Win32/ Conficker.gen

[winklis]

Dobrý den, prosím o pomoc.. mám na přenosných discích a flashkách tuto havěť Win32/ Conficker.gen. Co stím mám dělat Eset smart security si stím neví rady.. děkuji

Ps. log z RSIT byl moc dlouhý a nešel sem vložit proto přikládám v příloze.

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[winklis]

Tak tady to je.. Jinak mám ještě jeden problém vypdáto že někdo odposlouchává mé hesla už mi ukradl Icq a na facebooku byl taky přihlášen už 2x vždy změním hesla ale nepomůže to.. Proto jsem nainstaloval ESET jestli něco nenajde jinak používám Microsoft security essentials.

děkuji za pomoc..



ComboFix 11-03-13.02 - winklik 14.03.2011 18:35:38.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2380 [GMT 1:00]
Spuštěný z: c:\users\winklik\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.jar
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-14 do 2011-03-14 )))))))))))))))))))))))))))))))
.
.
2011-03-14 17:42 . 2011-03-14 17:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-14 12:34 . 2011-03-14 12:55 -------- d-----w- c:\program files\trend micro
2011-03-14 12:34 . 2011-03-14 12:34 -------- d-----w- C:\rsit
2011-03-14 10:37 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E0B3ECE-FEA3-4771-9046-49F9BBF494F6}\mpengine.dll
2011-03-14 06:22 . 2011-03-14 17:42 -------- d-----w- c:\program files (x86)\ESET
2011-03-14 06:17 . 2011-03-14 06:17 -------- d-----w- c:\program files\ESET
2011-03-13 10:48 . 2011-03-13 10:50 -------- d-----w- c:\program files (x86)\FlashBoot
2011-03-10 11:10 . 2011-03-10 11:10 -------- d-----w- c:\program files\Autodesk
2011-03-09 15:48 . 2010-03-10 17:54 1481928 ----a-w- C:\task29.exe
2011-03-09 15:48 . 2010-03-10 17:51 8904 ----a-w- C:\EnterBootloader.exe
2011-03-09 15:48 . 2010-03-10 17:51 175304 ----a-w- C:\rapitool.exe
2011-03-09 15:48 . 2010-03-10 17:51 1449160 ----a-w- C:\RUUResource.dll
2011-03-09 15:48 . 2010-03-10 17:51 13512 ----a-w- C:\RUUGetInfo.exe
2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\program files (x86)\SDA
2011-03-09 07:24 . 2011-03-09 07:24 -------- d-----w- c:\windows\system32\SPReview
2011-03-09 07:24 . 2011-03-09 07:24 -------- d-----w- c:\windows\system32\EventProviders
2011-03-08 14:41 . 2011-03-08 14:41 -------- d-----w- c:\programdata\Nokia
2011-03-08 14:17 . 2011-03-08 14:17 -------- d-----w- c:\programdata\PC Suite
2011-03-08 14:15 . 2011-03-08 14:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files\DIFX
2011-03-08 14:15 . 2008-08-28 10:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-03-08 14:15 . 2011-03-08 14:15 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-03-08 14:15 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\NSS
2011-03-08 14:14 . 2010-07-30 13:18 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2011-03-08 14:14 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\Nokia
2011-03-06 12:48 . 2011-03-07 17:54 -------- d-----w- C:\Scenes
2011-03-06 12:48 . 2004-11-18 10:49 24786 ----a-w- c:\windows\SysWow64\drivers\eusk2par.sys
2011-03-06 12:48 . 2011-03-12 16:07 -------- d-----w- C:\KD
2011-03-05 19:21 . 2011-03-05 19:21 -------- d-----w- C:\copeNwarren_030511
2011-03-04 17:23 . 2011-03-04 17:24 -------- d-----w- c:\program files (x86)\Google
2011-03-03 18:55 . 2011-03-03 18:55 -------- d-----w- c:\program files (x86)\RapidShareManager
2011-03-03 18:55 . 2011-03-03 18:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-03 18:54 . 2011-03-03 18:54 411368 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-03 18:54 . 2011-03-03 18:54 -------- d-----w- c:\program files (x86)\Java
2011-03-01 10:10 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-03-01 10:09 . 2010-11-20 13:27 303616 ----a-w- c:\windows\system32\scansetting.dll
2011-03-01 10:08 . 2010-11-20 13:27 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
2011-03-01 10:07 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-03-01 10:07 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-03-01 10:07 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-03-01 10:07 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-03-01 10:05 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-01 10:05 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-03-01 10:05 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-03-01 10:05 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-03-01 10:04 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-03-01 10:04 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-03-01 10:04 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-02-27 14:03 . 2011-03-10 23:04 -------- d-----w- c:\program files (x86)\Mozilla Firefox 4.0 Beta 12
