Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kolisani procesoru

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Kolisani procesoru

#1 Příspěvek od gulesz »

AHoj.Pri yapnuti pc mi huci vetrak a skace procesor v intervalu 30%,nekdy z 0 na 30,jindy z 40 na 70. Spywar jsem odstranil,scaned avg,tady posilam log...


Running processes:
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\HiJack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/web?o=14677&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14677&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Super-Search -Find more of what you need - {0286A85D-CD62-43bb-B7A9-A87D1D027160} - C:\PROGRA~2\EasySearch\BHO\1.SuperSearch.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [RecFreeToolbar] rundll32 "C:\Program Files (x86)\RecFree.com\RecFreeToolbar\1.3.23.2\escortApp.dll",newUsrRgstr (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RecFreeToolbar] rundll32 "C:\Program Files (x86)\RecFree.com\RecFreeToolbar\1.3.23.2\escortApp.dll",newUsrRgstr (User 'Default user')
O8 - Extra context menu item: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit (mi-raysat_3dsmax2011_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

kdo docetl, prosim o jakkoukoli radu :boxed: ...
MH

--
End of file - 14191 bytes

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#2 Příspěvek od Rudy »

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 . Je podrobnější, než Hijack This.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#3 Příspěvek od gulesz »

Tady je,,

Logfile of random's system information tool 1.08 (written by random/random)
Run by gulesz at 2010-12-10 05:31:25
Microsoft Windows 7 Home Premium
System drive C: has 68 GB (15%) free of 462 GB
Total RAM: 3950 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:31:32, on 10.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\pctranslat\WDICT32.EXE
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\gulesz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/web?o=14677&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14677&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Super-Search -Find more of what you need - {0286A85D-CD62-43bb-B7A9-A87D1D027160} - C:\PROGRA~2\EasySearch\BHO\1.SuperSearch.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [RecFreeToolbar] rundll32 "C:\Program Files (x86)\RecFree.com\RecFreeToolbar\1.3.23.2\escortApp.dll",newUsrRgstr (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RecFreeToolbar] rundll32 "C:\Program Files (x86)\RecFree.com\RecFreeToolbar\1.3.23.2\escortApp.dll",newUsrRgstr (User 'Default user')
O8 - Extra context menu item: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit (mi-raysat_3dsmax2011_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) Sample Collector (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\collsvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14358 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
/pipeName=73141365-b177-488c-9bdc-fa6ce777726d /coreSdkOptions=30 /logConfFile="C:\ProgramData\avg9\temp\396efcbb-77cd-4c6d-aa93-a7eebfd0c559-234-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG9\" /tempPath="C:\ProgramData\avg9\temp\"
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe"
"C:\Program Files (x86)\AVG\AVG9\avgam.exe"
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG9\avgemc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
/pipeName=27566884-a885-4086-beab-d570c6ff944b /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG9\"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
WLIDSvcM.exe 2684
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bfcbb89b-70e8-4543-a91f-fb6f9c67f752 -SystemEventPortName:HostProcess-2a6c3a48-aea3-4c04-a37e-6ec461e39b3d -IoCancelEventPortName:HostProcess-55677431-833f-445b-8b2b-614e4fd1abf4 -NonStateChangingEventPortName:HostProcess-d6969e05-0aeb-49c7-a76a-cc5bd136fcb2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7424516f-5c5a-4242-8cd7-d33b3ccab846
"taskhost.exe"
taskeng.exe {63F9B573-73AB-4370-B31F-7C23A91ABAFF}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {BA9072AA-90AF-45C8-A834-644A8CFE3293}
"C:\Program Files\Sony\VAIO Care\VAIOCareService.exe"
/Device:000000a1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
/pipeName=b5eaf01b-513c-4678-9bfc-b274f4d20c0e /coreSdkOptions=18 /logConfFile="C:\ProgramData\avg9\temp\476ace65-c8da-4726-a331-6a4785f613a2-93c-oopp.tmp" /loggerName=AVG.NS.Core /tempPath="C:\ProgramData\avg9\temp\"
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Windows\system32\M-AudioTaskBarIcon.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:9.0 /MODE:2
"C:\Program Files (x86)\pctranslat\WDICT32.EXE"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\QIP\qip.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe80_ Global\UsGthrCtrlFltPipeMssGthrPipe80 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\gulesz\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AcPro Daily Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2010-11-25 2334560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}]
Super-Search -Find more of what you need - C:\PROGRA~2\EasySearch\BHO\1.SuperSearch.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2010-11-25 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-16 9636896]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2009-05-19 749576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint\Apoint.exe [2009-11-04 208384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dpj]
C:\Users\gulesz\AppData\Roaming\dpj.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Elbserver]
