nejde mi zapnout Firewall na windows 7 x64
Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2013-10-10 10:23:59
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 14 GB (11%) free of 122 GB
Total RAM: 4053 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:24:02, on 10.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\trend micro\Pavel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AutoSwHIDMode] C:\Program Files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [WirelessManager] C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.29\AMVConverter\grab.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {3360DAE7-B224-4A07-B707-50F59F51D2A4} (SSObject2 Control) - http://85.207.29.1:1111/webman/3rdparty ... bject2.cab
O16 - DPF: {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} (Nadatel_Ctrl Class) - http://192.168.1.100/Nadatel-Webviewer.cab
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://172.30.68.12:8080/RtspVaPgDec.cab
O16 - DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} (SSObject Control) - http://192.168.111.18:5000/surveillance ... Object.cab
O16 - DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} (RtspVaPgCtrlNew2 Class) - http://192.168.1.173/RtspVaPgDecNew2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {960DC750-7447-4CDE-BF1C-FB33F9129654} (SSObject3 Control) - http://192.168.111.130:5000/webman/3rdp ... b?6.0-2636
O16 - DPF: {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} (LvrWeb Control) - http://212.4.145.131/LvrWeb.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxcg_device - - C:\Windows\system32\lxcgcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: O2SDIOAssist - Unknown owner - C:\Windows\SysWOW64\srvany.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
--
End of file - 13234 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=2066ac6c-4a4a-4e72-aed8-7628d8bbb213 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\cbfddd63-bb29-4e2b-aa8a-a30685a8f340-1b8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fd2cd741-a110-4675-9754-dce08a8a8ef7 -SystemEventPortName:HostProcess-1b0edc9c-25a3-40e5-8351-f91ab845fd36 -IoCancelEventPortName:HostProcess-b0cb30a9-9222-4580-8368-9fd39fb3f4fe -NonStateChangingEventPortName:HostProcess-6911887d-7fdc-4848-900c-19e0964841d6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a9b8c7dd-9e87-4556-b33d-526a8fa4fd72
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"
C:\Windows\system32\WLANExt.exe 24576768
\??\C:\Windows\system32\conhost.exe "-806771449-27829398574817917161605233847639756-1853204813-2689994301919245955
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\hasplms.exe -run
C:\Windows\system32\lxcgcoms.exe -service
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\sysWOW64\SDIOAssist.exe
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-25570fee-822a-489e-b772-d83f59dd6057 -SystemEventPortName:HostProcess-4113c246-81fc-48d6-a4c4-d2dde0051803 -IoCancelEventPortName:HostProcess-4b595321-8c86-4440-bf5a-e0b693402488 -NonStateChangingEventPortName:HostProcess-356c1a29-b72a-4050-a7cd-9bd65f78b237 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:22ed5081-97c8-4b79-a914-88f1aa21e0f4
"taskhost.exe"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=6a484d12-da49-4338-b035-920c504bf44a /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\43ebda31-2dae-470e-8218-46580b2e9d1a-ef4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-950306426-757979507-2132653191-1834171495595388713-2050224869-204125043-2032192346
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{97DA60DA-A7E3-4140-AD65-D0DA510F8E63}
{0F4E42E8-8A83-4065-AB34-D6BF2D3902C9}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-14dc740e-9835-4634-943f-cedbb3862bec -SystemEventPortName:HostProcess-fe0a1a5a-fa63-41c4-a211-8bab32a326b0 -IoCancelEventPortName:HostProcess-544d0cd4-c08c-43b5-b67b-9142d154e938 -NonStateChangingEventPortName:HostProcess-f78e41af-2c30-4de3-ac18-fbc9e61dfbc2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ae6b6496-4f8a-4f92-83ce-2c673c61ee8e
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:8156 CREDAT:203009
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Pavel\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2011-06-05 312936]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1692264]
"IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2010-11-14 1605632]
"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-12-23 1934608]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 660360]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WirelessManager"=C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [2011-09-19 20480]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AXIS Camera Station Service Control]
C:\Program Files (x86)\Axis Communications\AXIS Camera Station 3\AcsAdmin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2009-07-29 221696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-04-17 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20 1493288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AutoSwHIDMode"=C:\Program Files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe [2010-12-02 102400]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-08-15 4411440]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-10 10:20:39 ----D---- C:\rsit
2013-10-10 10:08:51 ----D---- C:\AdwCleaner
2013-10-07 23:36:15 ----RSH---- C:\ProgramData\24047241B4.sys
2013-10-07 23:36:15 ----ASH---- C:\ProgramData\KGyGaAvL.sys
2013-10-07 23:36:12 ----D---- C:\Users\Pavel\AppData\Roaming\Corel
2013-10-07 23:35:29 ----D---- C:\ProgramData\Corel
2013-10-07 23:34:34 ----D---- C:\Program Files (x86)\Corel
2013-10-03 15:40:56 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-10-03 15:39:52 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-10-03 15:39:50 ----A---- C:\Windows\game.ini
2013-10-03 15:35:51 ----D---- C:\Program Files (x86)\Activision
2013-09-20 10:41:14 ----D---- C:\Program Files (x86)\F-Link 1.1.2
======List of files/folders modified in the last 1 month======
2013-10-10 10:24:01 ----D---- C:\Windows\Prefetch
2013-10-10 10:24:01 ----D---- C:\Program Files\trend micro
2013-10-10 10:24:00 ----D---- C:\Windows\Temp
2013-10-10 10:21:06 ----D---- C:\Windows\system32\drivers
2013-10-10 10:20:48 ----D---- C:\Windows\system32\config