2011-02-26 13:41 . 2011-02-26 13:41 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-02-26 13:41 . 2011-02-26 13:41 -------- d-----w- c:\programdata\ICQ
2011-02-23 09:46 . 2011-02-23 09:46 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-02-23 09:36 . 2011-02-23 09:38 -------- d-----w- c:\program files\Common Files\Adobe
2011-02-23 09:36 . 2011-02-23 09:36 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-02-23 09:35 . 2011-02-23 09:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-02-22 19:22 . 2011-01-07 12:17 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-22 19:22 . 2011-01-07 07:46 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-22 19:22 . 2011-01-07 12:17 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 19:22 . 2011-01-07 07:46 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-21 11:03 . 2011-02-21 11:03 -------- d-----w- c:\program files (x86)\Lavalys
2011-02-20 21:56 . 2011-02-20 21:56 -------- d-----w- c:\programdata\CyberLink
2011-02-19 11:01 . 2011-02-19 11:01 -------- d-----w- c:\programdata\Electronic Arts
2011-02-19 11:01 . 2011-02-19 11:01 -------- d-----w- c:\programdata\EA Core
2011-02-19 10:26 . 2011-02-19 10:26 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-02-19 10:23 . 2011-02-19 10:23 -------- d-----w- c:\programdata\Solidshield
2011-02-17 16:47 . 2011-02-17 16:47 -------- d-----w- c:\program files (x86)\CompanionLink
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----r- c:\program files (x86)\Skype
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----w- c:\programdata\Skype
2011-02-17 13:07 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-02-17 12:57 . 2011-02-17 12:57 -------- d-----w- C:\Games
2011-02-17 11:49 . 2011-02-17 11:49 -------- d-----w- c:\programdata\FLEXnet
2011-02-17 11:42 . 2011-02-17 11:42 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-02-17 11:40 . 2011-03-10 11:17 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-02-17 11:39 . 2011-03-10 11:11 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2011-02-17 11:38 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-02-17 11:32 . 2011-03-10 11:11 -------- d-----w- c:\programdata\Autodesk
2011-02-17 11:25 . 2011-02-17 11:25 -------- d-----w- C:\Autodesk
2011-02-17 09:36 . 2011-02-17 09:37 -------- d-----w- c:\windows\WindowsMobile
2011-02-17 09:33 . 2011-02-17 09:33 -------- d-----w- C:\Zaloha LG n555
2011-02-17 08:11 . 2011-02-17 08:11 -------- d-----w- C:\xpressmp
2011-02-17 08:03 . 2011-03-09 15:33 -------- d-----w- C:\Karta 16GB
2011-02-17 08:02 . 2011-02-17 08:03 -------- d-----w- C:\Fotky akcce tatka
2011-02-17 07:42 . 2011-02-17 07:42 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\windows\PCHEALTH
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-17 07:40 . 2011-03-14 08:26 -------- d-----w- C:\download
2011-02-17 07:39 . 2011-02-17 07:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-02-17 07:39 . 2011-02-17 07:39 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-02-17 07:39 . 2011-03-09 07:49 -------- d-----w- c:\programdata\Microsoft Help
2011-02-17 07:38 . 2011-02-17 07:38 -------- d-----r- C:\MSOCache
2011-02-16 19:52 . 2011-02-16 19:52 -------- d-----w- c:\program files (x86)\RMClock
2011-02-16 19:08 . 2011-02-16 19:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-02-16 18:55 . 2011-02-16 18:55 -------- d-----w- c:\program files (x86)\Ask.com
2011-02-16 18:55 . 2011-02-16 18:55 -------- d-----w- c:\program files (x86)\Vypínač na dobrou noc
2011-02-16 18:55 . 2011-02-16 18:56 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-02-16 18:52 . 2011-02-16 18:52 -------- d-----w- c:\programdata\LogiShrd
2011-02-16 18:52 . 2009-02-18 23:35 190992 ----a-w- c:\windows\system32\BtCoreIf.dll
2011-02-16 18:52 . 2009-02-18 23:37 95760 ----a-w- c:\windows\system32\KemXML.dll
2011-02-16 18:52 . 2009-02-18 23:37 158736 ----a-w- c:\windows\system32\KemWnd.dll
2011-02-16 18:52 . 2009-02-18 23:36 233488 ----a-w- c:\windows\system32\KemUtil.dll
2011-02-16 18:52 . 2009-02-18 23:36 235536 ----a-w- c:\windows\system32\kemutb.dll
2011-02-16 18:52 . 2011-02-16 18:53 -------- d-----w- c:\programdata\Logitech
2011-02-16 18:51 . 2011-02-16 18:52 -------- d-----w- c:\program files\Common Files\Logishrd
2011-02-16 18:51 . 2011-02-16 18:51 -------- d-----w- c:\program files\Logitech