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2009-10-15 72192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-05-16 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe [2006-05-16 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JP595IR86O]
C:\Users\gulesz\AppData\Local\Temp\Isw.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rdshost]
wscript C:\Program Files (x86)\Common Files\ComObject\liveupdate.js []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-11 171520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-11-22 2988784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^gulesz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KN StrongDC.lnk]
C:\PROGRA~1\KN_STR~1\StrongDC.exe [2008-07-15 3361792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-16 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2010-12-10 05:31:25 ----D---- C:\rsit
2010-12-10 05:31:25 ----D---- C:\Program Files\trend micro
2010-12-09 23:15:38 ----D---- C:\ProgramData\Syncrosoft
2010-12-09 23:15:01 ----D---- C:\Program Files (x86)\Steinberg
2010-12-09 23:14:42 ----D---- C:\ProgramData\eLicenser
2010-12-09 23:14:42 ----D---- C:\Program Files (x86)\Syncrosoft
2010-12-09 23:14:42 ----D---- C:\Program Files (x86)\eLicenser
2010-12-09 23:14:42 ----A---- C:\Windows\system32\synsoacc.dll
2010-12-09 23:14:39 ----A---- C:\Windows\SYSWOW64\SYNSOPOS.exe.cfg
2010-12-09 23:14:38 ----A---- C:\Windows\SYSWOW64\SYNSOACC.dll
2010-12-09 23:14:37 ----A---- C:\Windows\SYSWOW64\SYNSOPOS.exe
2010-12-09 09:28:15 ----D---- C:\Windows\LastGood
2010-12-09 09:28:08 ----D---- C:\Program Files\M-Audio
2010-12-08 14:28:58 ----D---- C:\Users\gulesz\AppData\Roaming\SUPERAntiSpyware.com
2010-12-08 14:28:58 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-12-08 14:28:54 ----D---- C:\ProgramData\!SASCORE
2010-12-08 14:28:47 ----D---- C:\Program Files\SUPERAntiSpyware
2010-12-08 00:50:11 ----A---- C:\vraylog.txt
2010-12-04 17:10:32 ----D---- C:\Program Files (x86)\Winamp Detect
2010-12-04 17:10:15 ----D---- C:\Users\gulesz\AppData\Roaming\Winamp
2010-12-04 17:10:15 ----D---- C:\Program Files (x86)\Winamp
2010-12-03 17:44:02 ----D---- C:\Program Files (x86)\Unknown Device Identifier
2010-11-30 16:14:05 ----D---- C:\Users\gulesz\AppData\Roaming\Thunderbird
2010-11-30 16:13:57 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-11-30 11:49:46 ----D---- C:\Users\gulesz\AppData\Roaming\ParetoLogic
2010-11-30 11:49:46 ----D---- C:\Users\gulesz\AppData\Roaming\DriverCure
2010-11-30 11:49:37 ----D---- C:\ProgramData\ParetoLogic
2010-11-29 19:56:26 ----D---- C:\Program Files\AutoCAD 2009
2010-11-28 02:43:14 ----D---- C:\ProgramData\Guitar Pro 6
2010-11-27 19:43:34 ----D---- C:\Program Files (x86)\MusicLab
2010-11-25 07:22:37 ----D---- C:\Windows\pss
2010-11-24 20:33:45 ----D---- C:\Program Files (x86)\HiJack
2010-11-24 20:07:28 ----D---- C:\Program Files (x86)\Microsoft ActiveSync
2010-11-24 20:07:21 ----A---- C:\Windows\SYSWOW64\msvcp50.dll
2010-11-22 14:20:09 ----HDC---- C:\ProgramData\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2010-11-21 17:39:20 ----HDC---- C:\ProgramData\{63212DDB-3722-4A80-B4BE-CF435DDAD17C}
2010-11-21 17:38:22 ----HDC---- C:\ProgramData\{05835455-7C7C-4AA0-A7A0-63D407FC9E17}
2010-11-21 17:38:03 ----HDC---- C:\ProgramData\{2B0AD088-31DC-4A62-9BFF-8A02B70C0942}
2010-11-21 00:31:25 ----HDC---- C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2010-11-21 00:14:09 ----D---- C:\ProgramData\Native Instruments
2010-11-21 00:13:04 ----D---- C:\Program Files\Native Instruments
2010-11-21 00:13:04 ----D---- C:\Program Files\Common Files\Native Instruments
2010-11-20 18:43:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-11-18 21:57:22 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-11-18 18:14:54 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-11-18 18:14:54 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-11-18 18:14:54 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-18 18:14:54 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-18 18:14:53 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-11-18 18:14:53 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-18 18:14:51 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-11-18 18:14:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-11-18 18:14:51 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-18 18:14:51 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-18 18:14:49 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-11-18 18:14:49 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-08 17:23:34 ----D---- C:\Windows\cs
2010-11-08 17:22:10 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-11-08 17:21:49 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-11-08 17:21:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-11-08 17:21:49 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-08 17:21:09 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-11-08 17:18:08 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2010-11-08 17:18:08 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2010-11-08 17:18:08 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-11-08 17:18:08 ----A---- C:\Windows\system32\mfreadwrite.dll
2010-11-08 17:18:08 ----A---- C:\Windows\system32\mfps.dll
2010-11-08 17:18:07 ----A---- C:\Windows\SYSWOW64\mf.dll
2010-11-08 17:18:07 ----A---- C:\Windows\system32\mf.dll
2010-10-26 19:14:21 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-10-26 19:14:21 ----A---- C:\Windows\system32\msdri.dll
