06 10:14 52306 ----a-w- c:\windows\FdUninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2012-4-9 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-12-22 25640]
R3 fdrawcmd;Low-level Floppy Driver;c:\windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
R4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
S2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 10:50 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-04 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MLPTDR_Q]
"ImagePath"="\??\c:\windows\system32\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DCX\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FPX\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.12"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WBMP\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
.
**************************************************************************
.
Celkový čas: 2013-05-01 20:46:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-01 18:46
ComboFix2.txt 2013-05-01 13:52
.
Před spuštěním: Volných bajtů: 43 754 778 624
Po spuštění: Volných bajtů: 43 267 911 680
.
- - End Of File - - 95C4AEA9E6A8F45BEF7A3BEA6ECDC54C
ComboFix 13-05-01.03 - vlastRex 01.05.2013 20:20:44.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16367.14420 [GMT 2:00]
Spuštěný z: c:\users\vlastRex\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\vlastRex\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\drivers\nrfe.sys"
"c:\windows\system32\drivers\qoxoy.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_czsxxjmv
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ibsscnqq
-------\Service_SkypeUpdate
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-01 do 2013-05-01 )))))))))))))))))))))))))))))))
.
.
2013-05-01 18:27 . 2013-05-01 18:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-30 12:46 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3382A68-E6D5-42C7-810C-3BDED8B504F6}\mpengine.dll
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- C:\rsit
2013-04-29 18:17 . 2013-04-29 18:17 -------- d-----w- c:\program files\trend micro
2013-04-29 18:07 . 2013-04-29 18:07 61440 ----a-w- c:\windows\SysWow64\drivers\qoxoy.sys
2013-04-29 18:04 . 2013-04-29 18:04 61440 ----a-w- c:\windows\SysWow64\drivers\nrfe.sys
2013-04-24 06:19 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-22 07:09 . 2013-04-29 06:53 -------- d-----r- c:\users\vlastRex\Dropbox
2013-04-22 07:04 . 2013-04-29 16:44 -------- d-----w- c:\users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 15:48 . 2011-10-24 04:04 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 15:48 . 2011-10-24 03:51 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2013-04-12 15:48 . 2010-02-18 23:00 708168 ----a-w- c:\windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 15:48 . 2010-02-18 23:00 1533512 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 15:48 . 2013-04-12 15:48 -------- d-----w- c:\program files (x86)\Handset WinDriver
2013-04-11 15:47 . 2013-04-11 15:47 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-04-10 06:12 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 06:12 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 06:12 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 06:12 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 06:12 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 06:12 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 06:12 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 06:13 . 2013-04-08 06:13 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-01 18:43 . 2012-04-12 17:07 25640 ----a-w- c:\windows\gdrv.sys
2013-04-17 07:52 . 2012-04-24 16:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-17 07:52 . 2012-04-24 16:12 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-10 10:30 . 2012-04-05 19:06 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-15 05:53 . 2012-10-10 20:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-04-05 17:34 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-04-05 17:34 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2012-04-05 17:34 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-02-09 20:43 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2012-02-09 20:43 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2012-04-05 17:36 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2012-04-05 17:36 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2012-04-05 17:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2012-04-05 17:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2012-04-05 17:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2012-04-05 17:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2012-11-16 08:31 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-11 23:10 . 2012-04-05 18:23 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-25 22:32 . 2012-04-05 17:35 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 07:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 07:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 07:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 07:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 18:10 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 15:30 . 2013-02-06 10:14 52306 ----a-w- c:\windows\FdUninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2012-4-9 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-12-22 25640]
R3 fdrawcmd;Low-level Floppy Driver;c:\windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
R4 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
R4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
S2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 10:50 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-04 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\vlastRex\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MLPTDR_Q]
"ImagePath"="\??\c:\windows\system32\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DCX\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FPX\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.12"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WBMP\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-2566285128-2321358749-1607184772-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-2566285128-2321358749-1607184772-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
.
**************************************************************************
.
Celkový čas: 2013-05-01 20:46:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-01 18:46
ComboFix2.txt 2013-05-01 13:52
.
Před spuštěním: Volných bajtů: 43 754 778 624
Po spuštění: Volných bajtů: 43 267 911 680
.
