dobry den, avira pri kazdom spusteni hlasi malware v subore svchost3exe.
log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2011-06-12 06:30:00
Microsoft Windows 7 Professional
System drive C: has 63 GB (19%) free of 327 GB
Total RAM: 3885 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:06, on 12.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\DeskPins\DeskPins.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Peter.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.SharewareIsland.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file)
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\Peter\AppData\Local\Browser Plugin\BHO.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [LG LinkAir] C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKCU\..\Run: [X-Lite 4] "C:\Program Files (x86)\CounterPath\X-Lite 4\X-Lite4.exe" -bootload
O4 - HKCU\..\Run: [Google Update] "C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [wmpnetvk] C:\Users\Peter\AppData\Local\Temp\Microsoft\Protect\Credentials\\wmpnetvk.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: DeskPins.lnk = C:\Program Files (x86)\DeskPins\DeskPins.exe
O4 - Startup: openSUSE-uninst.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - res://C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - res://C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - res://C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - res://C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
O8 - Extra context menu item: LG Air Sync Option - res://C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\Connectifyd.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15303 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CISVC.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000454
\??\C:\Windows\system32\conhost.exe
"taskhost.exe"
taskeng.exe {23DD009A-F7CA-427F-A563-1889110DFD77}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"C:\Program Files (x86)\Connectify\Connectifyd.exe"
taskeng.exe {BEE8C15A-7AC1-4E92-9D36-B37241A1BBBA}
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Conexant\SAII\SmartAudio.exe" /t
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files (x86)\Connectify\Connectify.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\DeskPins\DeskPins.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\PROGRA~2\CHECKP~1\ZONEAL~1\MAILFR~1\mantispm.exe
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.0459DC78.90796824 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045BB7B8.406744208 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045BC2C0.1374223211 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045BF3F0.426072340 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045C0EF8.306240665 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045C3600.1431926330 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.045C6F08.699138065 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajkpbphiejhldakjboejnabfchhccnn\2.2.0.2_0\plugin/npswitchproxy.dll" --lang=cs --channel=3336.06ABB7C8.1918224299 /prefetch:4
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:4512
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=default_plugin --lang=cs --channel=3336.06ABB300.1768295069 /prefetch:4
WLIDSvcM.exe 4764
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_4/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.08390E18.191761456 /prefetch:3
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\rundll32.exe "C:\Users\Peter\AppData\Local\Google\Chrome\APPLIC~1\120742~1.91\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Peter\AppData\Local\Google\Chrome\Application\12.0.742.91\gcswf32.dll" --lang=cs --channel=3336.087EFE18.139567395 /prefetch:4 --flash-broker=6480
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
WDC.exe
"C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_4/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/ --channel=3336.046A5938.583063069 /prefetch:3
"C:\Windows\system32\taskmgr.exe" /4
"C:\Users\Peter\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-05-24 904832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-11 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2010-09-09 35688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-05-24 599680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\Peter\AppData\Local\Browser Plugin\BHO.dll [2011-03-08 432640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-05-24 904832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll [2011-03-28 176936]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-05-24 599680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-05-24 1125504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"=C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe [2010-09-09 2440552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2988784]
"Connectify"=C:\Program Files (x86)\Connectify\Connectify.exe [2011-03-10 1532992]
"X-Lite 4"=C:\Program Files (x86)\CounterPath\X-Lite 4\X-Lite4.exe [2010-08-11 2863616]
"Google Update"=C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
"wmpnetvk"=C:\Users\Peter\AppData\Local\Temp\Microsoft\Protect\Credentials\\wmpnetvk.exe [2011-06-09 7168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2010-10-15 3054136]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-12-09 74752]
"VMware hqtray"=C:\Program Files (x86)\VMware\VMware Player\hqtray.exe [2009-10-22 64048]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-03-28 281768]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2011-06-01 71824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
vpngui.exe.lnk - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
DeskPins.lnk - C:\Program Files (x86)\DeskPins\DeskPins.exe
openSUSE-uninst.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KL1]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kl2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAPower"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2011-06-12 06:27:25 ----D---- C:\rsit
2011-06-12 06:27:25 ----D---- C:\Program Files\trend micro
2011-06-11 01:40:14 ----D---- C:\ProgramData\Kaspersky SDK