2010-10-26 19:14:21 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-26 19:14:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-10-25 23:45:00 ----D---- C:\Users\gulesz\AppData\Roaming\Nokia Ovi Suite
2010-10-25 23:40:12 ----D---- C:\ProgramData\Nokia
2010-10-25 23:28:38 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2010-10-25 23:28:29 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-10-25 23:25:43 ----D---- C:\ProgramData\NokiaInstallerCache
2010-10-25 15:58:55 ----A---- C:\Windows\TrnWord.dll
2010-10-25 15:58:35 ----A---- C:\Windows\WTRDCTM.INI
2010-10-25 15:58:00 ----A---- C:\Windows\UN32P.INI
2010-10-25 15:58:00 ----A---- C:\Windows\UN32.EXE
2010-10-25 15:57:29 ----A---- C:\Windows\MAILTRAN.INI
2010-10-25 15:57:28 ----A---- C:\Windows\TRNCOM.INI
2010-10-25 15:57:21 ----A---- C:\Windows\WTRAN32.INI
2010-10-25 15:57:21 ----A---- C:\Windows\WDICT32.INI
2010-10-25 15:49:58 ----D---- C:\Program Files (x86)\pctranslat
2010-10-25 13:39:22 ----D---- C:\Program Files (x86)\ProJack
2010-10-22 15:18:59 ----D---- C:\Program Files (x86)\EasyCleaner
2010-10-20 21:33:29 ----D---- C:\Users\gulesz\AppData\Roaming\Publish Providers
2010-10-20 21:30:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-10-20 21:29:51 ----N---- C:\Windows\SYSWOW64\dbmsqlgc.dll
2010-10-20 21:29:51 ----N---- C:\Windows\SYSWOW64\dbmsgnet.dll
2010-10-20 21:29:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2010-10-20 21:27:36 ----D---- C:\ProgramData\Sony
2010-10-20 21:19:04 ----D---- C:\Users\gulesz\AppData\Roaming\Sony
2010-10-20 21:10:14 ----D---- C:\Program Files (x86)\Sony Setup
2010-10-16 13:28:31 ----D---- C:\ProgramData\Corel
2010-10-14 02:00:57 ----D---- C:\6160661efce506992868
2010-10-13 21:20:06 ----D---- C:\Program Files (x86)\EA Sports
2010-10-13 14:08:05 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-10-13 14:08:05 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-13 14:08:04 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-10-13 14:08:04 ----A---- C:\Windows\system32\t2embed.dll
2010-10-13 14:08:04 ----A---- C:\Windows\system32\ole32.dll
2010-10-13 14:08:03 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-10-13 14:07:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-10-13 14:07:55 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-10-13 14:07:55 ----A---- C:\Windows\system32\schannel.dll
2010-10-13 14:07:55 ----A---- C:\Windows\system32\comctl32.dll
2010-10-13 14:07:39 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-10-13 14:07:39 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-10-13 14:07:39 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-10-13 14:07:39 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-13 14:07:38 ----A---- C:\Windows\system32\mshtml.dll
2010-10-13 14:07:36 ----A---- C:\Windows\system32\ieframe.dll
2010-10-13 14:07:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-10-13 14:07:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-10-13 14:07:35 ----A---- C:\Windows\system32\iertutil.dll
2010-10-13 14:07:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-10-13 14:07:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\wininet.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\urlmon.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\mstime.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\ieui.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\iepeers.dll
2010-10-13 14:07:33 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-13 14:07:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-10-13 14:07:32 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-10-13 14:07:32 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-10-13 14:07:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-10-13 14:07:32 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-10-13 14:07:32 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-13 14:07:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-13 14:07:32 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-13 14:07:30 ----A---- C:\Windows\system32\wmp.dll
2010-10-13 14:07:28 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-10-13 14:07:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-10-13 14:07:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-13 14:07:26 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-10-13 14:07:26 ----A---- C:\Windows\system32\win32k.sys
2010-10-13 14:07:26 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-13 14:07:26 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-13 14:07:26 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-13 14:07:26 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-03 18:58:45 ----D---- C:\Program Files (x86)\Skype
2010-10-02 02:37:21 ----D---- C:\Users\gulesz\AppData\Roaming\Mozilla
2010-10-02 02:37:03 ----D---- C:\Users\gulesz\AppData\Roaming\AMozilla
2010-09-30 18:41:05 ----D---- C:\Program Files (x86)\Native Instruments
2010-09-30 02:01:08 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-09-30 02:01:08 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-29 16:48:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-09-29 16:48:50 ----A---- C:\Windows\system32\tzres.dll
2010-09-28 21:02:04 ----A---- C:\Windows\IsUninst.exe
2010-09-23 22:56:50 ----D---- C:\ProgramData\Google
2010-09-23 00:47:28 ----A---- C:\Windows\SYSWOW64\sirenacm.dll
2010-09-21 14:49:02 ----A---- C:\Windows\system32\LIVESSP.DLL
2010-09-21 14:03:14 ----A---- C:\Windows\SYSWOW64\LIVESSP.DLL
2010-09-15 23:26:50 ----D---- C:\Users\gulesz\AppData\Roaming\skypePM
2010-09-15 23:01:22 ----D---- C:\Users\gulesz\AppData\Roaming\Skype
2010-09-15 23:00:45 ----D---- C:\ProgramData\Skype
2010-09-15 17:52:32 ----A---- C:\Windows\system32\spoolsv.exe