2013-10-10 10:16:38 ----SHD---- C:\Windows\Installer
2013-10-10 10:16:30 ----HD---- C:\Config.Msi
2013-10-10 10:16:24 ----SHD---- C:\System Volume Information
2013-10-10 10:15:08 ----D---- C:\Windows\System32
2013-10-10 10:15:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-10 10:12:49 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-10 10:10:33 ----D---- C:\Windows\SysWOW64
2013-10-10 10:10:33 ----D---- C:\ProgramData\NVIDIA
2013-10-10 10:09:23 ----D---- C:\ProgramData
2013-10-10 09:52:44 ----D---- C:\ProgramData\MFAData
2013-10-10 09:02:29 ----D---- C:\Windows\system32\catroot2
2013-10-10 09:01:03 ----HD---- C:\Windows\system32\WLANProfiles
2013-10-09 23:37:39 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2013-10-09 23:04:48 ----D---- C:\ProgramData\Skype
2013-10-09 23:04:47 ----RD---- C:\Program Files (x86)\Skype
2013-10-09 22:30:40 ----D---- C:\Users\Pavel\AppData\Roaming\Nitro PDF
2013-10-09 12:24:11 ----D---- C:\Windows\system32\FxsTmp
2013-10-09 11:44:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-07 23:35:29 ----D---- C:\Program Files (x86)\Common Files
2013-10-07 23:34:58 ----RSD---- C:\Windows\Fonts
2013-10-07 23:34:34 ----D---- C:\Program Files (x86)
2013-10-07 09:05:20 ----HD---- C:\Grande
2013-10-04 17:17:59 ----D---- C:\Windows\system32\NDF
2013-10-03 15:42:22 ----RSD---- C:\Windows\assembly
2013-10-03 15:42:03 ----D---- C:\Windows
2013-10-03 15:39:52 ----D---- C:\Windows\system32\LogFiles
2013-10-03 15:39:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-27 15:26:33 ----D---- C:\Users\Pavel\AppData\Roaming\ICQ
2013-09-24 12:00:04 ----D---- C:\Windows\system32\catroot
2013-09-24 12:00:04 ----D---- C:\Windows\inf
2013-09-24 12:00:03 ----D---- C:\Windows\system32\DriverStore
2013-09-20 10:41:24 ----D---- C:\Users\Pavel\AppData\Roaming\Jablotron
2013-09-11 13:43:53 ----D---- C:\Windows\Minidump
2013-09-11 10:43:55 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-05 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2012-10-12 83072]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2012-08-07 141256]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2012-10-06 323584]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2010-10-25 75264]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft); C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2011-02-18 56160]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\DRIVERS\O2MDFw7x64.sys [2011-01-03 72808]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2011-03-23 83560]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 DLPortIO;DriverLINX Port I/O Driver; C:\Windows\system32\drivers\DLPortIO.sys []
S3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-07-20 342704]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-10-15 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-10-15 27760]
S3 GKUPRO2D;GKUPRO2D; C:\Windows\system32\DRIVERS\GKUPRO2D.sys [2012-11-05 120320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\syswow64\NSNDIS5.SYS []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2011-06-27 1310720]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 dcpsysmgrsvc;Dell System Manager Service; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-07-28 519536]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-11-07 499200]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-23 1515792]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2012-08-23 4412872]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-08 325912]
R2 lxcg_device;lxcg_device; C:\Windows\system32\lxcgcoms.exe [2007-04-29 566704]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-01-14 230416]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-06-05 993896]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2010-02-10 72296]
R2 O2SDIOAssist;O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [2003-04-18 8192]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-04-24 624856]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-03 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-10-03 103736]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-23 845584]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2011-09-22 1259040]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-05 378472]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-08 2656536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 136176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nejde zapnout Firewall 0x80070424, prosím o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Pavel (administrator) on PAVEL-PC on 10-10-2013 10:41:40
Running from C:\Users\Pavel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
( ) C:\Windows\system32\lxcgcoms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\sysWOW64\SDIOAssist.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1692264 2011-05-05] ()
HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2010-12-23] (Intel(R) Corporation)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKCU\...\Run: [WirelessManager] - C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [20480 2011-09-19] (Ericsson AB)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
MountPoints2: {5282cd65-3a81-11e2-a1d5-c0f8dae2c462} - G:\Startme.exe
MountPoints2: {d1083ec0-ae84-11e1-9b89-c0f8dae2c462} - E:\setup\rsrc\Autorun.exe
MountPoints2: {e24df2d9-d7e2-11e2-a103-c0f8dae2c462} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKLM-x32\...\Run: [AutoSwHIDMode] - C:\Program Files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe [102400 2010-12-02] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM {DE625294-70E6-45ED-B895-CFFA13AEB044} http://77.92.218.77:2233/activex/AMC.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {3360DAE7-B224-4A07-B707-50F59F51D2A4} http://85.207.29.1:1111/webman/3rdparty ... bject2.cab
DPF: HKLM-x32 {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} http://192.168.1.100/Nadatel-Webviewer.cab
DPF: HKLM-x32 {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://172.30.68.12:8080/RtspVaPgDec.cab
DPF: HKLM-x32 {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.111.18:5000/surveillance ... Object.cab
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} http://192.168.1.173/RtspVaPgDecNew2.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {960DC750-7447-4CDE-BF1C-FB33F9129654} http://192.168.111.130:5000/webman/3rdp ... b?6.0-2636
DPF: HKLM-x32 {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} http://212.4.145.131/LvrWeb.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.111.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.cz/"
CHR DefaultSearchURL: (DaleSearch) - http://www.dalesearch.com/?q={searchTer ... 0&tsp=5001
CHR DefaultSuggestURL: (DaleSearch) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [566704 2007-04-29] ( )
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-01-14] (Nitro PDF Software)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [624856 2012-04-24] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-10-03] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [103736 2013-10-03] ()
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] ()
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2010-12-23] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-05] (DT Soft Ltd)
S3 GKUPRO2D; C:\Windows\System32\DRIVERS\GKUPRO2D.sys [120320 2012-11-05] (Gemalto)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2011-06-27] (C-Media Electronics Inc)
S2 DLPortIO; No ImagePath
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-10 10:41 - 2013-10-10 10:41 - 00000000 ____D C:\FRST
2013-10-10 10:40 - 2013-10-10 10:40 - 01954124 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2013-10-10 10:40 - 2013-10-10 10:40 - 00000000 _____ C:\Users\Pavel\Desktop\FRSTLauncher.exe
2013-10-10 10:20 - 2013-10-10 10:20 - 00000000 ____D C:\rsit
2013-10-10 10:18 - 2013-10-10 10:21 - 00000000 ____D C:\Users\Pavel\Desktop\RK_Quarantine
2013-10-10 10:16 - 2013-10-10 10:16 - 04009167 _____ C:\Users\Pavel\Downloads\ServicesRepair.exe
2013-10-10 10:15 - 2013-10-10 10:15 - 01010176 _____ C:\Users\Pavel\Downloads\MicrosoftFixit50884.msi
2013-10-10 10:08 - 2013-10-10 10:09 - 00000000 ____D C:\AdwCleaner
2013-10-08 00:01 - 2013-10-08 00:01 - 00002659 _____ C:\Users\Pavel\Desktop\CorelDRAW X4.lnk
2013-10-07 23:36 - 2013-10-09 22:30 - 00002672 ___SH C:\ProgramData\KGyGaAvL.sys
2013-10-07 23:36 - 2013-10-09 22:30 - 00000088 __RSH C:\ProgramData\24047241B4.sys
2013-10-07 23:36 - 2013-10-07 23:36 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Corel
2013-10-07 23:35 - 2013-10-07 23:38 - 00000000 ____D C:\ProgramData\Corel
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-07 23:23 - 2013-10-08 10:35 - 00000000 ____D C:\Users\Pavel\Desktop\CorelDraw X4 SP2 CZE
2013-10-03 15:42 - 2013-10-03 15:42 - 00182127 _____ C:\Windows\DirectX.log
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2013-10-03 15:40 - 2013-10-03 15:40 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00000331 _____ C:\Windows\game.ini
2013-10-03 15:35 - 2013-10-03 15:35 - 00000000 ____D C:\Program Files (x86)\Activision
2013-09-27 14:03 - 2013-09-27 14:03 - 00002757 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2013-09-26 00:09 - 2013-10-02 16:19 - 00767645 _____ C:\Users\Pavel\Documents\chata.FDB
2013-09-25 13:45 - 2013-09-25 14:23 - 00000000 ____D C:\Users\Pavel\Desktop\AK
2013-09-20 11:55 - 2013-09-26 00:06 - 00835938 _____ C:\Users\Pavel\Desktop\123.FDB
2013-09-20 10:41 - 2013-09-20 10:41 - 00000985 _____ C:\Users\Public\Desktop\F-Link 1.1.2.lnk
2013-09-20 10:41 - 2013-09-20 10:41 - 00000000 ____D C:\Program Files (x86)\F-Link 1.1.2
2013-09-18 14:07 - 2013-09-18 14:07 - 01781834 _____ C:\Users\Pavel\Downloads\spa942-5.2.5.zip
2013-09-18 13:58 - 2013-09-18 13:58 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (2).bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a.bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (1).bin
2013-09-18 13:44 - 2013-09-18 13:44 - 00987785 _____ C:\Users\Pavel\Downloads\rec-spa942-6-1-3a.zip
2013-09-18 11:13 - 2013-09-18 14:07 - 00000000 ____D C:\Users\Pavel\Desktop\SPA942_6.1.5a
2013-09-11 13:43 - 2013-09-11 13:43 - 00501712 _____ C:\Windows\Minidump\091113-16832-01.dmp
==================== One Month Modified Files and Folders =======
2013-10-10 10:41 - 2013-10-10 10:41 - 00000000 ____D C:\FRST
2013-10-10 10:40 - 2013-10-10 10:40 - 01954124 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2013-10-10 10:40 - 2013-10-10 10:40 - 00000000 _____ C:\Users\Pavel\Desktop\FRSTLauncher.exe
2013-10-10 10:34 - 2012-04-12 14:38 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-10 10:30 - 2012-04-12 12:15 - 01794282 _____ C:\Windows\WindowsUpdate.log
2013-10-10 10:24 - 2013-03-29 12:29 - 00000000 ____D C:\Program Files\trend micro
2013-10-10 10:21 - 2013-10-10 10:18 - 00000000 ____D C:\Users\Pavel\Desktop\RK_Quarantine
2013-10-10 10:20 - 2013-10-10 10:20 - 00000000 ____D C:\rsit
2013-10-10 10:17 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-10 10:17 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-10 10:16 - 2013-10-10 10:16 - 04009167 _____ C:\Users\Pavel\Downloads\ServicesRepair.exe
2013-10-10 10:15 - 2013-10-10 10:15 - 01010176 _____ C:\Users\Pavel\Downloads\MicrosoftFixit50884.msi
2013-10-10 10:15 - 2012-04-12 21:26 - 08528180 _____ C:\Windows\system32\perfh005.dat
2013-10-10 10:15 - 2012-04-12 21:26 - 02898886 _____ C:\Windows\system32\perfc005.dat
2013-10-10 10:15 - 2009-07-14 07:13 - 00006512 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 10:13 - 2012-09-12 11:15 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-10 10:12 - 2013-06-13 23:21 - 00419042 _____ C:\Windows\setupact.log
2013-10-10 10:10 - 2012-09-12 11:15 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-10 10:10 - 2012-04-12 13:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-10 10:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 10:09 - 2013-10-10 10:08 - 00000000 ____D C:\AdwCleaner
2013-10-10 10:08 - 2012-04-12 14:33 - 00000000 ____D C:\Users\Pavel\Documents\Soubory aplikace Outlook
2013-10-10 09:52 - 2012-04-12 13:58 - 00000000 ____D C:\ProgramData\MFAData
2013-10-09 23:37 - 2012-10-03 12:12 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Skype
2013-10-09 23:04 - 2012-10-03 12:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-09 23:04 - 2012-10-03 12:11 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 22:30 - 2013-10-07 23:36 - 00002672 ___SH C:\ProgramData\KGyGaAvL.sys
2013-10-09 22:30 - 2013-10-07 23:36 - 00000088 __RSH C:\ProgramData\24047241B4.sys
2013-10-09 22:30 - 2013-01-29 16:21 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Nitro PDF
2013-10-09 12:24 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-09 11:59 - 2013-07-23 15:15 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4B8D9478-264E-465A-8DBA-6D850DAB5863}
2013-10-09 11:44 - 2012-04-12 14:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 11:44 - 2012-04-12 14:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 11:44 - 2012-04-12 14:38 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 10:35 - 2013-10-07 23:23 - 00000000 ____D C:\Users\Pavel\Desktop\CorelDraw X4 SP2 CZE
2013-10-08 09:15 - 2009-07-14 06:45 - 00510544 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 00:01 - 2013-10-08 00:01 - 00002659 _____ C:\Users\Pavel\Desktop\CorelDRAW X4.lnk
2013-10-07 23:38 - 2013-10-07 23:35 - 00000000 ____D C:\ProgramData\Corel
2013-10-07 23:36 - 2013-10-07 23:36 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Corel
2013-10-07 23:36 - 2012-04-12 14:30 - 00140600 _____ C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-07 16:28 - 2013-04-22 15:26 - 00007637 _____ C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg
2013-10-07 09:06 - 2013-05-27 14:21 - 00002010 _____ C:\Users\Pavel\Documents\Default.rdp
2013-10-07 09:05 - 2013-04-26 09:23 - 00000000 ___HD C:\Grande
2013-10-04 17:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-03 15:42 - 2013-10-03 15:42 - 00182127 _____ C:\Windows\DirectX.log
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2013-10-03 15:40 - 2013-10-03 15:40 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00000331 _____ C:\Windows\game.ini
2013-10-03 15:39 - 2012-04-12 12:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-03 15:35 - 2013-10-03 15:35 - 00000000 ____D C:\Program Files (x86)\Activision
2013-10-03 15:31 - 2012-04-12 14:05 - 00000000 ____D C:\Users\Pavel\Desktop\Záloha
2013-10-03 15:30 - 2012-04-12 12:15 - 00000000 ____D C:\Users\Pavel
2013-10-02 16:19 - 2013-09-26 00:09 - 00767645 _____ C:\Users\Pavel\Documents\chata.FDB
2013-09-27 15:26 - 2012-04-17 09:35 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\ICQ
2013-09-27 14:03 - 2013-09-27 14:03 - 00002757 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2013-09-26 00:06 - 2013-09-20 11:55 - 00835938 _____ C:\Users\Pavel\Desktop\123.FDB
2013-09-25 14:23 - 2013-09-25 13:45 - 00000000 ____D C:\Users\Pavel\Desktop\AK
2013-09-20 10:41 - 2013-09-20 10:41 - 00000985 _____ C:\Users\Public\Desktop\F-Link 1.1.2.lnk
2013-09-20 10:41 - 2013-09-20 10:41 - 00000000 ____D C:\Program Files (x86)\F-Link 1.1.2
2013-09-20 10:41 - 2013-06-21 14:52 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Jablotron
2013-09-18 14:07 - 2013-09-18 14:07 - 01781834 _____ C:\Users\Pavel\Downloads\spa942-5.2.5.zip
2013-09-18 14:07 - 2013-09-18 11:13 - 00000000 ____D C:\Users\Pavel\Desktop\SPA942_6.1.5a
2013-09-18 13:58 - 2013-09-18 13:58 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (2).bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a.bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (1).bin
2013-09-18 13:44 - 2013-09-18 13:44 - 00987785 _____ C:\Users\Pavel\Downloads\rec-spa942-6-1-3a.zip
2013-09-16 12:54 - 2013-09-04 09:51 - 00000000 ____D C:\Users\Pavel\Desktop\Nová složka
2013-09-13 08:48 - 2013-03-28 12:46 - 00000937 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-11 13:43 - 2013-09-11 13:43 - 00501712 _____ C:\Windows\Minidump\091113-16832-01.dmp
2013-09-11 13:43 - 2012-06-05 08:52 - 00000000 ____D C:\Windows\Minidump
2013-09-11 10:43 - 2013-07-17 16:50 - 00009334 _____ C:\Windows\PFRO.log
2013-09-11 10:43 - 2012-09-12 11:15 - 00000000 ____D C:\Program Files\Google
2013-09-10 11:54 - 2013-07-17 09:51 - 00000000 ____D C:\ProgramData\Google
2013-09-10 11:54 - 2012-04-16 14:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-10 11:54 - 2012-04-13 10:26 - 00000000 ____D C:\Users\Pavel\AppData\Local\Google
2013-09-10 11:50 - 2013-05-24 11:57 - 00000000 ____D C:\Users\Pavel\Documents\The KMPlayer
2013-09-10 11:46 - 2012-04-24 14:44 - 00000995 _____ C:\Users\Pavel\Desktop\KMPlayer.lnk
2013-09-10 11:46 - 2012-04-24 14:44 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-226212332-2523390336-2884058028-1000\$3ee55e846ed34d7669fb680e561d97df
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$3ee55e846ed34d7669fb680e561d97df
Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\DaleSearchTB.exe
C:\Users\Pavel\AppData\Local\Temp\IntResource.dll
C:\Users\Pavel\AppData\Local\Temp\jna2596801865875465620.dll
C:\Users\Pavel\AppData\Local\Temp\jna3661059652051140490.dll
C:\Users\Pavel\AppData\Local\Temp\jna4652277998987810337.dll
C:\Users\Pavel\AppData\Local\Temp\jna4784097154753878257.dll
C:\Users\Pavel\AppData\Local\Temp\jna7771348922717731946.dll
C:\Users\Pavel\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\Pavel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Pavel\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 10:20
==================== End Of Log ============================
Ran by Pavel (administrator) on PAVEL-PC on 10-10-2013 10:41:40
Running from C:\Users\Pavel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
( ) C:\Windows\system32\lxcgcoms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\sysWOW64\SDIOAssist.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1692264 2011-05-05] ()
HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation)
HKLM\...\Run: [IntelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2010-12-23] (Intel(R) Corporation)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKCU\...\Run: [WirelessManager] - C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe [20480 2011-09-19] (Ericsson AB)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
MountPoints2: {5282cd65-3a81-11e2-a1d5-c0f8dae2c462} - G:\Startme.exe
MountPoints2: {d1083ec0-ae84-11e1-9b89-c0f8dae2c462} - E:\setup\rsrc\Autorun.exe
MountPoints2: {e24df2d9-d7e2-11e2-a103-c0f8dae2c462} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKLM-x32\...\Run: [AutoSwHIDMode] - C:\Program Files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe [102400 2010-12-02] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM {DE625294-70E6-45ED-B895-CFFA13AEB044} http://77.92.218.77:2233/activex/AMC.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {3360DAE7-B224-4A07-B707-50F59F51D2A4} http://85.207.29.1:1111/webman/3rdparty ... bject2.cab