- - End Of File - - 95C4AEA9E6A8F45BEF7A3BEA6ECDC54C
Re: Kontrola logu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
# AdwCleaner v2.300 - Log vytvooen 02/05/2013 v 10:01:35
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : vlastRex - VLASTREX_PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\vlastRex\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\vlastRex\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [5155 octets] - [29/04/2013 21:17:07]
AdwCleaner[R2].txt - [1105 octets] - [29/04/2013 21:21:38]
AdwCleaner[R3].txt - [1165 octets] - [29/04/2013 21:24:29]
AdwCleaner[R4].txt - [1469 octets] - [01/05/2013 13:55:20]
AdwCleaner[R5].txt - [1518 octets] - [02/05/2013 08:29:34]
AdwCleaner[R6].txt - [1578 octets] - [02/05/2013 10:00:36]
AdwCleaner[R7].txt - [1638 octets] - [02/05/2013 10:01:28]
AdwCleaner[S1].txt - [4042 octets] - [29/04/2013 21:18:27]
AdwCleaner[S2].txt - [1567 octets] - [02/05/2013 10:01:35]
########## EOF - C:\AdwCleaner[S2].txt - [1627 octets] ##########
MBAM KONTROLA LOG:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.02.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
vlastRex :: VLASTREX_PC [administrátor]
Ochrana: Povolena
2.5.2013 8:37:49
MBAM-log-2013-05-02 (09-51-07).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 624966
Uplynulý čas: 1 hodin, 9 minut, 46 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 18
C:\Program Files\AdobeCS6\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Bridge CS6 (64 Bit)\AMTLib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Premiere Pro CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe SpeedGrade CS6\bin\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexide.amt_4.6.1.335153\os\win32\x86\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
(konec)
MOC DĚKUJI
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : vlastRex - VLASTREX_PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\vlastRex\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\vlastRex\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [5155 octets] - [29/04/2013 21:17:07]
AdwCleaner[R2].txt - [1105 octets] - [29/04/2013 21:21:38]
AdwCleaner[R3].txt - [1165 octets] - [29/04/2013 21:24:29]
AdwCleaner[R4].txt - [1469 octets] - [01/05/2013 13:55:20]
AdwCleaner[R5].txt - [1518 octets] - [02/05/2013 08:29:34]
AdwCleaner[R6].txt - [1578 octets] - [02/05/2013 10:00:36]
AdwCleaner[R7].txt - [1638 octets] - [02/05/2013 10:01:28]
AdwCleaner[S1].txt - [4042 octets] - [29/04/2013 21:18:27]
AdwCleaner[S2].txt - [1567 octets] - [02/05/2013 10:01:35]
########## EOF - C:\AdwCleaner[S2].txt - [1627 octets] ##########
MBAM KONTROLA LOG:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.02.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
vlastRex :: VLASTREX_PC [administrátor]
Ochrana: Povolena
2.5.2013 8:37:49
MBAM-log-2013-05-02 (09-51-07).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 624966
Uplynulý čas: 1 hodin, 9 minut, 46 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 18
C:\Program Files\AdobeCS6\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Bridge CS6 (64 Bit)\AMTLib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe Premiere Pro CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\AdobeCS6\Adobe SpeedGrade CS6\bin\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Bridge CS6\AMTLib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Flash Builder 4.6\eclipse\plugins\com.adobe.flexide.amt_4.6.1.335153\os\win32\x86\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AdobeCS6\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
(konec)
MOC DĚKUJI
Re: Kontrola logu
Vsechny nlezy MBAM nechte odstranit. Pokud vse probehne bez potizi, MBAM zase odinstalujte. Pak dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola logu
Logfile of random's system information tool 1.09 (written by random/random)
Run by vlastRex at 2013-05-02 13:09:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (27%) free of 135 GB
Total RAM: 16367 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:09:16, on 2.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\vlastRex.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc. (IPClampService) - Unknown owner - C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10315 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000454;000000000000046C; /AddRef;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8b645502-3fb9-4997-8deb-626859245433 -SystemEventPortName:HostProcess-75de99e8-a711-473a-8ac0-ae7aa8c9413e -IoCancelEventPortName:HostProcess-a0da479f-a836-4c81-9a06-baa3bef0d24c -NonStateChangingEventPortName:HostProcess-a8f6a2c1-3a5e-493e-806d-4fd4de1bce3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a469d1fb-bb36-4578-8030-275c27155271 -DeviceGroupId:WpdFsGroup
/QuitInfo:000000000000096C;0000000000000980; /AddRef;
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2028
/QuitInfo:000000000000097C;000000000000098C;
/loadhooks /Parent:0000000000000BC8
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
RPMDaemon.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files\AdobeCS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "D:\_data\_sc_design\_prezentace\Brozury\Brochure_mockup_A4_closeup.psd"
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2948.185f0900.1126792651 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 2948 "\\.\pipe\gecko-crash-server-pipe.2948" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --proxy-stub-channel=Flash572.60C31D90.26555 --host-broker-channel=Flash572.60C31D90.16395 --host-pid=572 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --channel=4980.0035F7D4.1722149852 --proxy-stub-channel=Flash572.60C31D90.26555 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Java\jre6\bin\javaw.exe" -Xmx512m -jar "C:\Program Files (x86)\JDownloader\JDownloader.jar"
"C:\Program Files\AdobeCS6\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2912.0.1280101135\1447820698" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.1.1364876754\1905300938" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.2.635882153\2120470654" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.3.767142767\1812037983" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.4.877005536\1958602615" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.5.533163207\799127966" /prefetch:3
"C:\Users\vlastRex\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default
prefs.js - "browser.startup.homepage" - "http://www.grafika.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-24 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACSW14EN]
C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe [2011-11-17 1231472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RPMKickstart]
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-05-02 10:52:01 ----D---- C:\adobeTemp
2013-05-02 10:01:35 ----A---- C:\AdwCleaner[S2].txt
2013-05-02 10:01:28 ----A---- C:\AdwCleaner[R7].txt
2013-05-02 10:00:36 ----A---- C:\AdwCleaner[R6].txt
2013-05-02 08:35:22 ----D---- C:\Users\vlastRex\AppData\Roaming\Malwarebytes
2013-05-02 08:35:19 ----D---- C:\ProgramData\Malwarebytes
2013-05-02 08:29:34 ----A---- C:\AdwCleaner[R5].txt
2013-05-01 20:46:11 ----A---- C:\ComboFix.txt
2013-05-01 20:43:38 ----SHD---- C:\$RECYCLE.BIN
2013-05-01 15:42:54 ----A---- C:\Windows\zip.exe
2013-05-01 15:42:54 ----A---- C:\Windows\SWSC.exe
2013-05-01 15:42:54 ----A---- C:\Windows\SWREG.exe
2013-05-01 15:42:54 ----A---- C:\Windows\sed.exe
2013-05-01 15:42:54 ----A---- C:\Windows\PEV.exe
2013-05-01 15:42:54 ----A---- C:\Windows\NIRCMD.exe
2013-05-01 15:42:54 ----A---- C:\Windows\MBR.exe
2013-05-01 15:42:54 ----A---- C:\Windows\grep.exe
2013-05-01 15:42:29 ----D---- C:\Qoobox
2013-05-01 15:42:16 ----D---- C:\Windows\erdnt
2013-05-01 13:55:20 ----A---- C:\AdwCleaner[R4].txt
2013-04-30 08:48:52 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-04-30 08:05:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-30 08:05:30 ----A---- C:\Windows\system32\elshyph.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\wininet.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\webcheck.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\urlmon.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\url.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-30 08:05:28 ----A---- C:\Windows\system32\msrating.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\msls31.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\inseng.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iesetup.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iertutil.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iernonce.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-30 08:05:28 ----A---- C:\Windows\system32\icardie.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\wextract.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\vbscript.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\occache.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshtml.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshta.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\jscript9.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\jscript.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\imgutil.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iexpress.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieui.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iepeers.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieframe.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-29 21:24:29 ----A---- C:\AdwCleaner[R3].txt
2013-04-29 21:21:38 ----A---- C:\AdwCleaner[R2].txt
2013-04-29 21:18:27 ----A---- C:\AdwCleaner[S1].txt
2013-04-29 21:17:07 ----A---- C:\AdwCleaner[R1].txt
2013-04-29 20:17:05 ----D---- C:\rsit
2013-04-29 20:17:05 ----D---- C:\Program Files\trend micro
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\uqiqc.txt
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\drivers\qoxoy.sys
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\fhhgra.txt
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\drivers\nrfe.sys
2013-04-24 08:19:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-22 09:04:01 ----D---- C:\Users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 17:48:37 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_usbdev.sys
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 17:48:31 ----D---- C:\Program Files (x86)\Handset WinDriver
2013-04-12 07:46:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 17:47:31 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvoglv64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvinitx.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvhdap64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcompiler.dll
2013-04-10 08:12:46 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 08:12:44 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 08:12:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 08:12:37 ----A---- C:\Windows\system32\smss.exe
2013-04-10 08:12:36 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 08:12:36 ----A---- C:\Windows\system32\csrsrv.dll
======List of files/folders modified in the last 1 month======
2013-05-02 13:09:10 ----D---- C:\Windows\Temp
2013-05-02 12:56:30 ----D---- C:\Users\vlastRex\AppData\Roaming\Skype
2013-05-02 12:39:04 ----D---- C:\Windows\system32\config
2013-05-02 11:49:27 ----D---- C:\ProgramData\NVIDIA
2013-05-02 11:49:23 ----RD---- C:\Program Files (x86)
2013-05-02 11:37:32 ----D---- C:\Windows\system32\drivers
2013-05-02 11:35:22 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-05-02 10:52:25 ----SHD---- C:\Windows\Installer
2013-05-02 10:52:25 ----D---- C:\Program Files (x86)\Adobe
2013-05-02 10:52:25 ----D---- C:\Config.Msi
2013-05-02 10:45:57 ----D---- C:\Windows\system32\Tasks
2013-05-02 08:35:19 ----D---- C:\ProgramData
2013-05-01 20:44:55 ----D---- C:\Windows\system32\wdi
2013-05-01 20:43:26 ----D---- C:\Windows
2013-05-01 20:43:26 ----A---- C:\Windows\system.ini
2013-05-01 20:43:24 ----D---- C:\Windows\system32\drivers\etc
2013-05-01 20:27:04 ----D---- C:\Windows\Tasks
2013-05-01 20:25:40 ----D---- C:\Windows\SYSWOW64\drivers
2013-05-01 20:25:40 ----D---- C:\Windows\SysWOW64
2013-05-01 20:25:40 ----D---- C:\Windows\AppPatch
2013-05-01 20:25:40 ----D---- C:\Program Files (x86)\Common Files
2013-05-01 15:42:28 ----D---- C:\Windows\Prefetch
2013-05-01 13:50:37 ----D---- C:\Windows\system32\catroot2
2013-05-01 12:35:52 ----D---- C:\Windows\system32\NDF
2013-04-30 15:53:28 ----RSD---- C:\Windows\Fonts
2013-04-30 13:40:11 ----D---- C:\Windows\inf
2013-04-30 12:23:01 ----D---- C:\Windows\rescache
2013-04-30 08:49:46 ----D---- C:\Windows\winsxs
2013-04-30 08:49:08 ----D---- C:\Windows\Panther
2013-04-30 08:48:52 ----D---- C:\Windows\System32
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\migration
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-30 08:47:47 ----D---- C:\Windows\system32\cs-CZ
2013-04-30 08:47:47 ----D---- C:\Program Files\Internet Explorer
2013-04-30 08:47:47 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-30 08:47:46 ----D---- C:\Windows\system32\migration
2013-04-30 08:47:46 ----D---- C:\Windows\system32\en-US
2013-04-30 08:47:46 ----D---- C:\Windows\PolicyDefinitions
2013-04-30 08:08:51 ----D---- C:\Windows\Logs
2013-04-30 08:08:29 ----D---- C:\Windows\system32\catroot
2013-04-30 08:03:32 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-29 21:24:07 ----D---- C:\Windows\SoftwareDistribution
2013-04-29 20:17:05 ----RD---- C:\Program Files
2013-04-29 08:46:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-28 12:28:09 ----SD---- C:\Users\vlastRex\AppData\Roaming\Microsoft
2013-04-24 14:50:08 ----SHD---- C:\System Volume Information
2013-04-17 10:48:36 ----D---- C:\Windows\debug
2013-04-17 09:52:22 ----D---- C:\ProgramData\Adobe
2013-04-17 09:52:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-15 12:54:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-12 17:54:17 ----D---- C:\Windows\system32\drivers\UMDF
2013-04-12 17:48:37 ----D---- C:\Windows\system32\DriverStore
2013-04-11 17:47:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-11 17:46:15 ----D---- C:\temp
2013-04-10 12:30:34 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 12:29:56 ----D---- C:\ProgramData\Microsoft Help
2013-04-10 12:26:31 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-08 08:13:36 ----D---- C:\ProgramData\Skype
2013-04-08 08:13:34 ----RD---- C:\Program Files (x86)\Skype
2013-04-05 18:46:47 ----A---- C:\Windows\win.ini
2013-04-03 08:12:17 ----D---- C:\Program Files\Common Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-05-02 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-26 3039592]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\system32\ []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-12-22 25640]
S3 fdrawcmd;Low-level Floppy Driver; \??\C:\Windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-12 655624]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
S4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by vlastRex at 2013-05-02 13:09:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (27%) free of 135 GB
Total RAM: 16367 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:09:16, on 2.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\vlastRex.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc. (IPClampService) - Unknown owner - C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10315 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000454;000000000000046C; /AddRef;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8b645502-3fb9-4997-8deb-626859245433 -SystemEventPortName:HostProcess-75de99e8-a711-473a-8ac0-ae7aa8c9413e -IoCancelEventPortName:HostProcess-a0da479f-a836-4c81-9a06-baa3bef0d24c -NonStateChangingEventPortName:HostProcess-a8f6a2c1-3a5e-493e-806d-4fd4de1bce3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a469d1fb-bb36-4578-8030-275c27155271 -DeviceGroupId:WpdFsGroup
/QuitInfo:000000000000096C;0000000000000980; /AddRef;
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2028
/QuitInfo:000000000000097C;000000000000098C;
/loadhooks /Parent:0000000000000BC8
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
RPMDaemon.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files\AdobeCS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "D:\_data\_sc_design\_prezentace\Brozury\Brochure_mockup_A4_closeup.psd"
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2948.185f0900.1126792651 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 2948 "\\.\pipe\gecko-crash-server-pipe.2948" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --proxy-stub-channel=Flash572.60C31D90.26555 --host-broker-channel=Flash572.60C31D90.16395 --host-pid=572 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --channel=4980.0035F7D4.1722149852 --proxy-stub-channel=Flash572.60C31D90.26555 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Java\jre6\bin\javaw.exe" -Xmx512m -jar "C:\Program Files (x86)\JDownloader\JDownloader.jar"
"C:\Program Files\AdobeCS6\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2912.0.1280101135\1447820698" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.1.1364876754\1905300938" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.2.635882153\2120470654" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.3.767142767\1812037983" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.4.877005536\1958602615" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/7/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2912.5.533163207\799127966" /prefetch:3
"C:\Users\vlastRex\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default
prefs.js - "browser.startup.homepage" - "http://www.grafika.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\vlastRex\AppData\Roaming\Mozilla\Firefox\Profiles\b44nh2q1.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-24 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACSW14EN]
C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe [2011-11-17 1231472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RPMKickstart]
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2011-03-30 2552320]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-05-02 10:52:01 ----D---- C:\adobeTemp
2013-05-02 10:01:35 ----A---- C:\AdwCleaner[S2].txt
2013-05-02 10:01:28 ----A---- C:\AdwCleaner[R7].txt
2013-05-02 10:00:36 ----A---- C:\AdwCleaner[R6].txt
2013-05-02 08:35:22 ----D---- C:\Users\vlastRex\AppData\Roaming\Malwarebytes
2013-05-02 08:35:19 ----D---- C:\ProgramData\Malwarebytes
2013-05-02 08:29:34 ----A---- C:\AdwCleaner[R5].txt
2013-05-01 20:46:11 ----A---- C:\ComboFix.txt
2013-05-01 20:43:38 ----SHD---- C:\$RECYCLE.BIN
2013-05-01 15:42:54 ----A---- C:\Windows\zip.exe
2013-05-01 15:42:54 ----A---- C:\Windows\SWSC.exe
2013-05-01 15:42:54 ----A---- C:\Windows\SWREG.exe
2013-05-01 15:42:54 ----A---- C:\Windows\sed.exe
2013-05-01 15:42:54 ----A---- C:\Windows\PEV.exe
2013-05-01 15:42:54 ----A---- C:\Windows\NIRCMD.exe
2013-05-01 15:42:54 ----A---- C:\Windows\MBR.exe
2013-05-01 15:42:54 ----A---- C:\Windows\grep.exe
2013-05-01 15:42:29 ----D---- C:\Qoobox
2013-05-01 15:42:16 ----D---- C:\Windows\erdnt
2013-05-01 13:55:20 ----A---- C:\AdwCleaner[R4].txt
2013-04-30 08:48:52 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-04-30 08:05:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-30 08:05:30 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-30 08:05:30 ----A---- C:\Windows\system32\elshyph.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-30 08:05:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\wininet.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\webcheck.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\urlmon.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\url.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-30 08:05:28 ----A---- C:\Windows\system32\msrating.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\msls31.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\inseng.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iesetup.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iertutil.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iernonce.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-30 08:05:28 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-30 08:05:28 ----A---- C:\Windows\system32\icardie.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-30 08:05:28 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\wextract.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\vbscript.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\occache.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshtml.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\mshta.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\jscript9.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\jscript.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\imgutil.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iexpress.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieui.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\iepeers.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\ieframe.dll
2013-04-30 08:05:26 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-29 21:24:29 ----A---- C:\AdwCleaner[R3].txt
2013-04-29 21:21:38 ----A---- C:\AdwCleaner[R2].txt
2013-04-29 21:18:27 ----A---- C:\AdwCleaner[S1].txt
2013-04-29 21:17:07 ----A---- C:\AdwCleaner[R1].txt
2013-04-29 20:17:05 ----D---- C:\rsit
2013-04-29 20:17:05 ----D---- C:\Program Files\trend micro
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\uqiqc.txt
2013-04-29 20:07:00 ----A---- C:\Windows\SYSWOW64\drivers\qoxoy.sys
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\fhhgra.txt
2013-04-29 20:04:09 ----A---- C:\Windows\SYSWOW64\drivers\nrfe.sys
2013-04-24 08:19:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-22 09:04:01 ----D---- C:\Users\vlastRex\AppData\Roaming\Dropbox
2013-04-12 17:48:37 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WUDFUpdate_01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WinUSBCoInstaller.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_usbdev.sys
2013-04-12 17:48:37 ----A---- C:\Windows\system32\drivers\hw_quusbmdm.sys
2013-04-12 17:48:31 ----D---- C:\Program Files (x86)\Handset WinDriver
2013-04-12 07:46:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 17:47:31 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-04-11 17:44:58 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvopencl.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvoglv64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvinitx.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\nvhdap64.dll
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-04-11 17:44:58 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispgenco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvdispco6431422.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvid.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcuda.dll
2013-04-11 17:44:57 ----A---- C:\Windows\system32\nvcompiler.dll
2013-04-10 08:12:46 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 08:12:44 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 08:12:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 08:12:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 08:12:37 ----A---- C:\Windows\system32\smss.exe
2013-04-10 08:12:36 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 08:12:36 ----A---- C:\Windows\system32\csrsrv.dll
======List of files/folders modified in the last 1 month======
2013-05-02 13:09:10 ----D---- C:\Windows\Temp
2013-05-02 12:56:30 ----D---- C:\Users\vlastRex\AppData\Roaming\Skype
2013-05-02 12:39:04 ----D---- C:\Windows\system32\config
2013-05-02 11:49:27 ----D---- C:\ProgramData\NVIDIA
2013-05-02 11:49:23 ----RD---- C:\Program Files (x86)
2013-05-02 11:37:32 ----D---- C:\Windows\system32\drivers
2013-05-02 11:35:22 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-05-02 10:52:25 ----SHD---- C:\Windows\Installer
2013-05-02 10:52:25 ----D---- C:\Program Files (x86)\Adobe
2013-05-02 10:52:25 ----D---- C:\Config.Msi
2013-05-02 10:45:57 ----D---- C:\Windows\system32\Tasks
2013-05-02 08:35:19 ----D---- C:\ProgramData
2013-05-01 20:44:55 ----D---- C:\Windows\system32\wdi
2013-05-01 20:43:26 ----D---- C:\Windows
2013-05-01 20:43:26 ----A---- C:\Windows\system.ini
2013-05-01 20:43:24 ----D---- C:\Windows\system32\drivers\etc
2013-05-01 20:27:04 ----D---- C:\Windows\Tasks
2013-05-01 20:25:40 ----D---- C:\Windows\SYSWOW64\drivers
2013-05-01 20:25:40 ----D---- C:\Windows\SysWOW64
2013-05-01 20:25:40 ----D---- C:\Windows\AppPatch
2013-05-01 20:25:40 ----D---- C:\Program Files (x86)\Common Files
2013-05-01 15:42:28 ----D---- C:\Windows\Prefetch
2013-05-01 13:50:37 ----D---- C:\Windows\system32\catroot2
2013-05-01 12:35:52 ----D---- C:\Windows\system32\NDF
2013-04-30 15:53:28 ----RSD---- C:\Windows\Fonts
2013-04-30 13:40:11 ----D---- C:\Windows\inf
2013-04-30 12:23:01 ----D---- C:\Windows\rescache
2013-04-30 08:49:46 ----D---- C:\Windows\winsxs
2013-04-30 08:49:08 ----D---- C:\Windows\Panther
2013-04-30 08:48:52 ----D---- C:\Windows\System32
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\migration
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-30 08:47:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-30 08:47:47 ----D---- C:\Windows\system32\cs-CZ
2013-04-30 08:47:47 ----D---- C:\Program Files\Internet Explorer
2013-04-30 08:47:47 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-30 08:47:46 ----D---- C:\Windows\system32\migration
2013-04-30 08:47:46 ----D---- C:\Windows\system32\en-US
2013-04-30 08:47:46 ----D---- C:\Windows\PolicyDefinitions
2013-04-30 08:08:51 ----D---- C:\Windows\Logs
2013-04-30 08:08:29 ----D---- C:\Windows\system32\catroot
2013-04-30 08:03:32 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-29 21:24:07 ----D---- C:\Windows\SoftwareDistribution
2013-04-29 20:17:05 ----RD---- C:\Program Files
2013-04-29 08:46:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-28 12:28:09 ----SD---- C:\Users\vlastRex\AppData\Roaming\Microsoft
2013-04-24 14:50:08 ----SHD---- C:\System Volume Information
2013-04-17 10:48:36 ----D---- C:\Windows\debug
2013-04-17 09:52:22 ----D---- C:\ProgramData\Adobe
2013-04-17 09:52:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-15 12:54:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-12 17:54:17 ----D---- C:\Windows\system32\drivers\UMDF
2013-04-12 17:48:37 ----D---- C:\Windows\system32\DriverStore
2013-04-11 17:47:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-04-11 17:46:15 ----D---- C:\temp
2013-04-10 12:30:34 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 12:29:56 ----D---- C:\ProgramData\Microsoft Help
2013-04-10 12:26:31 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-08 08:13:36 ----D---- C:\ProgramData\Skype
2013-04-08 08:13:34 ----RD---- C:\Program Files (x86)\Skype
2013-04-05 18:46:47 ----A---- C:\Windows\win.ini
2013-04-03 08:12:17 ----D---- C:\Program Files\Common Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-05-02 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-26 3039592]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-01 535656]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\system32\ []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-12-22 25640]
S3 fdrawcmd;Low-level Floppy Driver; \??\C:\Windows\system32\drivers\fdrawcmd.sys [2008-09-28 32408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-04-12 655624]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-09 1431888]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe [2011-08-22 57344]
S4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Kontrola logu
Odinstalujte Spybota. Program je zastaraly. Najdete tento soubor C:\Program Files\trend micro\vlastRex.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravceKliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2566285128-2321358749-1607184772-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[ClearAllRestorePoints]
:services
SBSDWSCService
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
c:\windows\system32\drivers\qoxoy.sys
c:\windows\system32\drivers\nrfe.sys
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?