======List of files/folders modified in the last 3 months======

2010-12-10 05:31:30 ----D---- C:\Windows\Temp
2010-12-10 05:31:25 ----RD---- C:\Program Files
2010-12-10 01:54:23 ----D---- C:\Windows\system32\config
2010-12-09 23:15:38 ----HD---- C:\ProgramData
2010-12-09 23:15:01 ----D---- C:\Program Files (x86)\VstPlugins
2010-12-09 23:15:01 ----D---- C:\Program Files (x86)
2010-12-09 23:14:56 ----SHD---- C:\Windows\Installer
2010-12-09 23:14:43 ----D---- C:\Windows\SysWOW64
2010-12-09 23:14:42 ----D---- C:\Windows\System32
2010-12-09 18:20:36 ----D---- C:\Windows\system32\drivers\Avg
2010-12-09 09:28:16 ----D---- C:\Windows\system32\drivers
2010-12-09 09:28:15 ----D---- C:\Windows
2010-12-09 09:28:14 ----D---- C:\Windows\system32\DriverStore
2010-12-09 09:28:14 ----D---- C:\Windows\system32\catroot
2010-12-09 09:28:14 ----D---- C:\Windows\inf
2010-12-09 09:28:02 ----SHD---- C:\System Volume Information
2010-12-09 07:43:50 ----A---- C:\Windows\SYSWOW64\log.txt
2010-12-08 15:39:29 ----D---- C:\Windows\system32\Tasks
2010-12-08 15:39:28 ----D---- C:\Windows\Tasks
2010-12-08 13:00:08 ----A---- C:\startvrlservice_log.txt
2010-12-08 02:02:22 ----D---- C:\Program Files\Common Files\ChaosGroup
2010-12-07 21:52:29 ----D---- C:\Users\gulesz\AppData\Roaming\Autodesk
2010-12-07 21:52:29 ----D---- C:\ProgramData\Autodesk
2010-12-03 19:24:56 ----D---- C:\Windows\system32\catroot2
2010-12-03 15:36:59 ----D---- C:\Windows\winsxs
2010-12-03 15:36:53 ----D---- C:\Windows\system32\cs-CZ
2010-12-03 12:35:08 ----D---- C:\Windows\Prefetch
2010-11-30 11:49:38 ----D---- C:\Program Files (x86)\Common Files
2010-11-30 09:56:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-29 20:04:20 ----RSD---- C:\Windows\assembly
2010-11-29 20:04:20 ----D---- C:\Windows\Microsoft.NET
2010-11-29 20:01:33 ----RSD---- C:\Windows\Fonts
2010-11-29 20:01:17 ----D---- C:\Windows\Downloaded Program Files
2010-11-29 20:01:10 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-11-29 20:00:05 ----D---- C:\Windows\Help
2010-11-29 19:53:21 ----D---- C:\Program Files (x86)\Autodesk
2010-11-28 23:14:47 ----D---- C:\ProgramData\FLEXnet
2010-11-27 16:56:21 ----D---- C:\Windows\system32\NDF
2010-11-24 22:36:17 ----D---- C:\Program Files (x86)\Internet Explorer
2010-11-24 22:36:16 ----D---- C:\Program Files\Internet Explorer
2010-11-24 06:08:20 ----SD---- C:\Users\gulesz\AppData\Roaming\Microsoft
2010-11-22 01:11:09 ----D---- C:\Program Files (x86)\SONY
2010-11-21 15:46:08 ----D---- C:\ProgramData\Microsoft Help
2010-11-21 15:45:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-11-21 02:34:29 ----D---- C:\Program Files (x86)\VirtualDJ
2010-11-21 00:42:55 ----D---- C:\Windows\Minidump
2010-11-21 00:13:04 ----D---- C:\Program Files\Common Files
2010-11-20 19:36:00 ----D---- C:\Program Files (x86)\Google
2010-11-19 18:43:31 ----D---- C:\ProgramData\ArcSoft
2010-11-18 21:59:50 ----D---- C:\Program Files\Autodesk
2010-11-18 18:31:17 ----D---- C:\Program Files (x86)\InstallShield Installation Information
2010-11-18 18:13:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-11 09:34:38 ----A---- C:\Windows\system32\MRT.exe
2010-11-10 20:26:58 ----D---- C:\Users\gulesz\AppData\Roaming\Cool Record Edit Pro
2010-11-10 20:26:28 ----D---- C:\Temp
2010-11-08 17:23:04 ----D---- C:\Program Files (x86)\Windows Live
2010-11-08 17:22:30 ----SD---- C:\ProgramData\Microsoft
2010-11-08 17:22:10 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-08 17:22:07 ----D---- C:\Program Files\Windows Live
2010-11-08 17:20:43 ----D---- C:\Windows\SoftwareDistribution
2010-10-28 02:38:12 ----D---- C:\Windows\rescache
2010-10-28 02:01:13 ----D---- C:\Windows\AppPatch
2010-10-27 14:50:36 ----D---- C:\Windows\system32\drivers\UMDF
2010-10-26 21:35:31 ----D---- C:\Windows\ehome
2010-10-26 00:02:01 ----D---- C:\Users\gulesz\AppData\Roaming\Nokia
2010-10-25 23:28:45 ----D---- C:\Program Files (x86)\Nokia
2010-10-22 15:34:35 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-22 15:34:35 ----D---- C:\Program Files (x86)\UltraISO
2010-10-22 15:34:34 ----D---- C:\Program Files (x86)\QIP
2010-10-20 21:29:49 ----D---- C:\Program Files (x86)\Uninstall Information
2010-10-17 15:16:40 ----D---- C:\Program Files (x86)\Corel
2010-10-16 13:50:45 ----D---- C:\Users\gulesz\AppData\Roaming\Corel
2010-10-14 02:57:37 ----D---- C:\Windows\SYSWOW64\migration
2010-10-14 02:57:36 ----D---- C:\Windows\system32\migration
2010-10-14 02:57:35 ----D---- C:\Program Files\Windows Media Player
2010-10-13 06:39:49 ----D---- C:\Users\gulesz\AppData\Roaming\Juce VST Host
2010-09-30 20:27:23 ----D---- C:\Users\gulesz\AppData\Roaming\ArcSoft
2010-09-30 02:16:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-09-26 23:12:28 ----D---- C:\Users\gulesz\AppData\Roaming\Hardcore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx64;avgrkx64.sys; C:\Windows\System32\Drivers\avgrkx64.sys [2010-04-09 56008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-11-21 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-21 828912]
R1 AvgLdx64;AVG AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2010-06-22 269904]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2010-06-01 35536]
R1 AvgTdiA;AVG Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2010-06-22 317520]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-12 1542656]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-24 6106624]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-12-14 56344]
R3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2009-11-13 151936]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro; C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-05-19 185864]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-16 213280]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2009-11-04 253488]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-16 7778176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-16 2212640]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-21 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-14 268824]
R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-02-23 5235712]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-05-07 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-05-07 103736]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R2 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R2 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2009-12-01 204648]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-09-14 206336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
S2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-10 79360]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-18 1436424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-18 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SampleCollector;Intel(R) Sample Collector; C:\Program Files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-09-14 69632]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-08 110960]
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2009-10-30 1165680]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1255736]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-24 202752]
S4 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-10 65536]
S4 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#4 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. V logu není nic nebezpečného vidět.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#5 Příspěvek od gulesz »

alwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5291

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11.12.2010 6:36:07
mbam-log-2010-12-11 (06-36-07).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 496721
Uplynulý čas: 2 hodin, 6 minut, 2 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 15
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 21
Infikované soubory: 223

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{EE53711B-0711-4999-88F0-33DC043623B1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48C9E279-C48C-48C1-9AFC-E4E9E5E5E350} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2EA256ED-74B3-4322-B1E0-53D00C693E6E} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\program files (x86)\common files\comobject (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\autoconfig (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\chrome (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\dictionaries (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\extensions (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\greprefs (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\plugins (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\dtd (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\html (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\uninstall (Trojan.ObCom) -> Quarantined and deleted successfully.