DPF: HKLM-x32 {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} http://192.168.1.100/Nadatel-Webviewer.cab
DPF: HKLM-x32 {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://172.30.68.12:8080/RtspVaPgDec.cab
DPF: HKLM-x32 {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.111.18:5000/surveillance ... Object.cab
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} http://192.168.1.173/RtspVaPgDecNew2.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {960DC750-7447-4CDE-BF1C-FB33F9129654} http://192.168.111.130:5000/webman/3rdp ... b?6.0-2636
DPF: HKLM-x32 {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} http://212.4.145.131/LvrWeb.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.111.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.cz/"
CHR DefaultSearchURL: (DaleSearch) - http://www.dalesearch.com/?q={searchTer ... 0&tsp=5001
CHR DefaultSuggestURL: (DaleSearch) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [566704 2007-04-29] ( )
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-01-14] (Nitro PDF Software)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [624856 2012-04-24] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-10-03] ()
R2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [103736 2013-10-03] ()
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] ()
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2010-12-23] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-05] (DT Soft Ltd)
S3 GKUPRO2D; C:\Windows\System32\DRIVERS\GKUPRO2D.sys [120320 2012-11-05] (Gemalto)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2011-06-27] (C-Media Electronics Inc)
S2 DLPortIO; No ImagePath
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-10 10:41 - 2013-10-10 10:41 - 00000000 ____D C:\FRST
2013-10-10 10:40 - 2013-10-10 10:40 - 01954124 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2013-10-10 10:40 - 2013-10-10 10:40 - 00000000 _____ C:\Users\Pavel\Desktop\FRSTLauncher.exe
2013-10-10 10:20 - 2013-10-10 10:20 - 00000000 ____D C:\rsit
2013-10-10 10:18 - 2013-10-10 10:21 - 00000000 ____D C:\Users\Pavel\Desktop\RK_Quarantine
2013-10-10 10:16 - 2013-10-10 10:16 - 04009167 _____ C:\Users\Pavel\Downloads\ServicesRepair.exe
2013-10-10 10:15 - 2013-10-10 10:15 - 01010176 _____ C:\Users\Pavel\Downloads\MicrosoftFixit50884.msi
2013-10-10 10:08 - 2013-10-10 10:09 - 00000000 ____D C:\AdwCleaner
2013-10-08 00:01 - 2013-10-08 00:01 - 00002659 _____ C:\Users\Pavel\Desktop\CorelDRAW X4.lnk
2013-10-07 23:36 - 2013-10-09 22:30 - 00002672 ___SH C:\ProgramData\KGyGaAvL.sys
2013-10-07 23:36 - 2013-10-09 22:30 - 00000088 __RSH C:\ProgramData\24047241B4.sys
2013-10-07 23:36 - 2013-10-07 23:36 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Corel
2013-10-07 23:35 - 2013-10-07 23:38 - 00000000 ____D C:\ProgramData\Corel
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-07 23:23 - 2013-10-08 10:35 - 00000000 ____D C:\Users\Pavel\Desktop\CorelDraw X4 SP2 CZE
2013-10-03 15:42 - 2013-10-03 15:42 - 00182127 _____ C:\Windows\DirectX.log
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2013-10-03 15:40 - 2013-10-03 15:40 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00000331 _____ C:\Windows\game.ini
2013-10-03 15:35 - 2013-10-03 15:35 - 00000000 ____D C:\Program Files (x86)\Activision
2013-09-27 14:03 - 2013-09-27 14:03 - 00002757 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2013-09-26 00:09 - 2013-10-02 16:19 - 00767645 _____ C:\Users\Pavel\Documents\chata.FDB
2013-09-25 13:45 - 2013-09-25 14:23 - 00000000 ____D C:\Users\Pavel\Desktop\AK
2013-09-20 11:55 - 2013-09-26 00:06 - 00835938 _____ C:\Users\Pavel\Desktop\123.FDB
2013-09-20 10:41 - 2013-09-20 10:41 - 00000985 _____ C:\Users\Public\Desktop\F-Link 1.1.2.lnk
2013-09-20 10:41 - 2013-09-20 10:41 - 00000000 ____D C:\Program Files (x86)\F-Link 1.1.2
2013-09-18 14:07 - 2013-09-18 14:07 - 01781834 _____ C:\Users\Pavel\Downloads\spa942-5.2.5.zip
2013-09-18 13:58 - 2013-09-18 13:58 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (2).bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a.bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (1).bin
2013-09-18 13:44 - 2013-09-18 13:44 - 00987785 _____ C:\Users\Pavel\Downloads\rec-spa942-6-1-3a.zip
2013-09-18 11:13 - 2013-09-18 14:07 - 00000000 ____D C:\Users\Pavel\Desktop\SPA942_6.1.5a
2013-09-11 13:43 - 2013-09-11 13:43 - 00501712 _____ C:\Windows\Minidump\091113-16832-01.dmp
==================== One Month Modified Files and Folders =======
2013-10-10 10:41 - 2013-10-10 10:41 - 00000000 ____D C:\FRST
2013-10-10 10:40 - 2013-10-10 10:40 - 01954124 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2013-10-10 10:40 - 2013-10-10 10:40 - 00000000 _____ C:\Users\Pavel\Desktop\FRSTLauncher.exe
2013-10-10 10:34 - 2012-04-12 14:38 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-10 10:30 - 2012-04-12 12:15 - 01794282 _____ C:\Windows\WindowsUpdate.log
2013-10-10 10:24 - 2013-03-29 12:29 - 00000000 ____D C:\Program Files\trend micro
2013-10-10 10:21 - 2013-10-10 10:18 - 00000000 ____D C:\Users\Pavel\Desktop\RK_Quarantine
2013-10-10 10:20 - 2013-10-10 10:20 - 00000000 ____D C:\rsit
2013-10-10 10:17 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-10 10:17 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-10 10:16 - 2013-10-10 10:16 - 04009167 _____ C:\Users\Pavel\Downloads\ServicesRepair.exe
2013-10-10 10:15 - 2013-10-10 10:15 - 01010176 _____ C:\Users\Pavel\Downloads\MicrosoftFixit50884.msi
2013-10-10 10:15 - 2012-04-12 21:26 - 08528180 _____ C:\Windows\system32\perfh005.dat
2013-10-10 10:15 - 2012-04-12 21:26 - 02898886 _____ C:\Windows\system32\perfc005.dat
2013-10-10 10:15 - 2009-07-14 07:13 - 00006512 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 10:13 - 2012-09-12 11:15 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-10 10:12 - 2013-06-13 23:21 - 00419042 _____ C:\Windows\setupact.log
2013-10-10 10:10 - 2012-09-12 11:15 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-10 10:10 - 2012-04-12 13:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-10 10:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 10:09 - 2013-10-10 10:08 - 00000000 ____D C:\AdwCleaner
2013-10-10 10:08 - 2012-04-12 14:33 - 00000000 ____D C:\Users\Pavel\Documents\Soubory aplikace Outlook
2013-10-10 09:52 - 2012-04-12 13:58 - 00000000 ____D C:\ProgramData\MFAData
2013-10-09 23:37 - 2012-10-03 12:12 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Skype
2013-10-09 23:04 - 2012-10-03 12:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-09 23:04 - 2012-10-03 12:11 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 22:30 - 2013-10-07 23:36 - 00002672 ___SH C:\ProgramData\KGyGaAvL.sys
2013-10-09 22:30 - 2013-10-07 23:36 - 00000088 __RSH C:\ProgramData\24047241B4.sys
2013-10-09 22:30 - 2013-01-29 16:21 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Nitro PDF
2013-10-09 12:24 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-09 11:59 - 2013-07-23 15:15 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4B8D9478-264E-465A-8DBA-6D850DAB5863}
2013-10-09 11:44 - 2012-04-12 14:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 11:44 - 2012-04-12 14:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 11:44 - 2012-04-12 14:38 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 10:35 - 2013-10-07 23:23 - 00000000 ____D C:\Users\Pavel\Desktop\CorelDraw X4 SP2 CZE
2013-10-08 09:15 - 2009-07-14 06:45 - 00510544 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-08 00:01 - 2013-10-08 00:01 - 00002659 _____ C:\Users\Pavel\Desktop\CorelDRAW X4.lnk
2013-10-07 23:38 - 2013-10-07 23:35 - 00000000 ____D C:\ProgramData\Corel
2013-10-07 23:36 - 2013-10-07 23:36 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Corel
2013-10-07 23:36 - 2012-04-12 14:30 - 00140600 _____ C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-07 23:34 - 2013-10-07 23:34 - 00000000 ____D C:\Program Files (x86)\Corel
2013-10-07 16:28 - 2013-04-22 15:26 - 00007637 _____ C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg
2013-10-07 09:06 - 2013-05-27 14:21 - 00002010 _____ C:\Users\Pavel\Documents\Default.rdp
2013-10-07 09:05 - 2013-04-26 09:23 - 00000000 ___HD C:\Grande
2013-10-04 17:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-03 15:42 - 2013-10-03 15:42 - 00182127 _____ C:\Windows\DirectX.log
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2013-10-03 15:42 - 2013-10-03 15:42 - 00002010 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2013-10-03 15:40 - 2013-10-03 15:40 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-03 15:39 - 2013-10-03 15:39 - 00000331 _____ C:\Windows\game.ini
2013-10-03 15:39 - 2012-04-12 12:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-03 15:35 - 2013-10-03 15:35 - 00000000 ____D C:\Program Files (x86)\Activision
2013-10-03 15:31 - 2012-04-12 14:05 - 00000000 ____D C:\Users\Pavel\Desktop\Záloha
2013-10-03 15:30 - 2012-04-12 12:15 - 00000000 ____D C:\Users\Pavel
2013-10-02 16:19 - 2013-09-26 00:09 - 00767645 _____ C:\Users\Pavel\Documents\chata.FDB
2013-09-27 15:26 - 2012-04-17 09:35 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\ICQ
2013-09-27 14:03 - 2013-09-27 14:03 - 00002757 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2013-09-26 00:06 - 2013-09-20 11:55 - 00835938 _____ C:\Users\Pavel\Desktop\123.FDB
2013-09-25 14:23 - 2013-09-25 13:45 - 00000000 ____D C:\Users\Pavel\Desktop\AK
2013-09-20 10:41 - 2013-09-20 10:41 - 00000985 _____ C:\Users\Public\Desktop\F-Link 1.1.2.lnk
2013-09-20 10:41 - 2013-09-20 10:41 - 00000000 ____D C:\Program Files (x86)\F-Link 1.1.2
2013-09-20 10:41 - 2013-06-21 14:52 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Jablotron
2013-09-18 14:07 - 2013-09-18 14:07 - 01781834 _____ C:\Users\Pavel\Downloads\spa942-5.2.5.zip
2013-09-18 14:07 - 2013-09-18 11:13 - 00000000 ____D C:\Users\Pavel\Desktop\SPA942_6.1.5a
2013-09-18 13:58 - 2013-09-18 13:58 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (2).bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a.bin
2013-09-18 13:57 - 2013-09-18 13:57 - 00957101 _____ C:\Users\Pavel\Downloads\spa942-6-1-5a (1).bin
2013-09-18 13:44 - 2013-09-18 13:44 - 00987785 _____ C:\Users\Pavel\Downloads\rec-spa942-6-1-3a.zip
2013-09-16 12:54 - 2013-09-04 09:51 - 00000000 ____D C:\Users\Pavel\Desktop\Nová složka
2013-09-13 08:48 - 2013-03-28 12:46 - 00000937 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-11 13:43 - 2013-09-11 13:43 - 00501712 _____ C:\Windows\Minidump\091113-16832-01.dmp
2013-09-11 13:43 - 2012-06-05 08:52 - 00000000 ____D C:\Windows\Minidump
2013-09-11 10:43 - 2013-07-17 16:50 - 00009334 _____ C:\Windows\PFRO.log
2013-09-11 10:43 - 2012-09-12 11:15 - 00000000 ____D C:\Program Files\Google
2013-09-10 11:54 - 2013-07-17 09:51 - 00000000 ____D C:\ProgramData\Google
2013-09-10 11:54 - 2012-04-16 14:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-10 11:54 - 2012-04-13 10:26 - 00000000 ____D C:\Users\Pavel\AppData\Local\Google
2013-09-10 11:50 - 2013-05-24 11:57 - 00000000 ____D C:\Users\Pavel\Documents\The KMPlayer
2013-09-10 11:46 - 2012-04-24 14:44 - 00000995 _____ C:\Users\Pavel\Desktop\KMPlayer.lnk
2013-09-10 11:46 - 2012-04-24 14:44 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-226212332-2523390336-2884058028-1000\$3ee55e846ed34d7669fb680e561d97df
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$3ee55e846ed34d7669fb680e561d97df
Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\DaleSearchTB.exe
C:\Users\Pavel\AppData\Local\Temp\IntResource.dll
C:\Users\Pavel\AppData\Local\Temp\jna2596801865875465620.dll
C:\Users\Pavel\AppData\Local\Temp\jna3661059652051140490.dll
C:\Users\Pavel\AppData\Local\Temp\jna4652277998987810337.dll
C:\Users\Pavel\AppData\Local\Temp\jna4784097154753878257.dll
C:\Users\Pavel\AppData\Local\Temp\jna7771348922717731946.dll
C:\Users\Pavel\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\Pavel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Pavel\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 10:20
==================== End Of Log ============================
Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
ComboFix 13-10-09.01 - Pavel 10.10.2013 12:27:20.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4053.2058 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pavel\AppData\Local\assembly\tmp
c:\users\Pavel\Desktop\Scanner.lnk
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\ccrpTmr6.dll
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\server.log
c:\windows\SysWow64\UNWISE.EXE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-10 do 2013-10-10 )))))))))))))))))))))))))))))))
.
.
2013-10-10 10:30 . 2013-10-10 10:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-10 08:41 . 2013-10-10 08:41 -------- d-----w- C:\FRST
2013-10-10 08:20 . 2013-10-10 08:20 -------- d-----w- C:\rsit
2013-10-10 08:08 . 2013-10-10 08:09 -------- d-----w- C:\AdwCleaner
2013-10-07 21:36 . 2013-10-09 20:30 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2013-10-07 21:36 . 2013-10-09 20:30 88 --sh--r- c:\programdata\24047241B4.sys
2013-10-07 21:36 . 2013-10-07 21:36 -------- d-----w- c:\users\Pavel\AppData\Roaming\Corel
2013-10-07 21:35 . 2013-10-07 21:38 -------- d-----w- c:\programdata\Corel
2013-10-07 21:35 . 2013-10-07 21:35 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-10-07 21:34 . 2013-10-07 21:34 -------- d-----w- c:\program files (x86)\Common Files\Corel
2013-10-07 21:34 . 2013-10-07 21:34 -------- d-----w- c:\program files (x86)\Corel
2013-10-03 13:40 . 2013-10-03 13:40 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-03 13:39 . 2013-10-03 13:39 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-10-03 13:35 . 2013-10-03 13:35 -------- d-----w- c:\program files (x86)\Activision
2013-09-20 08:41 . 2013-09-20 08:41 -------- d-----w- c:\program files (x86)\F-Link 1.1.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 09:44 . 2012-04-12 12:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 09:44 . 2012-04-12 12:38 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2011-09-19 20480]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AutoSwHIDMode"="c:\program files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe" [2010-12-02 102400]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-08-15 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2011-7-28 1552240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DLPortIO;DriverLINX Port I/O Driver; [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys;c:\windows\SYSNATIVE\DRIVERS\accelern.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\DRIVERS\GKUPRO2D.sys;c:\windows\SYSNATIVE\DRIVERS\GKUPRO2D.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe;c:\windows\SysWOW64\srvany.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft);c:\windows\system32\DRIVERS\bthprint.sys;c:\windows\SYSNATIVE\DRIVERS\bthprint.sys [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\O2MDFw7x64.sys [x]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdjw7x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 09:44]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 09:15]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 09:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-19 611192]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-06-05 312936]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1692264]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-11-14 1605632]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1934608]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to AMV/AVI Video Converter... - c:\program files (x86)\Media Player Utilities 4.29\AMVConverter\grab.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 192.168.111.1
DPF: {3360DAE7-B224-4A07-B707-50F59F51D2A4} - hxxp://85.207.29.1:1111/webman/3rdparty/SurveillanceStation/object/SSObject2.cab
DPF: {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} - hxxp://192.168.1.100/Nadatel-Webviewer.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://172.30.68.12:8080/RtspVaPgDec.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} - hxxp://192.168.111.18:5000/surveillance/object/SSObject.cab
DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} - hxxp://192.168.1.173/RtspVaPgDecNew2.cab
DPF: {960DC750-7447-4CDE-BF1C-FB33F9129654} - hxxp://192.168.111.130:5000/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2636
DPF: {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} - hxxp://212.4.145.131/LvrWeb.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\sysWOW64\SDIOAssist.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-10-10 12:37:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-10 10:37
.
Před spuštěním: Volných bajtů: 13 724 430 336
Po spuštění: Volných bajtů: 13 790 281 728
.
- - End Of File - - B9277D8D39B3D2AFDFE03B93FF1BBCB3
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4053.2058 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pavel\AppData\Local\assembly\tmp
c:\users\Pavel\Desktop\Scanner.lnk
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\ccrpTmr6.dll
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\server.log
c:\windows\SysWow64\UNWISE.EXE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-10 do 2013-10-10 )))))))))))))))))))))))))))))))
.
.
2013-10-10 10:30 . 2013-10-10 10:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-10 08:41 . 2013-10-10 08:41 -------- d-----w- C:\FRST
2013-10-10 08:20 . 2013-10-10 08:20 -------- d-----w- C:\rsit
2013-10-10 08:08 . 2013-10-10 08:09 -------- d-----w- C:\AdwCleaner
2013-10-07 21:36 . 2013-10-09 20:30 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2013-10-07 21:36 . 2013-10-09 20:30 88 --sh--r- c:\programdata\24047241B4.sys
2013-10-07 21:36 . 2013-10-07 21:36 -------- d-----w- c:\users\Pavel\AppData\Roaming\Corel
2013-10-07 21:35 . 2013-10-07 21:38 -------- d-----w- c:\programdata\Corel
2013-10-07 21:35 . 2013-10-07 21:35 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2013-10-07 21:34 . 2013-10-07 21:34 -------- d-----w- c:\program files (x86)\Common Files\Corel
2013-10-07 21:34 . 2013-10-07 21:34 -------- d-----w- c:\program files (x86)\Corel
2013-10-03 13:40 . 2013-10-03 13:40 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-03 13:39 . 2013-10-03 13:39 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-10-03 13:35 . 2013-10-03 13:35 -------- d-----w- c:\program files (x86)\Activision
2013-09-20 08:41 . 2013-09-20 08:41 -------- d-----w- c:\program files (x86)\F-Link 1.1.2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 09:44 . 2012-04-12 12:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 09:44 . 2012-04-12 12:38 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2011-09-19 20480]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AutoSwHIDMode"="c:\program files (x86)\HIDeGalaxTouch\AutoSwHIDMode.exe" [2010-12-02 102400]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-08-15 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2011-7-28 1552240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DLPortIO;DriverLINX Port I/O Driver; [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys;c:\windows\SYSNATIVE\DRIVERS\accelern.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\DRIVERS\GKUPRO2D.sys;c:\windows\SYSNATIVE\DRIVERS\GKUPRO2D.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 O2SDIOAssist;O2SDIOAssist;c:\windows\SysWOW64\srvany.exe;c:\windows\SysWOW64\srvany.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft);c:\windows\system32\DRIVERS\bthprint.sys;c:\windows\SYSNATIVE\DRIVERS\bthprint.sys [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\O2MDFw7x64.sys [x]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdjw7x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 09:44]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 09:15]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-12 09:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-19 611192]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-06-05 312936]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1692264]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-11-14 1605632]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1934608]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to AMV/AVI Video Converter... - c:\program files (x86)\Media Player Utilities 4.29\AMVConverter\grab.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 192.168.111.1
DPF: {3360DAE7-B224-4A07-B707-50F59F51D2A4} - hxxp://85.207.29.1:1111/webman/3rdparty/SurveillanceStation/object/SSObject2.cab
DPF: {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} - hxxp://192.168.1.100/Nadatel-Webviewer.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://172.30.68.12:8080/RtspVaPgDec.cab
DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} - hxxp://192.168.111.18:5000/surveillance/object/SSObject.cab
DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} - hxxp://192.168.1.173/RtspVaPgDecNew2.cab
DPF: {960DC750-7447-4CDE-BF1C-FB33F9129654} - hxxp://192.168.111.130:5000/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2636
DPF: {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} - hxxp://212.4.145.131/LvrWeb.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\sysWOW64\SDIOAssist.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-10-10 12:37:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-10 10:37
.
Před spuštěním: Volných bajtů: 13 724 430 336
Po spuštění: Volných bajtů: 13 790 281 728
.
- - End Of File - - B9277D8D39B3D2AFDFE03B93FF1BBCB3
A36C5E4F47E84449FF07ED3517B43A31
Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Zdravim 
Opakovane porusujete pravidla fora a licence CF a to ve svevolnem spusteni ComboFixu
Proto bude pomoc odmitnuta
Opakovane porusujete pravidla fora a licence CF a to ve svevolnem spusteni ComboFixu Proto bude pomoc odmitnuta"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Jsem si toho vědom, protože mi nikdo nebyl schopen pomoci, nebo se ani nesnažil, tak jsem se držel hesla co si neuděláš to nemáš. A může te mi prosím napsat jak porušuji licenci CF?? to by mě opravdu zajímalo.
Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Jste osoba vyskolena=zkusena v pouzivani ComboFixu, mate pristup k jeho aktualnimu navodu a seznamu dostupnych prikazu, spolu s vysvetlenim a priapdne podporou autora? Pokud nikoli, tak porusujete licenci CF Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Dal jste sem pozadavek v 10:24, 10:43 jste si odpovedel dalsim logem a v 12:38 uz log z CF. My tu nesedime porad, nasem forum funguje na bazi dobrovolnosti, jsme tu ZDARMA a ve svem VOLNEM case. Pokud potrebujete urgentni pomoc, tak si zaplatte servis. U nas se bud budete drzet danych pravidel a pockate si nebo holt mate smulu. Pokud se Vam to nelibi, nikdo Vas tu nenuti byt, tlacitko Odhlasit je vlevo nahore."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Je mě to jasné, ale pokud se na můj dotaz podívá 8 lidí a nikdo nenapíše ani čárku a na víc jsem stejný dotaz našel jinde i s řešením a tak byla pro mě jasná volba. Takže chápu, že je to na moje vlastní riziko, ale komukoliv může být jedno, co si do toho mého PC dám a co s tím udělám. Takže v tomto případě je nějaká licence úplně bezpředmětná. Takže vám děkuji za vysvětlení, ale mám na to vlastní názor.
Re: Nejde zapnout Firewall 0x80070424, prosím o pomoc
Nazor Vam nidko nebere, ale u nas plati jista pravidla. Na jejich porusovani jste byl opakovane upozornen, nerespektujete, my nebudeme pomahat...
Nam je jedno co si tam cpete, ale my to pak po Vas opravovat nebudem a nebudem zkoumat co vse tam bylo a neni a co zamaskovaly utility...
Jak psal jednou kolega, náš píseček, naše pravidla a naše velikost a tvar báboviček - nikdo vas tu nenuti byt, pobyt na tomto foru je pravo, nikoli vysada a povinnost.
A jak bylo zmineno vyse a i ve warnu, ktery jste obdrzel, bud se prizpusobite pokud tu zadate o pomoc, nebo mate holt smulu...
A na zaklade Pravidla o zamykani temat
Nam je jedno co si tam cpete, ale my to pak po Vas opravovat nebudem a nebudem zkoumat co vse tam bylo a neni a co zamaskovaly utility...
Jak psal jednou kolega, náš píseček, naše pravidla a naše velikost a tvar báboviček - nikdo vas tu nenuti byt, pobyt na tomto foru je pravo, nikoli vysada a povinnost.
A jak bylo zmineno vyse a i ve warnu, ktery jste obdrzel, bud se prizpusobite pokud tu zadate o pomoc, nebo mate holt smulu...
A na zaklade Pravidla o zamykani temat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?