2011-02-16 18:50 . 2011-02-16 18:50 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-16 18:50 . 2011-02-16 19:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-02-16 18:49 . 2011-02-16 18:50 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-16 18:48 . 2011-02-25 13:48 -------- d-----w- c:\program files\BatteryBar
2011-02-16 18:48 . 2011-02-23 13:29 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-16 18:42 . 2011-02-16 18:42 -------- d-----w- c:\program files (x86)\Zoner
2011-02-16 18:38 . 2011-02-20 20:19 -------- d-----w- c:\program files (x86)\TC UP
2011-02-16 18:37 . 2011-02-16 18:40 -------- d-----w- c:\program files (x86)\RocketDock
2011-02-16 18:33 . 2011-02-17 07:34 -------- d-----w- C:\TRANSLAT
2011-02-16 18:33 . 2011-02-17 07:34 -------- d-----w- c:\programdata\LangSoft
2011-02-16 18:31 . 2011-02-16 18:31 -------- d-----w- c:\program files\Kolor
2011-02-16 18:29 . 2011-02-16 18:29 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 07:33 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-09 07:33 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 19:49 . 2011-01-07 19:49 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 19:49 . 2011-01-07 19:49 313448 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-16 136176]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"RMClock"="c:\program files (x86)\RMClock\RMClockLauncher.exe" [2008-02-29 61440]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-01-31 703360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2009-11-06 2244608]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-11-5 2717024]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-16 1200144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R1 VD_FileDisk;VD_FileDisk; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16 136176]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [x]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-02-17 1436424]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [x]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [x]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [x]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [x]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [x]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [x]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [x]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [x]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [x]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [x]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-04-09 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\winklik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-02-26 40960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [x]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [x]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2mdx64.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sdx64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [x]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 27136]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-04 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-04 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52250379-3522684222-2055224201-1000Core.job
- c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52250379-3522684222-2055224201-1000UA.job
- c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 15:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 13:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 243216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-01 7940128]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2010-02-01 1833504]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Ocs_SM"="c:\users\winklik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-02-26 106496]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2692008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\winklik\AppData\Roaming\Mozilla\Firefox\Profiles\094nwj49.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Nektra OEAPI - (no file)
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-MiNODLogin - c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
AddRemove-PC Translator - c:\users\winklik\AppData\Local\Temp\UN32.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-14 18:45:01
ComboFix-quarantined-files.txt 2011-03-14 17:45
.
Před spuštěním: 3 078 119 424
Po spuštění: 3 273 027 584
.
- - End Of File - - C45586A9C2377D5DBF9F18992F91FDD5

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files (x86)\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[winklis]

tak tady je log:

ComboFix 11-03-13.02 - winklik 14.03.2011 19:32:55.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2113 [GMT 1:00]
Spuštěný z: c:\users\winklik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\winklik\Desktop\CFScript.txt.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_4432.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-14 do 2011-03-14 )))))))))))))))))))))))))))))))
.
.
2011-03-14 18:41 . 2011-03-14 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-14 18:05 . 2011-03-14 18:05 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-03-14 12:34 . 2011-03-14 12:55 -------- d-----w- c:\program files\trend micro
2011-03-14 12:34 . 2011-03-14 12:34 -------- d-----w- C:\rsit
2011-03-14 10:37 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E0B3ECE-FEA3-4771-9046-49F9BBF494F6}\mpengine.dll
2011-03-14 06:22 . 2011-03-14 17:42 -------- d-----w- c:\program files (x86)\ESET
2011-03-14 06:17 . 2011-03-14 06:17 -------- d-----w- c:\program files\ESET
2011-03-13 10:48 . 2011-03-13 10:50 -------- d-----w- c:\program files (x86)\FlashBoot
2011-03-10 11:10 . 2011-03-10 11:10 -------- d-----w- c:\program files\Autodesk
2011-03-09 15:48 . 2010-03-10 17:54 1481928 ----a-w- C:\task29.exe
2011-03-09 15:48 . 2010-03-10 17:51 8904 ----a-w- C:\EnterBootloader.exe
2011-03-09 15:48 . 2010-03-10 17:51 175304 ----a-w- C:\rapitool.exe
2011-03-09 15:48 . 2010-03-10 17:51 1449160 ----a-w- C:\RUUResource.dll
2011-03-09 15:48 . 2010-03-10 17:51 13512 ----a-w- C:\RUUGetInfo.exe
2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\program files (x86)\SDA
2011-03-09 07:24 . 2011-03-09 07:24 -------- d-----w- c:\windows\system32\SPReview
2011-03-09 07:24 . 2011-03-09 07:24 -------- d-----w- c:\windows\system32\EventProviders
2011-03-08 14:41 . 2011-03-08 14:41 -------- d-----w- c:\programdata\Nokia
2011-03-08 14:17 . 2011-03-08 14:17 -------- d-----w- c:\programdata\PC Suite
2011-03-08 14:15 . 2011-03-08 14:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files\DIFX
2011-03-08 14:15 . 2008-08-28 10:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2011-03-08 14:15 . 2011-03-08 14:15 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-03-08 14:15 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2011-03-08 14:15 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\NSS
2011-03-08 14:14 . 2010-07-30 13:18 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2011-03-08 14:14 . 2011-03-08 14:15 -------- d-----w- c:\program files (x86)\Nokia
2011-03-06 12:48 . 2011-03-07 17:54 -------- d-----w- C:\Scenes
2011-03-06 12:48 . 2004-11-18 10:49 24786 ----a-w- c:\windows\SysWow64\drivers\eusk2par.sys
2011-03-06 12:48 . 2011-03-12 16:07 -------- d-----w- C:\KD
2011-03-05 19:21 . 2011-03-05 19:21 -------- d-----w- C:\copeNwarren_030511
2011-03-04 17:23 . 2011-03-04 17:24 -------- d-----w- c:\program files (x86)\Google
2011-03-03 18:55 . 2011-03-03 18:55 -------- d-----w- c:\program files (x86)\RapidShareManager
2011-03-03 18:55 . 2011-03-03 18:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-03 18:54 . 2011-03-03 18:54 411368 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-03 18:54 . 2011-03-03 18:54 -------- d-----w- c:\program files (x86)\Java
2011-03-01 10:10 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-03-01 10:09 . 2010-11-20 13:27 303616 ----a-w- c:\windows\system32\scansetting.dll
2011-03-01 10:08 . 2010-11-20 13:27 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
2011-03-01 10:07 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-03-01 10:07 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-03-01 10:07 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-03-01 10:07 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-03-01 10:05 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-01 10:05 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-03-01 10:05 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-03-01 10:05 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-03-01 10:04 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-03-01 10:04 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-03-01 10:04 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-02-27 14:03 . 2011-03-10 23:04 -------- d-----w- c:\program files (x86)\Mozilla Firefox 4.0 Beta 12
2011-02-26 13:41 . 2011-02-26 13:41 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-02-26 13:41 . 2011-02-26 13:41 -------- d-----w- c:\programdata\ICQ
2011-02-23 09:46 . 2011-02-23 09:46 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-02-23 09:36 . 2011-02-23 09:38 -------- d-----w- c:\program files\Common Files\Adobe
2011-02-23 09:36 . 2011-02-23 09:36 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-02-23 09:35 . 2011-02-23 09:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-02-22 19:22 . 2011-01-07 12:17 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-22 19:22 . 2011-01-07 07:46 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-22 19:22 . 2011-01-07 12:17 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 19:22 . 2011-01-07 07:46 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-21 11:03 . 2011-02-21 11:03 -------- d-----w- c:\program files (x86)\Lavalys
2011-02-20 21:56 . 2011-02-20 21:56 -------- d-----w- c:\programdata\CyberLink
2011-02-19 11:01 . 2011-02-19 11:01 -------- d-----w- c:\programdata\Electronic Arts
2011-02-19 11:01 . 2011-02-19 11:01 -------- d-----w- c:\programdata\EA Core
2011-02-19 10:26 . 2011-02-19 10:26 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-02-19 10:23 . 2011-02-19 10:23 -------- d-----w- c:\programdata\Solidshield
2011-02-17 16:47 . 2011-02-17 16:47 -------- d-----w- c:\program files (x86)\CompanionLink
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----r- c:\program files (x86)\Skype
2011-02-17 13:15 . 2011-02-17 13:15 -------- d-----w- c:\programdata\Skype
2011-02-17 13:07 . 2007-03-15 15:57 506728 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-02-17 12:57 . 2011-02-17 12:57 -------- d-----w- C:\Games
2011-02-17 11:49 . 2011-02-17 11:49 -------- d-----w- c:\programdata\FLEXnet
2011-02-17 11:42 . 2011-02-17 11:42 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-02-17 11:40 . 2011-03-10 11:17 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-02-17 11:39 . 2011-03-10 11:11 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2011-02-17 11:38 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-02-17 11:38 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-02-17 11:32 . 2011-03-10 11:11 -------- d-----w- c:\programdata\Autodesk
2011-02-17 11:25 . 2011-02-17 11:25 -------- d-----w- C:\Autodesk
2011-02-17 09:36 . 2011-02-17 09:37 -------- d-----w- c:\windows\WindowsMobile
2011-02-17 09:33 . 2011-02-17 09:33 -------- d-----w- C:\Zaloha LG n555
2011-02-17 08:11 . 2011-02-17 08:11 -------- d-----w- C:\xpressmp
2011-02-17 08:03 . 2011-03-09 15:33 -------- d-----w- C:\Karta 16GB
2011-02-17 08:02 . 2011-02-17 08:03 -------- d-----w- C:\Fotky akcce tatka
2011-02-17 07:42 . 2011-02-17 07:42 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\windows\PCHEALTH
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-02-17 07:41 . 2011-02-17 07:41 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-02-17 07:40 . 2011-03-14 08:26 -------- d-----w- C:\download
2011-02-17 07:39 . 2011-02-17 07:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-02-17 07:39 . 2011-02-17 07:39 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-02-17 07:39 . 2011-03-09 07:49 -------- d-----w- c:\programdata\Microsoft Help
2011-02-17 07:38 . 2011-02-17 07:38 -------- d-----r- C:\MSOCache
2011-02-16 19:52 . 2011-02-16 19:52 -------- d-----w- c:\program files (x86)\RMClock
2011-02-16 19:08 . 2011-02-16 19:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-02-16 18:55 . 2011-02-16 18:55 -------- d-----w- c:\program files (x86)\Vypínač na dobrou noc
2011-02-16 18:55 . 2011-02-16 18:56 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-02-16 18:52 . 2011-02-16 18:52 -------- d-----w- c:\programdata\LogiShrd
2011-02-16 18:52 . 2009-02-18 23:35 190992 ----a-w- c:\windows\system32\BtCoreIf.dll
2011-02-16 18:52 . 2009-02-18 23:37 95760 ----a-w- c:\windows\system32\KemXML.dll
2011-02-16 18:52 . 2009-02-18 23:37 158736 ----a-w- c:\windows\system32\KemWnd.dll
2011-02-16 18:52 . 2009-02-18 23:36 233488 ----a-w- c:\windows\system32\KemUtil.dll
2011-02-16 18:52 . 2009-02-18 23:36 235536 ----a-w- c:\windows\system32\kemutb.dll
2011-02-16 18:52 . 2011-02-16 18:53 -------- d-----w- c:\programdata\Logitech
2011-02-16 18:51 . 2011-02-16 18:52 -------- d-----w- c:\program files\Common Files\Logishrd
2011-02-16 18:51 . 2011-02-16 18:51 -------- d-----w- c:\program files\Logitech
2011-02-16 18:50 . 2011-02-16 18:50 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-16 18:50 . 2011-02-16 19:08 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-02-16 18:49 . 2011-02-16 18:50 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-16 18:48 . 2011-02-25 13:48 -------- d-----w- c:\program files\BatteryBar
2011-02-16 18:48 . 2011-02-23 13:29 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-02-16 18:42 . 2011-02-16 18:42 -------- d-----w- c:\program files (x86)\Zoner
2011-02-16 18:38 . 2011-02-20 20:19 -------- d-----w- c:\program files (x86)\TC UP
2011-02-16 18:37 . 2011-02-16 18:40 -------- d-----w- c:\program files (x86)\RocketDock
2011-02-16 18:33 . 2011-02-17 07:34 -------- d-----w- C:\TRANSLAT
2011-02-16 18:33 . 2011-02-17 07:34 -------- d-----w- c:\programdata\LangSoft
2011-02-16 18:31 . 2011-02-16 18:31 -------- d-----w- c:\program files\Kolor
2011-02-16 18:29 . 2011-02-16 18:29 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 07:33 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-09 07:33 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-01-07 19:50 . 2011-01-07 19:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-07 19:50 . 2011-01-07 19:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 19:49 . 2011-01-07 19:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-07 19:49 . 2011-01-07 19:49 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 19:49 . 2011-01-07 19:49 61032 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 19:49 . 2011-01-07 19:49 313448 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 19:49 . 2011-01-07 19:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 19:49 . 2011-01-07 19:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-03-14_17.42.56 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-02-16 09:16 . 2011-03-14 17:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-16 09:16 . 2011-03-14 18:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-16 09:16 . 2011-03-14 18:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-16 09:16 . 2011-03-14 17:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-28 23:31 . 2011-01-28 23:31 41984 c:\windows\Installer\13debb2.msi
+ 2011-03-14 18:05 . 2011-03-14 18:05 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-03-14 18:05 . 2011-03-14 18:05 20308992 c:\windows\Installer\13debbb.msp
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-16 136176]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"RMClock"="c:\program files (x86)\RMClock\RMClockLauncher.exe" [2008-02-29 61440]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-01-31 703360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2009-11-06 2244608]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-11-5 2717024]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-16 1200144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R1 VD_FileDisk;VD_FileDisk; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16 136176]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [x]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [x]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [x]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [x]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [x]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-02-17 1436424]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [x]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [x]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [x]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [x]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [x]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [x]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [x]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [x]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [x]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [x]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [x]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [x]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [x]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [x]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [x]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [x]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [x]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [x]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [x]
S0 msahci;msahci;c:\windows\system32\drivers\msahci.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [x]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [x]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [x]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [x]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [x]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [x]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [x]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-04-09 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [x]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [x]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\winklik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-02-26 40960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [x]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [x]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [x]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [x]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [x]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [x]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [x]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [x]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2mdx64.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sdx64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [x]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [x]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [x]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 27136]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-04 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-04 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52250379-3522684222-2055224201-1000Core.job
- c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 15:11]
.
2011-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52250379-3522684222-2055224201-1000UA.job
- c:\users\winklik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 15:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 13:27 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 243216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-01 7940128]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2010-02-01 1833504]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Ocs_SM"="c:\users\winklik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-02-26 106496]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2692008]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\winklik\AppData\Roaming\Mozilla\Firefox\Profiles\094nwj49.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-14 19:43:55
ComboFix-quarantined-files.txt 2011-03-14 18:43
ComboFix2.txt 2011-03-14 17:45
.
Před spuštěním: 2 916 171 776
Po spuštění: 2 864 812 032
.
- - End Of File - - 6685E9F77510CEA16CDD778BBFF35D42

[Rudy]

Log již vypadá OK. Nastala nějaká změna?

[winklis]

No ani ne... na přenosném disku mám stále složku Recycler a System Volume Information které nejdou smazat a právě v tom recykler nod hlasí toho červa..mám je oba připojené k PC a na obou je to stejné.. nějaký další nápad co stím ? Díky..

[Rudy]

Vypněte obnovu systému, restartujte PC a obnovu opět zapněte. Dále udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.

[winklis]

bohužel teď musím pryč udělám to zítra zatím děkuji moc..

[Rudy]

Zatím není zač!

[winklis]

Tak tady je ten Log..

Automatická kontrola: dokončeno před 4 min. (události: 46, objekty: 2152578, čas: 07:58:14)
15.3.2011 15:01:41 Úloha byla spuštěna
15.3.2011 15:36:26 Zjištěno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5.rar/KitchenDraw_5/Crack/KGEN_KD50[13122k6].EXE/UPX
15.3.2011 15:36:26 Neošetřeno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5.rar/KitchenDraw_5/Crack/KGEN_KD50[13122k6].EXE/UPX Zápis není podporován
15.3.2011 15:36:41 Zjištěno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5.ZIP/Kd50_crack.zip/KGEN_KD50[13122k6].EXE/UPX
15.3.2011 15:36:42 Odstraněno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5.ZIP/Kd50_crack.zip/KGEN_KD50[13122k6].EXE
15.3.2011 15:38:02 Zjištěno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5\Kd50_crack.zip/KGEN_KD50[13122k6].EXE/UPX
15.3.2011 15:38:02 Odstraněno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5\Kd50_crack.zip/KGEN_KD50[13122k6].EXE
15.3.2011 15:38:02 Zjištěno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5\Kd50_crack\KGEN_KD50[13122k6].EXE/UPX
15.3.2011 15:38:42 Odstraněno: Trojan.Win32.VB.aian C:\Documents and Settings\winklik\Desktop\bordel\KitchenDraw_5\Kd50_crack\KGEN_KD50[13122k6].EXE
15.3.2011 15:54:25 Zjištěno: Exploit.Linux.Lotoor.g C:\Karta 16GB\Android programy\z4root.1.3.0.apk/res/raw/rageagainstthecage
15.3.2011 15:54:25 Odstraněno: Exploit.Linux.Lotoor.g C:\Karta 16GB\Android programy\z4root.1.3.0.apk/res/raw/rageagainstthecage
15.3.2011 15:57:33 Zjištěno: Trojan.Win32.VB.aian C:\KD\KGEN_KD50[13122k6].EXE/UPX
15.3.2011 15:57:53 Odstraněno: Trojan.Win32.VB.aian C:\KD\KGEN_KD50[13122k6].EXE
15.3.2011 16:31:27 Zjištěno: Trojan.Win32.VB.aian C:\Users\winklik\Desktop\bordel\KitchenDraw_5.rar/KitchenDraw_5/Crack/KGEN_KD50[13122k6].EXE/UPX
15.3.2011 16:31:27 Neošetřeno: Trojan.Win32.VB.aian C:\Users\winklik\Desktop\bordel\KitchenDraw_5.rar/KitchenDraw_5/Crack/KGEN_KD50[13122k6].EXE/UPX Zápis není podporován
15.3.2011 17:02:45 Zjištěno: Trojan-Dropper.Win32.Agent.dzov D:\download\ESET Antivirus Licence Finder (MiNODLogin) 3.6.0.1.exe
15.3.2011 17:03:07 Odstraněno: Trojan-Dropper.Win32.Agent.dzov D:\download\ESET Antivirus Licence Finder (MiNODLogin) 3.6.0.1.exe
15.3.2011 19:24:08 Zjištěno: Exploit.Win32.MS05-016.h D:\__MDA\Software pro PPC\TomTom\Aktivator_map_nejen_pro_TT_7_9xx_v31.rar/Aktivator_map_nejen_pro_TT_7_9xx_v31/Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher/ttsystem_Patcher/Patcher.exe
15.3.2011 19:24:08 Zjištěno: Exploit.Win32.MS05-016.h D:\__MDA\Software pro PPC\TomTom\Aktivator_map_nejen_pro_TT_7_9xx_v31\Aktivator_map_nejen_pro_TT_7_9xx_v31\Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher\ttsystem_Patcher\Patcher.exe
15.3.2011 19:24:08 Neošetřeno: Exploit.Win32.MS05-016.h D:\__MDA\Software pro PPC\TomTom\Aktivator_map_nejen_pro_TT_7_9xx_v31.rar/Aktivator_map_nejen_pro_TT_7_9xx_v31/Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher/ttsystem_Patcher/Patcher.exe Zápis není podporován
15.3.2011 19:25:05 Odstraněno: Exploit.Win32.MS05-016.h D:\__MDA\Software pro PPC\TomTom\Aktivator_map_nejen_pro_TT_7_9xx_v31\Aktivator_map_nejen_pro_TT_7_9xx_v31\Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher\ttsystem_Patcher\Patcher.exe
15.3.2011 19:25:31 Zjištěno: Trojan-Banker.Win32.Bancos.qtd D:\__MDA\Software pro PPC - hry\griders\grider keygen.rar/girders_kg.exe
15.3.2011 19:25:31 Neošetřeno: Trojan-Banker.Win32.Bancos.qtd D:\__MDA\Software pro PPC - hry\griders\grider keygen.rar/girders_kg.exe Zápis není podporován
15.3.2011 19:25:40 Zjištěno: Trojan-Banker.Win32.Bancos.qtd D:\__MDA\Software pro PPC - hry\griders\girders_kg.exe
15.3.2011 19:25:40 Odstraněno: Trojan-Banker.Win32.Bancos.qtd D:\__MDA\Software pro PPC - hry\griders\girders_kg.exe
15.3.2011 19:27:51 Zjištěno: Trojan-Spy.Win32.Gologger.20.aw D:\__MDA\Software pro PPC - hry\__WVGA\__Games roztrizene\Kulecnik\Virtual Pool Mobile\VPM_kg.exe
15.3.2011 19:28:15 Odstraněno: Trojan-Spy.Win32.Gologger.20.aw D:\__MDA\Software pro PPC - hry\__WVGA\__Games roztrizene\Kulecnik\Virtual Pool Mobile\VPM_kg.exe
15.3.2011 19:31:59 Zjištěno: Exploit.Linux.Lotoor.g D:\__MDA\__LEo\_Android\Android programy\z4root.1.3.0.apk/res/raw/rageagainstthecage
15.3.2011 19:31:59 Odstraněno: Exploit.Linux.Lotoor.g D:\__MDA\__LEo\_Android\Android programy\z4root.1.3.0.apk/res/raw/rageagainstthecage
15.3.2011 20:38:11 Zjištěno: Trojan.VBS.TudaSuda.c D:\__Ovladace\instalacky\Zaloha Mirandy\Mir4nda-IM-0.4.3-v4f-alpha\Miranda IM\Skin\Files\jirk@-206989310\jednotka.vbs
15.3.2011 20:39:12 Odstraněno: Trojan.VBS.TudaSuda.c D:\__Ovladace\instalacky\Zaloha Mirandy\Mir4nda-IM-0.4.3-v4f-alpha\Miranda IM\Skin\Files\jirk@-206989310\jednotka.vbs
15.3.2011 21:26:58 Zjištěno: Trojan.VBS.TudaSuda.c D:\___Miranda Files\jirk@-206989310\jednotka.vbs
15.3.2011 21:27:18 Odstraněno: Trojan.VBS.TudaSuda.c D:\___Miranda Files\jirk@-206989310\jednotka.vbs
15.3.2011 21:35:34 Zjištěno: Net-Worm.Win32.Kido.ir G:\autorun.V01inf
15.3.2011 21:35:46 Neošetřeno: Net-Worm.Win32.Kido.ir G:\autorun.V01inf Nelze dezinfikovat
15.3.2011 21:35:58 Odstraněno: Net-Worm.Win32.Kido.ir G:\autorun.V01inf
15.3.2011 22:04:01 Zjištěno: not-a-virus:AdWare.Win32.BetterInternet.aln G:\mamka notas\Program Files\VisualConnection\VideopujcovnaCT\CTVoD_Uninst.exe
15.3.2011 22:04:08 Zjištěno: Backdoor.Win32.Hupigon.mcuc G:\mamka notas\Program Files\WinRAR\Zip.SFX
15.3.2011 22:04:25 Odstraněno: not-a-virus:AdWare.Win32.BetterInternet.aln G:\mamka notas\Program Files\VisualConnection\VideopujcovnaCT\CTVoD_Uninst.exe
15.3.2011 22:04:26 Odstraněno: Backdoor.Win32.Hupigon.mcuc G:\mamka notas\Program Files\WinRAR\Zip.SFX
15.3.2011 22:04:31 Zjištěno: Net-Worm.Win32.Kido.ih G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
15.3.2011 22:04:51 Neošetřeno: Net-Worm.Win32.Kido.ih G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx Nelze dezinfikovat
15.3.2011 22:04:51 Odstraněno: Net-Worm.Win32.Kido.ih G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
15.3.2011 22:07:56 Zjištěno: Exploit.Win32.MS05-016.h G:\Tomtom 7\Aktivator_map_nejen_pro_TT_7_910.9185v5.rar/Aktivator_map_nejen_pro_TT_7_910.9185v5/Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher/ttsystem_Patcher/Patcher.exe
15.3.2011 22:07:56 Neošetřeno: Exploit.Win32.MS05-016.h G:\Tomtom 7\Aktivator_map_nejen_pro_TT_7_910.9185v5.rar/Aktivator_map_nejen_pro_TT_7_910.9185v5/Easyusetools_for Keygen_Mapcheck_Metacheck_ttsystempatcher/ttsystem_Patcher/Patcher.exe Zápis není podporován
15.3.2011 22:59:55 Úloha byla dokončena

[Rudy]

Samý crack Ale také nějaký ten virus. Jak se nyní PC tváří?

[winklis]

pořád stejně recyclery nejdou smazat a halsi pořád toho červa..

[Rudy]

pořád stejně recyclery nejdou smazat a halsi pořád toho červa..

Kde konkrétně?

[winklis]

mám k PC připojeny dva externí disky jeden je g: a druhý h: na obou je složka recycler a System Volume Information které nejdou smazat a na h: ve složce Recycler to hlasí toho červa..