Infikované soubory:
c:\Users\gulesz\downloads\.grafika\acdsee_photo_manager_12_verze_120_build_344_cz\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\Users\gulesz\downloads\.grafika\sony vegas v7.0d + dvd architect 4\keygen - kopie.mmm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\gulesz\downloads\.grafika\sony vegas v7.0d + dvd architect 4\keygen.mmm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\cod4\razor1911\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\half-life\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\Mafia 2\instalace\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\Mafia 2\instalace\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\Mafia 2\instalace\Phx_data\Res\RICO.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\gulesz\Games\Mafia 2\instalace\Phx_data\Res\ss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\blocklist.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\accessiblemarshal.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\application.ini (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\browserconfig.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\crashreporter-override.ini (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\crashreporter.exe (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\crashreporter.ini (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\freebl3.chk (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\freebl3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\js3250.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\LICENSE (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\liveupdate.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\lupdater.exe (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\mozcrt19.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nspr4.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nss3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nssckbi.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nssdbm3.chk (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nssdbm3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\nssutil3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\platform.ini (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\plc4.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\plds4.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\README.txt (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\smime3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\softokn3.chk (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\softokn3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\SP.exe (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\sqlite3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\ssl3.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\update.locale (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\updater.ini (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\wSock.exe (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\xpcom.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\xul.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\browser.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\browser.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\classic.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\classic.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\comm.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\comm.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\en-US.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\en-us.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\pippki.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\pippki.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\reporter.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\reporter.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\toolkit.jar (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\chrome\toolkit.manifest (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\browser.xpt (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\browserdirprovider.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\brwsrcmp.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\components.list (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\compreg.dat (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\feedconverter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\feedprocessor.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\feedwriter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\fuelapplication.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\gpsdgeolocationprovider.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\jsconsole-clhandler.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\networkgeolocationprovider.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsaddonrepository.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsbadcerthandler.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsblocklistservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsbrowsercontenthandler.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsbrowserglue.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nscontentdispatchchooser.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nscontentprefservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsdefaultclh.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsdownloadmanagerui.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsextensionmanager.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsformautocomplete.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nshandlerservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nshelperappdlg.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nslivemarkservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nslogininfo.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsloginmanager.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsloginmanagerprompter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsmicrosummaryservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsplacesautocomplete.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsplacesdbflush.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsplacestransactionsservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsprivatebrowsingservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsproxyautoconfig.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssafebrowsingapplication.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssearchservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssearchsuggestions.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssessionstartup.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssessionstore.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssetdefaultbrowser.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nssidebar.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nstaggingservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nstrytoclose.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsupdateservice.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsupdateservicestub.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsupdatetimermanager.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsurlclassifierlib.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsurlclassifierlistmanager.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nsurlformatter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\nswebhandlerapp.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\pluginglue.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\storage-legacy.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\storage-mozstorage.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\txexsltregexfunctions.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\webcontentconverter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\components\xpti.dat (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\autoconfig\platform.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\autoconfig\prefcalls.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref\channel-prefs.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref\firefox-branding.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref\firefox-l10n.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref\firefox.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\pref\reporter.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\bookmarks.html (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\localstore.rdf (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\mimetypes.rdf (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\prefs.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\chrome\userchrome-example.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\defaults\profile\chrome\usercontent-example.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\dictionaries\en-US.aff (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\dictionaries\en-US.dic (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\greprefs\all.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\greprefs\security-prefs.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\greprefs\xpinstall.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\certutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\ctypes.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\debug.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\distribution.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\downloadlastdir.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\downloadutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\fileutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\iso8601dateutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\lightweightthemeconsumer.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\lightweightthememanager.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\microformats.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\NetUtil.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\networkprioritizer.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\openlocationlasturl.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\placesdbutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\pluralform.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\spatialnavigation.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\utils.js (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\windowdraggingutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\windowspreviewpertab.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\modules\xpcomutils.jsm (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\plugins\npbasic.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\plugins\npnul32.dll (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\arrow.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\arrowd.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\broken-image.png (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\charsetalias.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\charsetdata.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\contenteditable.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\designmode.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\editoroverride.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\forms.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\grabber.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\hiddenwindow.html (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\html.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\langgroups.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\language.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\loading-image.png (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\mathml.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\quirk.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\svg.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-after-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-after-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-after.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-before-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-before-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-column-before.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-after-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-after-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-after.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-before-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-before-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-add-row-before.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-column-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-column-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-column.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-row-active.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-row-hover.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\table-remove-row.gif (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\ua.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\viewsource.css (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\wincharset.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\dtd\mathml.dtd (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\dtd\xhtml11.dtd (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\html40latin1.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\html40special.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\html40symbols.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\htmlentityversions.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\mathml20.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\entitytables\transliterate.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfont.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfontstandardsymbolsl.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfontstixnonunicode.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfontstixsize1.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfontsymbol.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\fonts\mathfontunicode.properties (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\res\html\folder.png (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\amazondotcom.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\answers.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\creativecommons.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\eBay.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\google.xml
(Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\wikipedia.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\searchplugins\yahoo.xml (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\comobject\uninstall\helper.exe (Trojan.ObCom) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


to sem teda odstranil,malinko trojanu:)
dela vsak porad, hlavne kdyz zapnu operu..

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#6 Příspěvek od Rudy »

Ani bych netvrdil, že malinko. :wink: Udělejte ještě sken ComboFix a dejte log.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#7 Příspěvek od gulesz »

Nejde mi u avg vypnout rezidencni stit, combo fix pise ze mam odinstalovat...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#8 Příspěvek od Rudy »

Ano, pro tuto akci musíte AVG dočasně odinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#9 Příspěvek od gulesz »

ComboFix 10-12-11.01 - gulesz 15.12.2010 21:25:31.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3950.2356 [GMT 1:00]
Spuštěný z: c:\users\gulesz\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\gulesz\AppData\Local\Microsoft\Windows\Temporary Internet Files\SLOVA.WAV
c:\users\gulesz\AppData\Local\Microsoft\Windows\Temporary Internet Files\WDICT32.INI
c:\users\gulesz\AppData\Local\Microsoft\Windows\Temporary Internet Files\WTRAN32.INI
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\Alarm Clock-7 {buy now}.url
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\Anodised Aluminium_by_FlytE2697.mat
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\basalt.mat
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\Carpet.mat
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\Concrete Floor_by_marcelo.perini5790.mat
c:\users\gulesz\AppData\Roaming\Microsoft\Windows\Recent\pearl.mat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-15 do 2010-12-15 )))))))))))))))))))))))))))))))
.