2011-06-11 00:40:41 ----D---- C:\Users\Peter\AppData\Roaming\MailFrontier
2011-06-11 00:22:58 ----D---- C:\Users\Peter\AppData\Roaming\CheckPoint
2011-06-11 00:22:10 ----D---- C:\Program Files (x86)\Conduit
2011-06-11 00:22:07 ----D---- C:\Program Files (x86)\ZoneAlarm_Security
2011-06-11 00:21:37 ----D---- C:\Program Files\CheckPoint
2011-06-11 00:20:34 ----D---- C:\ProgramData\CheckPoint
2011-06-11 00:20:09 ----A---- C:\Windows\system32\drivers\netio.sys
2011-06-10 23:32:46 ----D---- C:\ProgramData\Avira
2011-06-10 23:32:46 ----D---- C:\Program Files (x86)\Avira
2011-06-10 23:32:46 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-06-10 23:32:46 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-06-10 23:29:22 ----D---- C:\Program Files (x86)\CheckPoint
2011-05-28 13:23:41 ----D---- C:\Program Files (x86)\GameSpy Arcade
2011-05-28 13:20:59 ----D---- C:\Program Files (x86)\Microsoft Games
2011-05-27 20:03:22 ----D---- C:\Program Files (x86)\Rise of Nations
2011-05-25 15:36:35 ----A---- C:\Users\Peter\AppData\Roaming\RSBuddy Login.ini
2011-05-24 18:32:00 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-24 18:32:00 ----A---- C:\Windows\system32\poqexec.exe
2011-05-22 16:49:18 ----SHD---- C:\found.001
2011-05-15 19:49:08 ----AD---- C:\.Trash-1000
======List of files/folders modified in the last 1 months======
2011-06-12 06:27:25 ----RD---- C:\Program Files
2011-06-12 06:23:22 ----D---- C:\Windows\Temp
2011-06-12 06:19:51 ----D---- C:\Windows\system32\Tasks
2011-06-12 06:19:37 ----D---- C:\ProgramData\VMware
2011-06-12 06:19:01 ----A---- C:\Windows\SYSWOW64\log.txt
2011-06-12 06:17:38 ----D---- C:\Windows
2011-06-12 01:06:36 ----D---- C:\Program Files (x86)\Warcraft III
2011-06-11 21:24:05 ----D---- C:\Windows\system32\wdi
2011-06-11 12:19:35 ----D---- C:\Windows\system32\config
2011-06-11 01:40:14 ----HD---- C:\ProgramData
2011-06-11 00:40:35 ----SHD---- C:\System Volume Information
2011-06-11 00:37:49 ----D---- C:\Windows\winsxs
2011-06-11 00:31:29 ----D---- C:\Program Files (x86)\Connectify
2011-06-11 00:31:24 ----D---- C:\Windows\system32\drivers
2011-06-11 00:23:53 ----D---- C:\Windows\inf
2011-06-11 00:23:49 ----D---- C:\Windows\system32\DriverStore
2011-06-11 00:23:49 ----D---- C:\Windows\system32\catroot
2011-06-11 00:23:43 ----SHD---- C:\Windows\Installer
2011-06-11 00:23:00 ----D---- C:\Windows\SysWOW64
2011-06-11 00:22:10 ----RD---- C:\Program Files (x86)
2011-06-11 00:21:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-10 23:47:31 ----D---- C:\Windows\System32
2011-06-10 23:47:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-10 15:28:42 ----D---- C:\Windows\Prefetch
2011-06-09 13:28:55 ----D---- C:\Users\Peter\AppData\Roaming\vlc
2011-06-08 16:56:05 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-05-30 20:06:11 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2011-05-30 18:32:45 ----D---- C:\.jagex_cache_32
2011-05-30 18:25:15 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-05-29 12:47:51 ----SD---- C:\Users\Peter\AppData\Roaming\Microsoft
2011-05-27 11:23:56 ----A---- C:\Users\Peter\AppData\Roaming\RSBuddy_skkiller2.ini
2011-05-24 18:31:26 ----D---- C:\Windows\system32\catroot2
2011-05-20 14:01:32 ----A---- C:\Windows\system32\TURegOpt.exe
2011-05-20 13:55:42 ----A---- C:\Windows\system32\authuitu.dll
2011-05-20 13:55:36 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2011-05-20 13:55:32 ----A---- C:\Windows\system32\uxtuneup.dll
2011-05-20 13:55:28 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2011-05-18 10:18:34 ----D---- C:\Windows\Minidump
2011-05-13 08:23:22 ----D---- C:\Users\Peter\AppData\Roaming\BatteryCare
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-10-14 460888]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-15 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-04-01 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-10-14 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-09-21 362072]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-10-20 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-04-01 83120]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 38960]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-05-24 33672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-10-20 43680]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2009-10-22 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2009-10-22 68144]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [2009-10-12 32816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-31 2216960]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 connctfyMP;connctfyMP; C:\Windows\system32\DRIVERS\connctfy.sys [2011-03-07 34880]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-11-26 244736]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2009-12-04 107120]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
R3 vmkbd2;VMware kbd2; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 29744]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 20016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-08-02 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-08-02 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-08-02 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-08-02 33792]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 connctfy;Connectify Service; C:\Windows\system32\DRIVERS\connctfy.sys [2011-03-07 34880]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-03-28 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\Connectifyd.exe [2011-03-10 892992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-05-24 825984]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-09-17 57966424]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 154968]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2009-10-22 395824]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2011-06-01 2413424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe []
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-15 1255736]
-----------------EOF-----------------
Stroj sa taktiez zacal nadmerne zahrievat, dufam ze problem nebude hardverovy.
Dakujem
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zvysena aktivita
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zvysena aktivita
Naposledy upravil(a) vyosek dne 12 čer 2011 10:46, celkem upraveno 1 x.
Důvod: Log odstranen z code - je lepe citelny
Důvod: Log odstranen z code - je lepe citelny
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Zvysena aktivita
Dobrý den 
Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
Stáhneme si Combofix 
- Program uložíme nejlépe na Plochu
- Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
- Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
- Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,) - Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
- Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
- Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
- Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
- Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
- (Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Zvysena aktivita
Combofix log:
ComboFix 11-06-11.01 - Peter 12.06.2011 18:44:37.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3885.2316 [GMT 2:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\Peter\AppData\Local\.#
c:\users\Peter\AppData\Local\Browser Plugin\BHO.dll
c:\users\Peter\AppData\Roaming\data.dat
c:\users\Peter\AppData\Roaming\logs.dat
c:\users\Peter\AppData\Roaming\svchost.exe
c:\users\Peter\svchost.exe
c:\windows\system32\service
c:\windows\SysWow64\logs
.
----- BITS: Možné infikované stránky -----
.
hxxp://download.zonealarm.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-12 do 2011-06-12 )))))))))))))))))))))))))))))))
.
.
2011-06-12 16:52 . 2011-06-12 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 04:27 . 2011-06-12 04:30 -------- d-----w- c:\program files\trend micro
2011-06-12 04:27 . 2011-06-12 04:28 -------- d-----w- C:\rsit
2011-06-10 23:40 . 2011-06-10 23:40 -------- d-----w- c:\programdata\Kaspersky SDK
2011-06-10 22:40 . 2011-06-10 22:40 -------- d-----w- c:\users\Peter\AppData\Roaming\MailFrontier
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Roaming\CheckPoint
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Local\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\ZoneAlarm_Security
2011-06-10 22:21 . 2011-06-10 22:21 -------- d-----w- c:\program files\CheckPoint
2011-06-10 22:20 . 2011-06-10 22:20 -------- d-----w- c:\programdata\CheckPoint
2011-06-10 22:20 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\programdata\Avira
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\program files (x86)\Avira
2011-06-10 21:32 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-10 21:32 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-10 21:29 . 2011-06-10 22:20 -------- d-----w- c:\program files (x86)\CheckPoint
2011-05-29 10:47 . 2011-05-29 10:47 -------- d-----w- c:\users\Peter\AppData\Local\jagexlauncher
2011-05-28 11:23 . 2011-05-28 11:23 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2011-05-28 11:20 . 2011-05-28 11:20 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-05-27 18:03 . 2011-05-27 18:06 -------- d-----w- c:\program files (x86)\Rise of Nations
2011-05-24 16:32 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 16:32 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-22 14:49 . 2011-05-22 14:49 -------- d-----w- C:\found.001
2011-05-15 17:49 . 2011-05-15 17:49 -------- d---a-w- C:\.Trash-1000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-20 12:01 . 2011-01-19 07:33 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-20 11:55 . 2011-01-19 07:33 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-05-20 11:55 . 2011-01-19 07:33 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-05-11 15:24 . 2010-10-29 11:05 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-11 14:50 . 2010-12-16 20:28 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-07 15:51 . 2011-05-07 15:51 454232 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 06:45 . 2011-05-12 06:00 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-12 06:00 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 06:00 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-04 21:03 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-04 20:52 . 2011-04-04 20:52 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 448512 ----a-w- c:\windows\system32\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-04 20:52 . 2011-04-04 20:52 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-23 12:16 . 2011-02-10 12:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-23 12:16 . 2011-02-09 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"="c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2440552]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2988784]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2011-03-09 1532992]
"X-Lite 4"="c:\program files (x86)\CounterPath\X-Lite 4\X-Lite4.exe" [2010-08-11 2863616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-10-15 3054136]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-09 74752]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-06-01 71824]
.
c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DeskPins.lnk - c:\program files (x86)\DeskPins\DeskPins.exe [2004-5-2 62464]
openSUSE-uninst.exe [2011-2-20 64202]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-10-14 156952]
vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-10-28 5120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAPower"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\Connectifyd.exe [2011-03-09 892992]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-05-24 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-05-24 825984]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [2008-07-26 14544]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000Core.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000UA.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.SharewareIsland.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 193.85.1.100 193.85.2.100 212.71.150.2
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}\4757F6E65647D26707E6: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file)
WebBrowser-{A8864317-E18B-4292-99D9-E6E65AB905D3} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-12 18:54:16
ComboFix-quarantined-files.txt 2011-06-12 16:54
.
Před spuštěním: Volných bajtů: 75 629 719 552
Po spuštění: Volných bajtů: 75 655 827 456
.
- - End Of File - - 2545FB97728C385938302F45D5752B35
ComboFix 11-06-11.01 - Peter 12.06.2011 18:44:37.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3885.2316 [GMT 2:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\Peter\AppData\Local\.#
c:\users\Peter\AppData\Local\Browser Plugin\BHO.dll
c:\users\Peter\AppData\Roaming\data.dat
c:\users\Peter\AppData\Roaming\logs.dat
c:\users\Peter\AppData\Roaming\svchost.exe
c:\users\Peter\svchost.exe
c:\windows\system32\service
c:\windows\SysWow64\logs
.
----- BITS: Možné infikované stránky -----
.
hxxp://download.zonealarm.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-12 do 2011-06-12 )))))))))))))))))))))))))))))))
.
.
2011-06-12 16:52 . 2011-06-12 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 04:27 . 2011-06-12 04:30 -------- d-----w- c:\program files\trend micro
2011-06-12 04:27 . 2011-06-12 04:28 -------- d-----w- C:\rsit
2011-06-10 23:40 . 2011-06-10 23:40 -------- d-----w- c:\programdata\Kaspersky SDK
2011-06-10 22:40 . 2011-06-10 22:40 -------- d-----w- c:\users\Peter\AppData\Roaming\MailFrontier
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Roaming\CheckPoint
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Local\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\ZoneAlarm_Security
2011-06-10 22:21 . 2011-06-10 22:21 -------- d-----w- c:\program files\CheckPoint
2011-06-10 22:20 . 2011-06-10 22:20 -------- d-----w- c:\programdata\CheckPoint
2011-06-10 22:20 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\programdata\Avira
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\program files (x86)\Avira
2011-06-10 21:32 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-10 21:32 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-10 21:29 . 2011-06-10 22:20 -------- d-----w- c:\program files (x86)\CheckPoint
2011-05-29 10:47 . 2011-05-29 10:47 -------- d-----w- c:\users\Peter\AppData\Local\jagexlauncher
2011-05-28 11:23 . 2011-05-28 11:23 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2011-05-28 11:20 . 2011-05-28 11:20 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-05-27 18:03 . 2011-05-27 18:06 -------- d-----w- c:\program files (x86)\Rise of Nations
2011-05-24 16:32 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 16:32 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-22 14:49 . 2011-05-22 14:49 -------- d-----w- C:\found.001
2011-05-15 17:49 . 2011-05-15 17:49 -------- d---a-w- C:\.Trash-1000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-20 12:01 . 2011-01-19 07:33 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-20 11:55 . 2011-01-19 07:33 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-05-20 11:55 . 2011-01-19 07:33 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-05-11 15:24 . 2010-10-29 11:05 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-11 14:50 . 2010-12-16 20:28 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-07 15:51 . 2011-05-07 15:51 454232 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 06:45 . 2011-05-12 06:00 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-12 06:00 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 06:00 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-04 21:03 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-04 20:52 . 2011-04-04 20:52 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 448512 ----a-w- c:\windows\system32\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-04 20:52 . 2011-04-04 20:52 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-23 12:16 . 2011-02-10 12:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-23 12:16 . 2011-02-09 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"="c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2440552]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2988784]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2011-03-09 1532992]
"X-Lite 4"="c:\program files (x86)\CounterPath\X-Lite 4\X-Lite4.exe" [2010-08-11 2863616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-10-15 3054136]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-09 74752]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-06-01 71824]
.
c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DeskPins.lnk - c:\program files (x86)\DeskPins\DeskPins.exe [2004-5-2 62464]
openSUSE-uninst.exe [2011-2-20 64202]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-10-14 156952]
vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-10-28 5120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAPower"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\Connectifyd.exe [2011-03-09 892992]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-05-24 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-05-24 825984]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [2008-07-26 14544]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000Core.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000UA.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.SharewareIsland.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 193.85.1.100 193.85.2.100 212.71.150.2
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}\4757F6E65647D26707E6: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file)
WebBrowser-{A8864317-E18B-4292-99D9-E6E65AB905D3} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-12 18:54:16
ComboFix-quarantined-files.txt 2011-06-12 16:54
.
Před spuštěním: Volných bajtů: 75 629 719 552
Po spuštění: Volných bajtů: 75 655 827 456
.
- - End Of File - - 2545FB97728C385938302F45D5752B35
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Zvysena aktivita
Otevřeme si Poznámkový blok 
- (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
- Vložíme do něj následující script:
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] [HKEY_USERS\S-1-5-21-2159869977-1460596281-3831579034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] Firefox:: FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\ FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com DDS:: uStart Page = hxxp://www.SharewareIsland.com Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=- "Persistence"=- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"=- "Adobe Reader Speed Launcher"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "SUPERAntiSpyware"=- Reboot:: - Soubor uložíme na Plochu jako CFScript.txt
- Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
- Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Naposledy upravil(a) chodnik74 dne 12 čer 2011 21:45, celkem upraveno 1 x.
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Zvysena aktivita
ComboFix 11-06-11.01 - Peter 12.06.2011 20:47:37.2.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3885.2215 [GMT 2:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Peter\Desktop\CFScript.txt
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\defaults\preferences\prefs.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome.manifest
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\ff-overlay.xul
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\icon.png
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\overlay.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\locale\en-US\overlay.properties
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\install.rdf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\manifest.mf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\zigbert.rsa
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\zigbert.sf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\setup.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-12 do 2011-06-12 )))))))))))))))))))))))))))))))
.
.
2011-06-12 18:54 . 2011-06-12 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 04:27 . 2011-06-12 04:30 -------- d-----w- c:\program files\trend micro
2011-06-12 04:27 . 2011-06-12 04:28 -------- d-----w- C:\rsit
2011-06-10 23:40 . 2011-06-10 23:40 -------- d-----w- c:\programdata\Kaspersky SDK
2011-06-10 22:40 . 2011-06-10 22:40 -------- d-----w- c:\users\Peter\AppData\Roaming\MailFrontier
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Roaming\CheckPoint
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Local\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\ZoneAlarm_Security
2011-06-10 22:21 . 2011-06-10 22:21 -------- d-----w- c:\program files\CheckPoint
2011-06-10 22:20 . 2011-06-10 22:20 -------- d-----w- c:\programdata\CheckPoint
2011-06-10 22:20 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\programdata\Avira
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\program files (x86)\Avira
2011-06-10 21:32 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-10 21:32 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-10 21:29 . 2011-06-10 22:20 -------- d-----w- c:\program files (x86)\CheckPoint
2011-05-29 10:47 . 2011-05-29 10:47 -------- d-----w- c:\users\Peter\AppData\Local\jagexlauncher
2011-05-28 11:23 . 2011-05-28 11:23 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2011-05-28 11:20 . 2011-05-28 11:20 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-05-27 18:03 . 2011-05-27 18:06 -------- d-----w- c:\program files (x86)\Rise of Nations
2011-05-24 16:32 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 16:32 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-22 14:49 . 2011-05-22 14:49 -------- d-----w- C:\found.001
2011-05-15 17:49 . 2011-05-15 17:49 -------- d---a-w- C:\.Trash-1000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-20 12:01 . 2011-01-19 07:33 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-20 11:55 . 2011-01-19 07:33 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-05-20 11:55 . 2011-01-19 07:33 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-05-11 15:24 . 2010-10-29 11:05 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-11 14:50 . 2010-12-16 20:28 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-07 15:51 . 2011-05-07 15:51 454232 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 06:45 . 2011-05-12 06:00 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-12 06:00 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 06:00 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-04 21:03 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-04 20:52 . 2011-04-04 20:52 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 448512 ----a-w- c:\windows\system32\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-04 20:52 . 2011-04-04 20:52 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-23 12:16 . 2011-02-10 12:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-23 12:16 . 2011-02-09 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-12_16.52.16 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-06-12 16:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-12 16:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-12 16:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-12 18:56 . 2011-06-12 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-12 16:40 . 2011-06-12 16:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-12 18:56 . 2011-06-12 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-12 16:40 . 2011-06-12 16:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-10-15 01:14 . 2011-06-12 18:55 1585208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-10-15 01:14 . 2011-06-12 16:39 1585208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"="c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2440552]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2011-03-09 1532992]
"X-Lite 4"="c:\program files (x86)\CounterPath\X-Lite 4\X-Lite4.exe" [2010-08-11 2863616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-10-15 3054136]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-06-01 71824]
.
c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DeskPins.lnk - c:\program files (x86)\DeskPins\DeskPins.exe [2004-5-2 62464]
openSUSE-uninst.exe [2011-2-20 64202]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-10-14 156952]
vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-10-28 5120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAPower"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\Connectifyd.exe [2011-03-09 892992]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-05-24 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-05-24 825984]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [2008-07-26 14544]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000Core.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000UA.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"ISW"="" [BU]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 193.85.1.100 193.85.2.100 212.71.150.2
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}\4757F6E65647D26707E6: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\Conexant\SAII\SmartAudio.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Celkový čas: 2011-06-12 21:02:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-12 19:02
ComboFix2.txt 2011-06-12 16:54
.
Před spuštěním: Volných bajtů: 75 267 571 712
Po spuštění: Volných bajtů: 75 335 147 520
.
- - End Of File - - D5C0244EAFC9F8B564A6AD8F9714AA1D
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3885.2215 [GMT 2:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Peter\Desktop\CFScript.txt
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\defaults\preferences\prefs.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome.manifest
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\ff-overlay.xul
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\icon.png
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\content\overlay.js
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\chrome\locale\en-US\overlay.properties
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\install.rdf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\manifest.mf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\zigbert.rsa
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\META-INF\zigbert.sf
c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\extensions\plugin2@gameplaylabs.com\setup.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-12 do 2011-06-12 )))))))))))))))))))))))))))))))
.
.
2011-06-12 18:54 . 2011-06-12 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 04:27 . 2011-06-12 04:30 -------- d-----w- c:\program files\trend micro
2011-06-12 04:27 . 2011-06-12 04:28 -------- d-----w- C:\rsit
2011-06-10 23:40 . 2011-06-10 23:40 -------- d-----w- c:\programdata\Kaspersky SDK
2011-06-10 22:40 . 2011-06-10 22:40 -------- d-----w- c:\users\Peter\AppData\Roaming\MailFrontier
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Roaming\CheckPoint
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\users\Peter\AppData\Local\Conduit
2011-06-10 22:22 . 2011-06-10 22:22 -------- d-----w- c:\program files (x86)\ZoneAlarm_Security
2011-06-10 22:21 . 2011-06-10 22:21 -------- d-----w- c:\program files\CheckPoint
2011-06-10 22:20 . 2011-06-10 22:20 -------- d-----w- c:\programdata\CheckPoint
2011-06-10 22:20 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\programdata\Avira
2011-06-10 21:32 . 2011-06-10 21:32 -------- d-----w- c:\program files (x86)\Avira
2011-06-10 21:32 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-10 21:32 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-10 21:29 . 2011-06-10 22:20 -------- d-----w- c:\program files (x86)\CheckPoint
2011-05-29 10:47 . 2011-05-29 10:47 -------- d-----w- c:\users\Peter\AppData\Local\jagexlauncher
2011-05-28 11:23 . 2011-05-28 11:23 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2011-05-28 11:20 . 2011-05-28 11:20 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-05-27 18:03 . 2011-05-27 18:06 -------- d-----w- c:\program files (x86)\Rise of Nations
2011-05-24 16:32 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 16:32 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-22 14:49 . 2011-05-22 14:49 -------- d-----w- C:\found.001
2011-05-15 17:49 . 2011-05-15 17:49 -------- d---a-w- C:\.Trash-1000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-20 12:01 . 2011-01-19 07:33 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-20 11:55 . 2011-01-19 07:33 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-05-20 11:55 . 2011-01-19 07:33 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-05-20 11:55 . 2011-01-19 07:33 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-05-11 15:24 . 2010-10-29 11:05 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-11 14:50 . 2010-12-16 20:28 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-07 15:51 . 2011-05-07 15:51 454232 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 06:45 . 2011-05-12 06:00 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-12 06:00 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 06:00 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-04 21:03 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-04 20:52 . 2011-04-04 20:52 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-04 20:52 . 2011-04-04 20:52 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-04 20:52 . 2011-04-04 20:52 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-04 20:52 . 2011-04-04 20:52 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-04 20:52 . 2011-04-04 20:52 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-04 20:52 . 2011-04-04 20:52 448512 ----a-w- c:\windows\system32\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-04 20:52 . 2011-04-04 20:52 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-04 20:52 . 2011-04-04 20:52 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-04 20:52 . 2011-04-04 20:52 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-04 20:52 . 2011-04-04 20:52 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-04 20:52 . 2011-04-04 20:52 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-04 20:52 . 2011-04-04 20:52 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-04 20:52 . 2011-04-04 20:52 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-04 20:52 . 2011-04-04 20:52 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-04 20:52 . 2011-04-04 20:52 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-04 20:52 . 2011-04-04 20:52 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-04 20:52 . 2011-04-04 20:52 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-04 20:52 . 2011-04-04 20:52 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-04 20:52 . 2011-04-04 20:52 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-04 20:52 . 2011-04-04 20:52 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-04 20:52 . 2011-04-04 20:52 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-04 20:52 . 2011-04-04 20:52 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-23 12:16 . 2011-02-10 12:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-23 12:16 . 2011-02-09 16:44 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-12_16.52.16 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-06-12 16:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-12 16:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-12 16:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-12 18:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-12 18:56 . 2011-06-12 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-12 16:40 . 2011-06-12 16:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-12 18:56 . 2011-06-12 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-12 16:40 . 2011-06-12 16:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-10-15 01:14 . 2011-06-12 18:55 1585208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-10-15 01:14 . 2011-06-12 16:39 1585208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files (x86)\ZoneAlarm_Security\prxtbZone.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"="c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-09 2440552]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2011-03-09 1532992]
"X-Lite 4"="c:\program files (x86)\CounterPath\X-Lite 4\X-Lite4.exe" [2010-08-11 2863616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-10-15 3054136]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-06-01 71824]
.
c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DeskPins.lnk - c:\program files (x86)\DeskPins\DeskPins.exe [2004-5-2 62464]
openSUSE-uninst.exe [2011-2-20 64202]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-10-14 156952]
vpngui.exe.lnk - c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe [2010-10-28 5120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAPower"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\Connectifyd.exe [2011-03-09 892992]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-05-24 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-05-24 825984]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [2008-07-26 14544]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000Core.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2159869977-1460596281-3831579034-1000UA.job
- c:\users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"ISW"="" [BU]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 193.85.1.100 193.85.2.100 212.71.150.2
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}: NameServer = 8.8.8.8
TCP: Interfaces\{112DB2DC-4359-45E7-9475-16193387535E}\4757F6E65647D26707E6: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\hegofm19.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\Conexant\SAII\SmartAudio.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Celkový čas: 2011-06-12 21:02:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-12 19:02
ComboFix2.txt 2011-06-12 16:54
.
Před spuštěním: Volných bajtů: 75 267 571 712
Po spuštění: Volných bajtů: 75 335 147 520
.
- - End Of File - - D5C0244EAFC9F8B564A6AD8F9714AA1D
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Zvysena aktivita
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enterJak se PC chová
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Přispějete na provoz fóra?