2010-12-15 20:29 . 2010-12-15 20:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-15 02:05 . 2010-12-15 02:09 -------- d-----w- C:\b190b696f9dd54f0b771
2010-12-14 17:54 . 2010-12-14 17:54 -------- d-----w- c:\users\gulesz\AppData\Roaming\Auslogics
2010-12-11 18:03 . 2010-12-11 18:03 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-11 03:28 . 2010-12-11 03:28 -------- d-----w- c:\users\gulesz\AppData\Roaming\Malwarebytes
2010-12-11 03:28 . 2010-11-29 16:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-11 03:28 . 2010-12-11 03:28 -------- d-----w- c:\programdata\Malwarebytes
2010-12-11 03:27 . 2010-12-11 03:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-11 03:27 . 2010-11-29 16:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-10 04:31 . 2010-12-10 04:31 -------- d-----w- c:\program files\trend micro
2010-12-09 22:15 . 2010-12-09 22:15 -------- d-----w- c:\programdata\Syncrosoft
2010-12-09 22:15 . 2010-12-10 04:19 -------- d-----w- c:\program files (x86)\Steinberg
2010-12-09 22:14 . 2010-12-09 22:15 -------- d-----w- c:\programdata\eLicenser
2010-12-09 22:14 . 2010-12-09 22:14 -------- d-----w- c:\program files (x86)\eLicenser
2010-12-09 22:14 . 2010-12-09 22:14 -------- d-----w- c:\program files (x86)\Syncrosoft
2010-12-09 22:14 . 2009-09-17 15:20 1695232 ----a-w- c:\windows\system32\synsoacc.dll
2010-12-09 22:14 . 2009-09-17 15:20 1261568 ----a-w- c:\windows\SysWow64\SYNSOACC.dll
2010-12-09 22:14 . 2009-05-19 14:21 86016 ----a-w- c:\windows\SysWow64\SYNSOPOS.exe
2010-12-09 08:28 . 2010-12-09 08:28 -------- d-----w- c:\program files\M-Audio
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\users\gulesz\AppData\Roaming\SUPERAntiSpyware.com
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\programdata\!SASCORE
2010-12-08 13:28 . 2010-12-08 13:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-12-04 16:10 . 2010-12-04 16:10 -------- d-----w- c:\program files (x86)\Winamp Detect
2010-12-04 16:10 . 2010-12-04 18:24 -------- d-----w- c:\users\gulesz\AppData\Roaming\Winamp
2010-12-04 16:10 . 2010-12-04 16:11 -------- d-----w- c:\program files (x86)\Winamp
2010-12-03 16:44 . 2010-12-03 16:44 -------- d-----w- c:\program files (x86)\Unknown Device Identifier
2010-11-30 15:14 . 2010-11-30 15:14 -------- d-----w- c:\users\gulesz\AppData\Roaming\Thunderbird
2010-11-30 15:14 . 2010-11-30 15:14 -------- d-----w- c:\users\gulesz\AppData\Local\Thunderbird
2010-11-30 15:13 . 2010-11-30 15:14 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\users\gulesz\AppData\Roaming\ParetoLogic
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\users\gulesz\AppData\Roaming\DriverCure
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\programdata\ParetoLogic
2010-11-29 18:56 . 2010-12-05 21:05 -------- d-----w- c:\program files\AutoCAD 2009
2010-11-28 01:43 . 2010-11-28 01:43 -------- d-----w- c:\programdata\Guitar Pro 6
2010-11-27 18:43 . 2010-11-28 01:28 -------- d-----w- c:\program files (x86)\MusicLab
2010-11-24 19:33 . 2010-11-24 19:33 388096 ----a-r- c:\users\gulesz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-24 19:33 . 2010-11-24 19:33 -------- d-----w- c:\program files (x86)\HiJack
2010-11-24 19:07 . 2010-11-24 19:26 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2010-11-24 19:07 . 1999-07-05 13:44 565760 ----a-w- c:\windows\SysWow64\msvcp50.dll
2010-11-24 12:55 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-24 12:55 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2010-11-22 13:20 . 2010-11-22 13:20 -------- dc-h--w- c:\programdata\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2010-11-21 16:39 . 2010-11-21 16:39 -------- dc-h--w- c:\programdata\{63212DDB-3722-4A80-B4BE-CF435DDAD17C}
2010-11-21 16:38 . 2010-11-21 16:38 -------- dc-h--w- c:\programdata\{05835455-7C7C-4AA0-A7A0-63D407FC9E17}
2010-11-21 16:38 . 2010-11-21 16:38 -------- dc-h--w- c:\programdata\{2B0AD088-31DC-4A62-9BFF-8A02B70C0942}
2010-11-20 23:31 . 2010-11-20 23:31 -------- dc-h--w- c:\programdata\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2010-11-20 23:14 . 2010-11-20 23:14 -------- d-----w- c:\programdata\Native Instruments
2010-11-20 23:13 . 2010-11-21 16:38 -------- d-----w- c:\program files\Native Instruments
2010-11-20 23:13 . 2010-11-21 16:38 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-11-19 13:07 . 2010-11-25 16:44 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-11-19 13:07 . 2010-11-25 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-11-18 20:57 . 2010-11-18 20:57 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-11-18 17:29 . 2010-11-18 17:29 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2010-11-18 17:14 . 2008-07-31 09:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-11-18 17:14 . 2008-07-31 09:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2010-11-18 17:14 . 2008-07-31 09:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-11-18 17:14 . 2008-07-31 09:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2010-11-18 17:14 . 2008-07-31 09:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2010-11-18 17:14 . 2008-07-31 09:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-11-18 17:14 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-27 16:56 . 2010-11-15 18:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-11-27 16:56 . 2010-11-15 18:04 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-25 14:58 . 2010-10-25 14:58 294912 ----a-w- c:\windows\TrnWord.dll
2010-10-25 14:58 . 2010-10-25 14:58 516096 ----a-w- c:\windows\UN32.EXE
2010-10-20 23:02 . 2010-05-25 14:54 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2010-10-20 20:29 . 2010-10-20 20:29 20480 ----a-w- c:\windows\SysWow64\cliconfg.728
2010-10-16 12:50 . 2010-05-25 14:54 88 --sh--r- c:\programdata\5411694D96.sys
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-09-22 23:36 . 2010-11-08 16:22 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-22 23:32 . 2010-09-22 23:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 13:49 . 2010-09-21 13:49 252800 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-21 13:03 . 2010-09-21 13:03 208768 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-18 1436424]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-05-19 185864]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-16 167424]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-08 110960]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2009-10-30 1165680]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1255736]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-24 202752]
R4 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-09 65536]
R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-21 828912]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-02-23 5235712]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-12-14 56344]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
S4 AvgRkx64;avgrkx64.sys;c:\windows\system32\Drivers\avgrkx64.sys [x]
S4 AvgTdiA;AVG Network Redirector x64;c:\windows\system32\Drivers\avgtdia.sys [x]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - AvgLdx64
.
Obsah adresáře 'Naplánované úlohy'

2010-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 21:31]

2010-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 21:31]

2010-12-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

2010-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-05-19 749576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com/web?o=14677&l=dis
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKU-Default-RunOnce-RecFreeToolbar - c:\program files (x86)\RecFree.com\RecFreeToolbar\1.3.23.2\escortApp.dll
Notify-VESWinlogon - VESWinlogon.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-ArchShaders for V-Ray vol.1_is1 - c:\users\gulesz\3DSMax\Arch\Evermotion ArchShaders\Evermotion ArchShaders.01\archshaders\uninstall\unins000.exe
AddRemove-KN StrongDC - c:\program files\KN_StrongDC\uninstall.exe
AddRemove-Native Instruments Maschine Driver - c:\programdata\{EADDDB9C-2F20-4408-9D14-618D2AF3ADB4}\Maschine Driver Setup.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ico"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpg"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.thm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wmf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-15 21:31:44
ComboFix-quarantined-files.txt 2010-12-15 20:31

Před spuštěním: Volných bajtů: 65 751 724 032
Po spuštění: Volných bajtů: 65 595 052 032

- - End Of File - - 0DACA706B9D19E49349998120ADAAF0F

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#10 Příspěvek od gulesz »

...procesor skace a vetra huci porad. :?:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#11 Příspěvek od Rudy »

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Collect::
c:\programdata\5411694D96.sys
Uložte na plochu jako CFScript.txt. Pak jej myší pořetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#12 Příspěvek od gulesz »

ComboFix 10-12-11.01 - gulesz 16.12.2010 3:01.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3950.2379 [GMT 1:00]
Spuštěný z: c:\users\gulesz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\gulesz\Desktop\CFscript.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\gulesz\AppData\Local\Microsoft\Windows\Temporary Internet Files\WDICT32.INI

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-16 do 2010-12-16 )))))))))))))))))))))))))))))))
.

2010-12-16 02:07 . 2010-12-16 02:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-15 20:44 . 2010-12-15 20:44 -------- d-----w- c:\users\gulesz\AppData\Roaming\AVG10
2010-12-15 20:43 . 2010-12-15 20:43 -------- d--h--w- c:\programdata\Common Files
2010-12-15 20:41 . 2010-12-16 01:59 -------- d-----w- c:\programdata\AVG10
2010-12-15 20:34 . 2010-12-15 20:35 -------- d-----w- c:\programdata\MFAData
2010-12-15 02:05 . 2010-12-15 02:09 -------- d-----w- C:\b190b696f9dd54f0b771
2010-12-14 17:54 . 2010-12-14 17:54 -------- d-----w- c:\users\gulesz\AppData\Roaming\Auslogics
2010-12-11 18:03 . 2010-12-11 18:03 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-11 03:28 . 2010-12-11 03:28 -------- d-----w- c:\users\gulesz\AppData\Roaming\Malwarebytes
2010-12-11 03:28 . 2010-11-29 16:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-11 03:28 . 2010-12-11 03:28 -------- d-----w- c:\programdata\Malwarebytes
2010-12-11 03:27 . 2010-12-11 03:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-11 03:27 . 2010-11-29 16:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-10 04:31 . 2010-12-10 04:31 -------- d-----w- c:\program files\trend micro
2010-12-09 22:15 . 2010-12-09 22:15 -------- d-----w- c:\programdata\Syncrosoft
2010-12-09 22:15 . 2010-12-10 04:19 -------- d-----w- c:\program files (x86)\Steinberg
2010-12-09 22:14 . 2010-12-09 22:15 -------- d-----w- c:\programdata\eLicenser
2010-12-09 22:14 . 2010-12-09 22:14 -------- d-----w- c:\program files (x86)\eLicenser
2010-12-09 22:14 . 2010-12-09 22:14 -------- d-----w- c:\program files (x86)\Syncrosoft
2010-12-09 22:14 . 2009-09-17 15:20 1695232 ----a-w- c:\windows\system32\synsoacc.dll
2010-12-09 22:14 . 2009-09-17 15:20 1261568 ----a-w- c:\windows\SysWow64\SYNSOACC.dll
2010-12-09 22:14 . 2009-05-19 14:21 86016 ----a-w- c:\windows\SysWow64\SYNSOPOS.exe
2010-12-09 08:28 . 2010-12-09 08:28 -------- d-----w- c:\program files\M-Audio
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\users\gulesz\AppData\Roaming\SUPERAntiSpyware.com
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-12-08 13:28 . 2010-12-08 13:28 -------- d-----w- c:\programdata\!SASCORE
2010-12-08 13:28 . 2010-12-08 13:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-12-04 16:10 . 2010-12-04 16:10 -------- d-----w- c:\program files (x86)\Winamp Detect
2010-12-04 16:10 . 2010-12-04 18:24 -------- d-----w- c:\users\gulesz\AppData\Roaming\Winamp
2010-12-04 16:10 . 2010-12-04 16:11 -------- d-----w- c:\program files (x86)\Winamp
2010-12-03 16:44 . 2010-12-03 16:44 -------- d-----w- c:\program files (x86)\Unknown Device Identifier
2010-11-30 15:14 . 2010-11-30 15:14 -------- d-----w- c:\users\gulesz\AppData\Roaming\Thunderbird
2010-11-30 15:14 . 2010-11-30 15:14 -------- d-----w- c:\users\gulesz\AppData\Local\Thunderbird
2010-11-30 15:13 . 2010-11-30 15:14 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\users\gulesz\AppData\Roaming\ParetoLogic
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\users\gulesz\AppData\Roaming\DriverCure
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2010-11-30 10:49 . 2010-11-30 10:49 -------- d-----w- c:\programdata\ParetoLogic
2010-11-29 18:56 . 2010-12-05 21:05 -------- d-----w- c:\program files\AutoCAD 2009
2010-11-28 01:43 . 2010-11-28 01:43 -------- d-----w- c:\programdata\Guitar Pro 6
2010-11-27 18:43 . 2010-11-28 01:28 -------- d-----w- c:\program files (x86)\MusicLab
2010-11-24 19:33 . 2010-11-24 19:33 388096 ----a-r- c:\users\gulesz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-24 19:33 . 2010-11-24 19:33 -------- d-----w- c:\program files (x86)\HiJack
2010-11-24 19:07 . 2010-11-24 19:26 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2010-11-24 19:07 . 1999-07-05 13:44 565760 ----a-w- c:\windows\SysWow64\msvcp50.dll
2010-11-24 12:55 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-24 12:55 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2010-11-22 13:20 . 2010-11-22 13:20 -------- dc-h--w- c:\programdata\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2010-11-21 16:39 . 2010-11-21 16:39 -------- dc-h--w- c:\programdata\{63212DDB-3722-4A80-B4BE-CF435DDAD17C}
2010-11-21 16:38 . 2010-11-21 16:38 -------- dc-h--w- c:\programdata\{05835455-7C7C-4AA0-A7A0-63D407FC9E17}
2010-11-21 16:38 . 2010-11-21 16:38 -------- dc-h--w- c:\programdata\{2B0AD088-31DC-4A62-9BFF-8A02B70C0942}
2010-11-20 23:31 . 2010-11-20 23:31 -------- dc-h--w- c:\programdata\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
2010-11-20 23:14 . 2010-11-20 23:14 -------- d-----w- c:\programdata\Native Instruments
2010-11-20 23:13 . 2010-11-21 16:38 -------- d-----w- c:\program files\Native Instruments
2010-11-20 23:13 . 2010-11-21 16:38 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-11-19 13:07 . 2010-11-25 16:44 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-11-19 13:07 . 2010-11-25 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-11-18 20:57 . 2010-11-18 20:57 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-11-18 17:29 . 2010-11-18 17:29 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2010-11-18 17:14 . 2008-07-31 09:41 72200 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-11-18 17:14 . 2008-07-31 09:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2010-11-18 17:14 . 2008-07-31 09:40 513544 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-11-18 17:14 . 2008-07-31 09:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2010-11-18 17:14 . 2008-07-31 09:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2010-11-18 17:14 . 2008-07-31 09:41 177672 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-11-18 17:14 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2010-11-18 17:14 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-27 16:56 . 2010-11-15 18:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-11-27 16:56 . 2010-11-15 18:04 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-25 14:58 . 2010-10-25 14:58 294912 ----a-w- c:\windows\TrnWord.dll
2010-10-25 14:58 . 2010-10-25 14:58 516096 ----a-w- c:\windows\UN32.EXE
2010-10-20 23:02 . 2010-05-25 14:54 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2010-10-20 20:29 . 2010-10-20 20:29 20480 ----a-w- c:\windows\SysWow64\cliconfg.728
2010-10-16 12:50 . 2010-05-25 14:54 88 --sh--r- c:\programdata\5411694D96.sys
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-09-22 23:36 . 2010-11-08 16:22 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-22 23:32 . 2010-09-22 23:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 13:49 . 2010-09-21 13:49 252800 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-21 13:03 . 2010-09-21 13:03 208768 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
.

((((((((((((((((((((((((((((( SnapShot@2010-12-15_20.30.05 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2010-12-15 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2010-12-15 20:38 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2010-12-15 10:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-15 20:38 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-15 10:59 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-15 20:38 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-26 00:54 . 2010-12-15 20:39 65822 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2010-12-15 20:39 36774 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2010-12-15 11:01 36774 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-01-11 14:39 . 2010-12-15 11:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-11 14:39 . 2010-12-15 20:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-11 14:39 . 2010-12-15 20:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-11 14:39 . 2010-12-15 11:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-15 11:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-15 20:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-11 10:41 . 2010-12-15 20:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-04-11 10:41 . 2010-12-15 11:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2010-12-15 20:46 79024 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-04-11 10:41 . 2010-12-15 11:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-04-11 10:41 . 2010-12-15 20:40 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-04-11 10:41 . 2010-12-15 11:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-11 10:41 . 2010-12-15 20:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-04-09 20:04 . 2010-12-15 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-04-09 20:04 . 2010-12-15 20:40 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-04-09 20:04 . 2010-12-15 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-09 20:04 . 2010-12-15 20:40 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-26 01:45 . 2010-12-15 05:07 2754 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2009-12-26 01:45 . 2010-12-15 20:36 2754 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-12-15 10:59 . 2010-12-15 10:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-12-15 20:37 . 2010-12-15 20:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-12-15 20:37 . 2010-12-15 20:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-12-15 10:59 . 2010-12-15 10:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-10 11:56 . 2010-12-15 20:36 6021784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-11-18 20:21 . 2010-11-18 20:21 4644864 c:\windows\Installer\441f2.msi
+ 2010-10-27 08:23 . 2010-10-27 08:23 1922560 c:\windows\Installer\2105004.msi
+ 2010-07-23 12:08 . 2010-07-23 12:08 8544256 c:\windows\Installer\2105000.msi
- 2009-07-14 02:34 . 2010-12-15 19:20 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2010-12-15 20:52 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll [BU]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-18 1436424]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-05-19 185864]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-16 167424]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-08 110960]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2009-10-30 1165680]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1255736]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-24 202752]
R4 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-09 65536]
R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-21 828912]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-02-23 5235712]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-12-14 56344]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
S4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S4 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S4 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S4 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]


--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - AVGIDSDRIVER
*NewlyCreated* - AVGIDSEH
*NewlyCreated* - AVGIDSFILTER
.
Obsah adresáře 'Naplánované úlohy'

2010-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 21:31]

2010-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18 21:31]

2010-12-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]

2010-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-05-19 749576]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com/web?o=14677&l=dis
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-VAIO screensaver - c:\program files (x86)\VAIO screensavers\VAIO_generic_screensaver.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ico"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpg"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-970004878-1913409994-2279429459-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.thm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wmf"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"

[HKEY_USERS\S-1-5-21-970004878-1913409994-2279429459-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-16 03:10:22
ComboFix-quarantined-files.txt 2010-12-16 02:10

Před spuštěním: Volných bajtů: 64 265 302 016
Po spuštění: Volných bajtů: 64 435 494 912

- - End Of File - - A7262FB5714255C8F3E54EF4ADC10BD4

gulesz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 24 lis 2010 20:43

Re: Kolisani procesoru

#13 Příspěvek od gulesz »

Ce reinstall?!:)stale huci a skace.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119429
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kolisani procesoru

#14 Příspěvek od Rudy »

Reinstal může, ale také nemusí pomoci. Osobně bych nejdřív vyzkoušel opravu z instal. DVD.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět