VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

log Hijack

https://forum.viry.cz:443/viewtopic.php?t=82400

Stránka 4 z 4

Re: log Hijack

Napsal: 26 bře 2010 17:59
od Rudy
Nemáte zač!

Re: log Hijack

Napsal: 22 úno 2011 20:07
od piserius
Dobrý den,
zpozoroval jsem docela znatelné spomalení systému a netuším, čím by to mohlo být. Když jsem projel HDD Nodem, tak to nic nenašlo. Prosím o kontrolu logu, děkuji.

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by piserius at 2011-02-22 20:04:27
Microsoft Windows 7 Ultimate  
System drive C: has 262 GB (27%) free of 954 GB
Total RAM: 4092 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:40, on 22.2.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files\Ektiv_2.2.0\Ektiv2.exe
C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe
C:\Program Files (x86)\Gigabyte\RCApp\U7000RCApp.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\TC UP\totalcmd.exe
C:\Program Files\trend micro\piserius.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\Run: [RCApp] C:\Program Files (x86)\gigabyte\RCApp\U7000RCApp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Ektiv] C:\Program Files\Ektiv_2.2.0\Ektiv2.exe /mini
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\Users\piserius\AppData\Local\Temp\E_S40B8.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9046 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
atieclxx
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Ektiv_2.2.0\Ektiv2.exe" /mini
"C:\Windows\System32\spool\drivers\x64\3\E_IATIEDE.EXE" /FU "C:\Users\piserius\AppData\Local\Temp\E_S40B8.tmp" /EF "HKCU"
KHALMNPR.EXE /API
"C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe" 
"C:\Program Files (x86)\Gigabyte\RCApp\U7000RCApp.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Trillian\trillian.exe" 
"C:\Program Files (x86)\Opera\opera.exe" 
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
taskeng.exe {430083C6-1C18-42E2-9678-72CFBF8D20B2}
C:\Windows\System32\svchost.exe -k WerSvcGroup
totalcmd.exe /i="C:\Program Files (x86)\TC UP\wincmd.ini" 
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Users\piserius\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-01-09 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - 
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-01-09 520192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2916584]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1609296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Ektiv"=C:\Program Files\Ektiv_2.2.0\Ektiv2.exe [2008-04-06 354304]
"EPSON SX100 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2009-07-29 221696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free PDF Print Dispatcher]
C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\piserius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-12 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2010-11-16 422912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
C:\Windows\vVX1000.exe [2010-05-20 762736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ChangeFilterMerit"=C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
"Presto! PVR Monitor"=C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [2008-08-08 153424]
"RCApp"=C:\Program Files (x86)\gigabyte\RCApp\U7000RCApp.exe [2010-01-26 634368]
"SearchSettings"=C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 336384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 66640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-22 20:04:29 ----D---- C:\Program Files\trend micro
2011-02-22 20:04:27 ----D---- C:\rsit
2011-02-16 19:10:14 ----SHD---- C:\Config.Msi
2011-01-30 09:28:43 ----A---- C:\cmdlog.txt
2011-01-29 19:26:19 ----D---- C:\Program Files (x86)\Freemake
2011-01-26 18:14:18 ----D---- C:\Program Files\Tyrell

======List of files/folders modified in the last 1 months======

2011-02-22 20:04:38 ----D---- C:\Windows\Temp
2011-02-22 20:04:29 ----RD---- C:\Program Files
2011-02-22 19:58:47 ----D---- C:\Program Files (x86)\Trillian
2011-02-22 19:58:02 ----D---- C:\Windows\system32\config
2011-02-22 19:57:22 ----D---- C:\Windows\system32\catroot2
2011-02-22 19:57:21 ----D---- C:\Windows\system32\catroot
2011-02-22 19:55:00 ----D---- C:\Windows\winsxs
2011-02-22 19:46:50 ----SHD---- C:\System Volume Information
2011-02-22 19:39:25 ----D---- C:\Program Files (x86)\Steam
2011-02-22 19:16:43 ----D---- C:\Users\piserius\AppData\Roaming\Skype
2011-02-22 19:07:29 ----D---- C:\Windows\Prefetch
2011-02-22 18:59:51 ----D---- C:\Program Files (x86)\JDownloader
2011-02-22 18:52:44 ----D---- C:\Users\piserius\AppData\Roaming\skypePM
2011-02-22 18:00:42 ----D---- C:\Windows\system32\NDF
2011-02-22 16:03:32 ----D---- C:\Windows\System32
2011-02-22 16:03:31 ----D---- C:\Windows\inf
2011-02-22 16:03:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-19 10:22:31 ----D---- C:\Users\piserius\AppData\Roaming\EPSON
2011-02-16 19:11:19 ----SHD---- C:\Windows\Installer
2011-02-16 19:11:09 ----RD---- C:\Program Files (x86)
2011-02-16 19:11:09 ----HD---- C:\ProgramData
2011-02-16 19:11:09 ----D---- C:\ProgramData\Kaspersky Lab
2011-02-16 19:10:26 ----D---- C:\Windows\system32\DriverStore
2011-02-16 19:10:25 ----D---- C:\Windows\system32\drivers
2011-02-06 18:48:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-02-06 18:46:57 ----D---- C:\Program Files (x86)\Gigabyte
2011-02-06 18:44:40 ----A---- C:\Windows\SYSWOW64\Main.ini
2011-02-06 13:46:39 ----SD---- C:\Users\piserius\AppData\Roaming\Microsoft
2011-02-06 10:53:08 ----D---- C:\Windows\SysWOW64
2011-02-06 10:47:53 ----D---- C:\ProgramData\Blizzard Entertainment
2011-02-06 10:46:11 ----D---- C:\Windows\system32\Tasks
2011-02-02 17:11:20 ----N---- C:\Windows\system32\MpSigStub.exe
2011-02-01 16:29:39 ----D---- C:\Users\piserius\AppData\Roaming\Ektiv2
2011-01-30 08:10:36 ----D---- C:\Program Files (x86)\Opera
2011-01-28 19:20:01 ----D---- C:\Windows
2011-01-26 21:34:31 ----D---- C:\Program Files (x86)\Grep-a-Fruit
2011-01-24 15:16:22 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-23 18:51:39 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-10-31 85936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-07-08 1484800]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 63568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-03-18 57936]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-03-18 41040]
R3 mod7700;DiBcom based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-07-13 620040]
R3 MODRC;DiBcom Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-13 24200]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2011-01-08 34032]
R3 wbondir;Winbond CIR Transceiver; C:\Windows\system32\DRIVERS\wbondir.sys [2007-03-20 56320]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 CsrBtPort;Csr Bluetooth Device Driver; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2011-01-13 2053632]
S3 csrusb;CSR USB driver for Bluetooth dongle; C:\Windows\System32\Drivers\csrusb.sys [2011-01-13 44032]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-01-08 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-01-08 27176]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 VHidMinidrv;Bluetooth HID Device Service; C:\Windows\system32\drivers\VHIDMini.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2010-05-20 2060144]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2009-07-29 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2009-07-29 126464]
R2 MCEBuddy;MCEBuddy Service; C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 16384]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 42360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-06-11 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-11 655624]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 357456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe []
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-11 1255736]

-----------------EOF-----------------

Re: log Hijack

Napsal: 22 úno 2011 20:17
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: log Hijack

Napsal: 22 úno 2011 21:17
od piserius
Zde je výpis:

Kód: Vybrat vše

ComboFix 11-02-22.01 - piserius 22.02.2011  20:59:59.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1029.18.4092.2795 [GMT 1:00]
Spuštěný z: c:\users\piserius\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((   Soubory vytvořené od 2011-01-22 do 2011-02-22  )))))))))))))))))))))))))))))))
.

2011-02-22 20:05 . 2011-02-22 20:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-02-22 19:55 . 2011-02-22 19:56	--------	d-----w-	C:\32788R22FWJFW
2011-02-22 19:28 . 2011-02-22 19:28	--------	d-----w-	c:\windows\system32\SPReview
2011-02-22 19:27 . 2011-02-22 19:27	--------	d-----w-	c:\windows\system32\EventProviders
2011-02-22 19:19 . 2010-11-05 01:57	48976	----a-w-	c:\windows\system32\netfxperf.dll
2011-02-22 19:19 . 2010-11-05 01:57	1942856	----a-w-	c:\windows\system32\dfshim.dll
2011-02-22 19:17 . 2010-11-20 13:34	215936	----a-w-	c:\windows\system32\drivers\vhdmp.sys
2011-02-22 19:16 . 2010-11-20 13:27	86016	----a-w-	c:\windows\system32\TSpkg.dll
2011-02-22 19:15 . 2010-11-20 12:21	189952	----a-w-	c:\windows\SysWow64\wdscore.dll
2011-02-22 19:15 . 2010-11-20 12:17	209920	----a-w-	c:\windows\SysWow64\PkgMgr.exe
2011-02-22 19:15 . 2010-11-20 12:18	323072	----a-w-	c:\windows\SysWow64\drvstore.dll
2011-02-22 19:15 . 2010-11-20 12:18	257024	----a-w-	c:\windows\SysWow64\dpx.dll
2011-02-22 19:15 . 2010-11-20 12:21	363008	----a-w-	c:\windows\SysWow64\wbemcomn.dll
2011-02-22 19:15 . 2010-11-20 12:19	606208	----a-w-	c:\windows\SysWow64\wbem\fastprox.dll
2011-02-22 19:13 . 2010-11-20 13:27	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2011-02-22 19:13 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2011-02-22 19:13 . 2010-11-20 13:27	1225216	----a-w-	c:\windows\system32\wbem\wbemcore.dll
2011-02-22 19:13 . 2010-11-20 13:27	933376	----a-w-	c:\windows\system32\SmiEngine.dll
2011-02-22 19:13 . 2010-11-20 13:25	199168	----a-w-	c:\windows\system32\PkgMgr.exe
2011-02-22 19:12 . 2010-11-20 13:26	422912	----a-w-	c:\windows\system32\drvstore.dll
2011-02-22 19:12 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2011-02-22 19:04 . 2011-02-22 19:04	--------	d-----w-	c:\program files\trend micro
2011-02-22 19:04 . 2011-02-22 19:04	--------	d-----w-	C:\rsit
2011-02-22 19:01 . 2011-01-07 09:51	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-02-22 19:01 . 2011-01-07 06:01	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-02-22 18:46 . 2011-01-13 10:20	7844688	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA36FC5F-AB0D-4A77-9BA9-E710E99B6724}\mpengine.dll
2011-02-22 18:12 . 2010-12-17 11:40	715776	----a-w-	c:\windows\system32\kerberos.dll
2011-02-22 18:12 . 2010-12-17 07:07	542208	----a-w-	c:\windows\SysWow64\kerberos.dll
2011-02-22 18:12 . 2011-01-05 06:56	3129344	----a-w-	c:\windows\system32\win32k.sys
2011-01-30 08:28 . 2011-01-30 08:28	--------	d-----w-	c:\users\piserius\AppData\Local\LucasArts
2011-01-29 18:26 . 2011-01-29 18:26	--------	d-----w-	c:\program files (x86)\Freemake
2011-01-26 17:14 . 2011-01-26 17:14	--------	d-----w-	c:\program files\Tyrell
2011-01-26 14:19 . 2011-01-26 14:19	484160	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-22 19:35 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-02-22 19:35 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-02-06 20:00 . 2010-06-10 20:41	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2011-02-02 16:11 . 2010-06-10 20:17	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-01-15 11:03 . 2011-01-15 11:03	49079	----a-w-	c:\windows\SysWow64\RadLightAPEUninstall.exe
2011-01-13 09:34 . 2011-01-13 09:34	44032	----a-w-	c:\windows\system32\drivers\csrusb.sys
2011-01-13 09:34 . 2011-01-13 09:34	2053632	----a-w-	c:\windows\system32\drivers\CsrBtPort.sys
2011-01-08 19:19 . 2011-01-08 19:19	34032	----a-w-	c:\windows\system32\drivers\seehcri.sys
2011-01-08 19:19 . 2011-01-08 19:19	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2011-01-08 19:18 . 2011-01-08 19:18	27176	----a-w-	c:\windows\system32\drivers\ggsemc.sys
2011-01-08 19:18 . 2011-01-08 19:18	13352	----a-w-	c:\windows\system32\drivers\ggflt.sys
2010-11-26 04:20 . 2010-11-26 04:20	8120320	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2010-11-26 03:19 . 2010-11-26 03:19	21610496	----a-w-	c:\windows\system32\atio6axx.dll
2010-11-26 03:02 . 2010-11-26 03:02	16702976	----a-w-	c:\windows\SysWow64\atioglxx.dll
2010-11-26 02:58 . 2010-11-26 02:58	143360	----a-w-	c:\windows\system32\atiapfxx.exe
2010-11-26 02:58 . 2010-11-26 02:58	550400	----a-w-	c:\windows\SysWow64\aticfx32.dll
2010-11-26 02:57 . 2010-11-26 02:57	648704	----a-w-	c:\windows\system32\aticfx64.dll
2010-11-26 02:54 . 2010-11-26 02:54	462848	----a-w-	c:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54 . 2010-11-26 02:54	478720	----a-w-	c:\windows\system32\atieclxx.exe
2010-11-26 02:54 . 2010-11-26 02:54	203776	----a-w-	c:\windows\system32\atiesrxx.exe
2010-11-26 02:53 . 2010-11-26 02:53	120320	----a-w-	c:\windows\system32\atitmm64.dll
2010-11-26 02:52 . 2010-11-26 02:52	423424	----a-w-	c:\windows\system32\atipdl64.dll
2010-11-26 02:52 . 2010-11-26 02:52	356352	----a-w-	c:\windows\SysWow64\atipdlxx.dll
2010-11-26 02:52 . 2010-11-26 02:52	278528	----a-w-	c:\windows\SysWow64\Oemdspif.dll
2010-11-26 02:52 . 2010-11-26 02:52	16384	----a-w-	c:\windows\system32\atimuixx.dll
2010-11-26 02:52 . 2010-11-26 02:52	59392	----a-w-	c:\windows\system32\atiedu64.dll
2010-11-26 02:52 . 2010-11-26 02:52	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2010-11-26 02:49 . 2010-11-26 02:49	4066816	----a-w-	c:\windows\SysWow64\atidxx32.dll
2010-11-26 02:40 . 2009-07-13 21:59	4794368	----a-w-	c:\windows\system32\atidxx64.dll
2010-11-26 02:30 . 2010-11-26 02:30	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2010-11-26 02:30 . 2010-11-26 02:30	4122624	----a-w-	c:\windows\SysWow64\atiumdag.dll
2010-11-26 02:30 . 2010-11-26 02:30	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2010-11-26 02:30 . 2010-11-26 02:30	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2010-11-26 02:30 . 2010-11-26 02:30	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2010-11-26 02:29 . 2010-11-26 02:29	6815232	----a-w-	c:\windows\system32\aticaldd64.dll
2010-11-26 02:29 . 2010-11-26 02:29	3217408	----a-w-	c:\windows\system32\atiumd6a.dll
2010-11-26 02:28 . 2010-11-26 02:28	5441024	----a-w-	c:\windows\SysWow64\aticaldd.dll
2010-11-26 02:24 . 2010-11-26 02:24	58880	----a-w-	c:\windows\system32\coinst.dll
2010-11-26 02:24 . 2010-11-26 02:24	5258240	----a-w-	c:\windows\system32\atiumd64.dll
2010-11-26 02:22 . 2010-11-26 02:22	3460096	----a-w-	c:\windows\SysWow64\atiumdva.dll
2010-11-26 02:17 . 2010-11-26 02:17	351232	----a-w-	c:\windows\system32\atiadlxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	249856	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2010-11-26 02:17 . 2010-11-26 02:17	14848	----a-w-	c:\windows\system32\atig6pxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	12800	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	12800	----a-w-	c:\windows\system32\atiglpxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	31744	----a-w-	c:\windows\system32\atig6txx.dll
2010-11-26 02:16 . 2010-11-26 02:16	27136	----a-w-	c:\windows\SysWow64\atigktxx.dll
2010-11-26 02:16 . 2010-11-26 02:16	289792	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2010-11-26 02:16 . 2010-11-26 02:16	39936	----a-w-	c:\windows\system32\atiuxp64.dll
2010-11-26 02:15 . 2010-11-26 02:15	30720	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2010-11-26 02:15 . 2010-11-26 02:15	37888	----a-w-	c:\windows\system32\atiu9p64.dll
2010-11-26 02:15 . 2010-11-26 02:15	28672	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2010-11-26 02:15 . 2010-11-26 02:15	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2010-11-26 02:09 . 2010-11-26 02:09	53760	----a-w-	c:\windows\system32\atimpc64.dll
2010-11-26 02:09 . 2010-11-26 02:09	53760	----a-w-	c:\windows\system32\amdpcom64.dll
2010-11-26 02:09 . 2010-11-26 02:09	52736	----a-w-	c:\windows\SysWow64\atimpc32.dll
2010-11-26 02:09 . 2010-11-26 02:09	52736	----a-w-	c:\windows\SysWow64\amdpcom32.dll
.

((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20	442880	----a-w-	c:\windows\System32\ntshrui.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ektiv"="c:\program files\Ektiv_2.2.0\Ektiv2.exe" [2008-04-06 354304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ChangeFilterMerit"="c:\program files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\program files (x86)\NewSoft\Presto! PVR\Monitor.exe" [2008-08-08 153424]
"RCApp"="c:\program files (x86)\gigabyte\RCApp\U7000RCApp.exe" [2010-01-26 634368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

R1 VD_FileDisk;VD_FileDisk; [x]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 12800]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 491088]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 339536]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 107904]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 61440]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 97856]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-06-10 18432]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-06-10 8704]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 30088]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 CsrBtPort;Csr Bluetooth Device Driver;c:\windows\system32\DRIVERS\CsrBtPort.sys [2011-01-13 2053632]
R3 csrusb;CSR USB driver for Bluetooth dongle;c:\windows\system32\Drivers\csrusb.sys [2011-01-13 44032]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 530496]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 34304]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-06-11 1038088]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 55376]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-08 13352]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-06-10 31232]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2010-11-20 78720]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 410496]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 78848]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 273792]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 27016]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 114752]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 106560]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 115776]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 35392]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 155008]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 31104]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 140672]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 51264]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 166272]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1524816]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 128592]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 29696]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-14 13824]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 80464]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-14 93184]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 39424]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 40960]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 64592]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-14 100352]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 31232]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 215936]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 161872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-14 27776]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-11 1255736]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1504256]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 21056]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 27008]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 367696]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2010-11-20 459248]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 70224]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 223248]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14720]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2010-11-20 152960]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 15424]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 50768]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-20 46464]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 36432]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 71552]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2010-11-20 363392]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 102400]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 24576]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 7680]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 8192]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 119296]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 88576]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-14 60928]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 113152]
S2 MCEBuddy;MCEBuddy Service;c:\program files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 16384]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 651264]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3524608]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 45056]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 229888]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 90624]
S3 circlass;Uživatelská infračervená zařízení;c:\windows\system32\DRIVERS\circlass.sys [2009-07-14 45568]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 38912]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 982912]
S3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 31232]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [2007-07-13 24200]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 30208]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-14 77312]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 287744]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 128000]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-14 318976]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2011-01-08 34032]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 413184]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 167936]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 125440]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 48640]
S3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576]
S3 wbondir;Winbond CIR Transceiver;c:\windows\system32\DRIVERS\wbondir.sys [2007-03-20 56320]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 27136]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch	REG_MULTI_SZ   	Power PlugPlay DcomLaunch
wcssvc	REG_MULTI_SZ   	WcsPlugInService

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
sppuinotify

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalServiceNetworkRestricted
BthHFSrv

.
Obsah adresáře 'Naplánované úlohy'

2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001Core.job
- c:\users\piserius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-12 05:47]

2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001UA.job
- c:\users\piserius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-12 05:47]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 13:27	509952	----a-w-	c:\windows\System32\ntshrui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
homegrouplistener

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-SearchSettings - c:\program files (x86)\pdfforge Toolbar\SearchSettings.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
AddRemove-PC Translator - c:\users\piserius\AppData\Local\Temp\UN32.EXE
AddRemove-RadLight APE DirectShow filter - c:\windows\system32\RadLightAPEUninstall.exe


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3272508772-2545286518-2963466812-1001\Software\SecuROM\License information*]
"datasecu"=hex:34,1e,74,c6,27,34,92,75,e5,12,70,76,fb,ed,60,78,08,66,f5,aa,b8,
   2f,8d,25,ab,b4,eb,75,9c,c6,8b,0f,cc,b6,c9,35,c5,d3,f3,62,8a,53,ea,11,4b,34,\
"rkeysecu"=hex:2f,71,e8,43,a1,29,dc,52,f5,e8,a9,0e,97,c0,25,c5

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
.
**************************************************************************
.
Celkový čas: 2011-02-22  21:12:01 - počítač byl restartován
ComboFix-quarantined-files.txt  2011-02-22 20:12

Před spuštěním: Volných bajtů: 277 166 739 456
Po spuštění: Volných bajtů: 375 819 444 224

- - End Of File - - AE34AB8120B823F05A442580208BB7FB

Re: log Hijack

Napsal: 22 úno 2011 21:31
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Folder::
C:\Program Files (x86)\pdfforge Toolbar

Registry::
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek

Re: log Hijack

Napsal: 22 úno 2011 21:53
od piserius
Zde log:

Kód: Vybrat vše

ComboFix 11-02-22.01 - piserius 22.02.2011  21:42:30.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1029.18.4092.2702 [GMT 1:00]
Spuštěný z: c:\users\piserius\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\piserius\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((   Soubory vytvořené od 2011-01-22 do 2011-02-22  )))))))))))))))))))))))))))))))
.

2011-02-22 20:46 . 2011-02-22 20:46	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-02-22 19:28 . 2011-02-22 19:28	--------	d-----w-	c:\windows\system32\SPReview
2011-02-22 19:27 . 2011-02-22 19:27	--------	d-----w-	c:\windows\system32\EventProviders
2011-02-22 19:19 . 2010-11-05 01:57	48976	----a-w-	c:\windows\system32\netfxperf.dll
2011-02-22 19:19 . 2010-11-05 01:57	1942856	----a-w-	c:\windows\system32\dfshim.dll
2011-02-22 19:17 . 2010-11-20 13:34	215936	----a-w-	c:\windows\system32\drivers\vhdmp.sys
2011-02-22 19:16 . 2010-11-20 13:27	86016	----a-w-	c:\windows\system32\TSpkg.dll
2011-02-22 19:15 . 2010-11-20 12:21	189952	----a-w-	c:\windows\SysWow64\wdscore.dll
2011-02-22 19:15 . 2010-11-20 12:17	209920	----a-w-	c:\windows\SysWow64\PkgMgr.exe
2011-02-22 19:15 . 2010-11-20 12:18	323072	----a-w-	c:\windows\SysWow64\drvstore.dll
2011-02-22 19:15 . 2010-11-20 12:18	257024	----a-w-	c:\windows\SysWow64\dpx.dll
2011-02-22 19:15 . 2010-11-20 12:21	363008	----a-w-	c:\windows\SysWow64\wbemcomn.dll
2011-02-22 19:15 . 2010-11-20 12:19	606208	----a-w-	c:\windows\SysWow64\wbem\fastprox.dll
2011-02-22 19:13 . 2010-11-20 13:27	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2011-02-22 19:13 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2011-02-22 19:13 . 2010-11-20 13:27	1225216	----a-w-	c:\windows\system32\wbem\wbemcore.dll
2011-02-22 19:13 . 2010-11-20 13:27	933376	----a-w-	c:\windows\system32\SmiEngine.dll
2011-02-22 19:13 . 2010-11-20 13:25	199168	----a-w-	c:\windows\system32\PkgMgr.exe
2011-02-22 19:12 . 2010-11-20 13:26	422912	----a-w-	c:\windows\system32\drvstore.dll
2011-02-22 19:12 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2011-02-22 19:04 . 2011-02-22 19:04	--------	d-----w-	c:\program files\trend micro
2011-02-22 19:04 . 2011-02-22 19:04	--------	d-----w-	C:\rsit
2011-02-22 19:01 . 2011-01-07 09:51	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-02-22 19:01 . 2011-01-07 06:01	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-02-22 18:46 . 2011-01-13 10:20	7844688	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA36FC5F-AB0D-4A77-9BA9-E710E99B6724}\mpengine.dll
2011-02-22 18:12 . 2010-12-17 11:40	715776	----a-w-	c:\windows\system32\kerberos.dll
2011-02-22 18:12 . 2010-12-17 07:07	542208	----a-w-	c:\windows\SysWow64\kerberos.dll
2011-02-22 18:12 . 2011-01-05 06:56	3129344	----a-w-	c:\windows\system32\win32k.sys
2011-01-30 08:28 . 2011-01-30 08:28	--------	d-----w-	c:\users\piserius\AppData\Local\LucasArts
2011-01-29 18:26 . 2011-01-29 18:26	--------	d-----w-	c:\program files (x86)\Freemake
2011-01-26 17:14 . 2011-01-26 17:14	--------	d-----w-	c:\program files\Tyrell
2011-01-26 14:19 . 2011-01-26 14:19	484160	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-22 19:35 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-02-22 19:35 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-02-06 20:00 . 2010-06-10 20:41	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2011-02-02 16:11 . 2010-06-10 20:17	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-01-15 11:03 . 2011-01-15 11:03	49079	----a-w-	c:\windows\SysWow64\RadLightAPEUninstall.exe
2011-01-13 09:34 . 2011-01-13 09:34	44032	----a-w-	c:\windows\system32\drivers\csrusb.sys
2011-01-13 09:34 . 2011-01-13 09:34	2053632	----a-w-	c:\windows\system32\drivers\CsrBtPort.sys
2011-01-08 19:19 . 2011-01-08 19:19	34032	----a-w-	c:\windows\system32\drivers\seehcri.sys
2011-01-08 19:19 . 2011-01-08 19:19	1490656	----a-w-	c:\windows\system32\WdfCoInstaller01007.dll
2011-01-08 19:18 . 2011-01-08 19:18	27176	----a-w-	c:\windows\system32\drivers\ggsemc.sys
2011-01-08 19:18 . 2011-01-08 19:18	13352	----a-w-	c:\windows\system32\drivers\ggflt.sys
2010-11-26 04:20 . 2010-11-26 04:20	8120320	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2010-11-26 03:19 . 2010-11-26 03:19	21610496	----a-w-	c:\windows\system32\atio6axx.dll
2010-11-26 03:02 . 2010-11-26 03:02	16702976	----a-w-	c:\windows\SysWow64\atioglxx.dll
2010-11-26 02:58 . 2010-11-26 02:58	143360	----a-w-	c:\windows\system32\atiapfxx.exe
2010-11-26 02:58 . 2010-11-26 02:58	550400	----a-w-	c:\windows\SysWow64\aticfx32.dll
2010-11-26 02:57 . 2010-11-26 02:57	648704	----a-w-	c:\windows\system32\aticfx64.dll
2010-11-26 02:54 . 2010-11-26 02:54	462848	----a-w-	c:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54 . 2010-11-26 02:54	478720	----a-w-	c:\windows\system32\atieclxx.exe
2010-11-26 02:54 . 2010-11-26 02:54	203776	----a-w-	c:\windows\system32\atiesrxx.exe
2010-11-26 02:53 . 2010-11-26 02:53	120320	----a-w-	c:\windows\system32\atitmm64.dll
2010-11-26 02:52 . 2010-11-26 02:52	423424	----a-w-	c:\windows\system32\atipdl64.dll
2010-11-26 02:52 . 2010-11-26 02:52	356352	----a-w-	c:\windows\SysWow64\atipdlxx.dll
2010-11-26 02:52 . 2010-11-26 02:52	278528	----a-w-	c:\windows\SysWow64\Oemdspif.dll
2010-11-26 02:52 . 2010-11-26 02:52	16384	----a-w-	c:\windows\system32\atimuixx.dll
2010-11-26 02:52 . 2010-11-26 02:52	59392	----a-w-	c:\windows\system32\atiedu64.dll
2010-11-26 02:52 . 2010-11-26 02:52	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2010-11-26 02:49 . 2010-11-26 02:49	4066816	----a-w-	c:\windows\SysWow64\atidxx32.dll
2010-11-26 02:40 . 2009-07-13 21:59	4794368	----a-w-	c:\windows\system32\atidxx64.dll
2010-11-26 02:30 . 2010-11-26 02:30	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2010-11-26 02:30 . 2010-11-26 02:30	4122624	----a-w-	c:\windows\SysWow64\atiumdag.dll
2010-11-26 02:30 . 2010-11-26 02:30	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2010-11-26 02:30 . 2010-11-26 02:30	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2010-11-26 02:30 . 2010-11-26 02:30	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2010-11-26 02:29 . 2010-11-26 02:29	6815232	----a-w-	c:\windows\system32\aticaldd64.dll
2010-11-26 02:29 . 2010-11-26 02:29	3217408	----a-w-	c:\windows\system32\atiumd6a.dll
2010-11-26 02:28 . 2010-11-26 02:28	5441024	----a-w-	c:\windows\SysWow64\aticaldd.dll
2010-11-26 02:24 . 2010-11-26 02:24	58880	----a-w-	c:\windows\system32\coinst.dll
2010-11-26 02:24 . 2010-11-26 02:24	5258240	----a-w-	c:\windows\system32\atiumd64.dll
2010-11-26 02:22 . 2010-11-26 02:22	3460096	----a-w-	c:\windows\SysWow64\atiumdva.dll
2010-11-26 02:17 . 2010-11-26 02:17	351232	----a-w-	c:\windows\system32\atiadlxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	249856	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2010-11-26 02:17 . 2010-11-26 02:17	14848	----a-w-	c:\windows\system32\atig6pxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	12800	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	12800	----a-w-	c:\windows\system32\atiglpxx.dll
2010-11-26 02:17 . 2010-11-26 02:17	31744	----a-w-	c:\windows\system32\atig6txx.dll
2010-11-26 02:16 . 2010-11-26 02:16	27136	----a-w-	c:\windows\SysWow64\atigktxx.dll
2010-11-26 02:16 . 2010-11-26 02:16	289792	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2010-11-26 02:16 . 2010-11-26 02:16	39936	----a-w-	c:\windows\system32\atiuxp64.dll
2010-11-26 02:15 . 2010-11-26 02:15	30720	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2010-11-26 02:15 . 2010-11-26 02:15	37888	----a-w-	c:\windows\system32\atiu9p64.dll
2010-11-26 02:15 . 2010-11-26 02:15	28672	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2010-11-26 02:15 . 2010-11-26 02:15	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2010-11-26 02:09 . 2010-11-26 02:09	53760	----a-w-	c:\windows\system32\atimpc64.dll
2010-11-26 02:09 . 2010-11-26 02:09	53760	----a-w-	c:\windows\system32\amdpcom64.dll
2010-11-26 02:09 . 2010-11-26 02:09	52736	----a-w-	c:\windows\SysWow64\atimpc32.dll
2010-11-26 02:09 . 2010-11-26 02:09	52736	----a-w-	c:\windows\SysWow64\amdpcom32.dll
.

(((((((((((((((((((((((((((((   SnapShot@2011-02-22_20.07.17   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-02-22 20:06	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-02-22 19:54	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-02-22 19:54	49152              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-02-22 20:06	49152              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-22 19:54	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-02-22 20:06	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-10 20:59 . 2011-02-22 20:08	41450              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-02-22 20:08	29846              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-10 20:12 . 2011-02-22 20:08	10114              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3272508772-2545286518-2963466812-1001_UserData.bin
+ 2009-07-14 04:46 . 2011-02-22 20:15	88160              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-06-10 20:12 . 2011-02-22 19:07	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-10 20:12 . 2011-02-22 20:12	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-10 20:12 . 2011-02-22 20:12	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-06-10 20:12 . 2011-02-22 19:07	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-22 20:10 . 2011-02-22 20:10	82944              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\78ce3fd89c50ab2d8d0ffc42ad838644\System.AddIn.Contract.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	79872              c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\09b65f9c3f78e6ef3e259af945e937b9\napcrypt.ni.dll
+ 2010-06-14 14:56 . 2011-02-22 20:46	7166              c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2010-06-14 14:56 . 2011-02-22 20:05	3005              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2010-06-14 14:56 . 2011-02-22 20:46	3005              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-02-22 20:06 . 2011-02-22 20:06	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-02-22 20:47 . 2011-02-22 20:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-02-22 20:47 . 2011-02-22 20:47	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-02-22 20:06 . 2011-02-22 20:06	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2011-02-22 20:12	615810              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-02-22 20:01	615810              c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2011-02-22 20:01	631054              c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2011-02-22 20:12	631054              c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-02-22 20:12	106190              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-02-22 20:01	106190              c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-02-22 20:12	121708              c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-02-22 20:01	121708              c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-02-22 20:46	317084              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-02-22 20:05	317084              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-22 20:12 . 2011-02-22 20:12	468992              c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\36ca2928b2191011831ab673861c6ac6\WsatConfig.ni.exe
+ 2011-02-22 20:12 . 2011-02-22 20:12	304128              c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\a3883e7fc1bd0fbc54761b26c2bc5483\TaskScheduler.ni.dll
+ 2011-02-22 20:11 . 2011-02-22 20:11	783360              c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\ee9a323861b378713f17421b0d98adb5\System.Messaging.ni.dll
+ 2011-02-22 20:11 . 2011-02-22 20:11	294400              c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\559a3dee015d005c199f3867b10f5bbc\System.IdentityModel.Selectors.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	889344              c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\ed852e32514b415cfb4ac81aef9ac0fd\System.AddIn.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	156672              c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\eadb7dd5fe85da92b491154484bc40e3\System.AddIn.Contract.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	525824              c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\04d794428d635f6a82ac57dd3d6f3628\SMSvcHost.ni.exe
+ 2011-02-22 20:12 . 2011-02-22 20:12	175104              c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\03d99e593bc94e308005a972667d7ca9\naphlpr.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	127488              c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\d95f343677c556b67e99818cc02f4214\napcrypt.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	584192              c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\22b5364c10d315a7f0a1fbd23f671c5a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-02-22 20:11 . 2011-02-22 20:11	659456              c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\21464de9aa1dce17c1f42044129a986e\EventViewer.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	321024              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\96a8bdafba9f9d3e33cd974bfaa67e58\WsatConfig.ni.exe
+ 2011-02-22 20:10 . 2011-02-22 20:10	245248              c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\99797e9500ed7bfa6b06063e7f017313\TaskScheduler.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	593408              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\9c17882ea083259c36cfd691f7c0835b\System.Messaging.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\5490e4be56d6b1a80586439ac8b09b77\System.IdentityModel.Selectors.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	633344              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\29c55874e34f9d5cd3ea739262f48adc\System.AddIn.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1bc1ee3c3aa45d28dcf4657bceb2fcb4\SMSvcHost.ni.exe
+ 2011-02-22 20:10 . 2011-02-22 20:10	114176              c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\3905ee11acabb6d202a69b8bfa3c91a0\naphlpr.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4a235e617ad0a4c3aecd3982f0e3c48a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	553472              c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\654c5baca16d72756296ab1d927ea4a8\EventViewer.ni.dll
+ 2011-02-22 20:09 . 2011-02-22 20:09	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\5f1a06c0108b2c81cde1dc491d74043d\ComSvcConfig.ni.exe
+ 2010-06-11 14:54 . 2011-02-22 20:46	1337968              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-06-11 14:54 . 2011-02-22 20:05	1337968              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-02-22 20:11 . 2011-02-22 20:11	1444352              c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\9b1d7533105a793af14b7b51cd5443af\System.IdentityModel.ni.dll
+ 2011-02-22 20:12 . 2011-02-22 20:12	7970304              c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\5d7e85e3ad81826e2e1d7131284c63fe\MIGUIControls.ni.dll
+ 2011-02-22 20:11 . 2011-02-22 20:11	1598976              c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\a04be0cabc675da23c6cdd970b50e3c5\Microsoft.Transactions.Bridge.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	1083392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\b4c60dd01be760ee0452df2c040de8fc\System.IdentityModel.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	6438912              c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\569e273efda8306ec7e22143d5285476\MIGUIControls.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\af058f98427f47670e70468a36d84ee4\Microsoft.Transactions.Bridge.ni.dll
+ 2011-02-22 20:11 . 2011-02-22 20:11	23913984              c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\ac74a0642981011a441823a762bfb3d8\System.ServiceModel.ni.dll
+ 2011-02-22 20:10 . 2011-02-22 20:10	17478656              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e2642bff810609f64343e53dddb6b59c\System.ServiceModel.ni.dll
.
-- Snímek resetován k současnému datu --
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20	442880	----a-w-	c:\windows\System32\ntshrui.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ektiv"="c:\program files\Ektiv_2.2.0\Ektiv2.exe" [2008-04-06 354304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ChangeFilterMerit"="c:\program files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\program files (x86)\NewSoft\Presto! PVR\Monitor.exe" [2008-08-08 153424]
"RCApp"="c:\program files (x86)\gigabyte\RCApp\U7000RCApp.exe" [2010-01-26 634368]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

R1 VD_FileDisk;VD_FileDisk; [x]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 12800]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 491088]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 339536]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 107904]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 61440]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 97856]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-06-10 18432]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-06-10 8704]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 30088]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 CsrBtPort;Csr Bluetooth Device Driver;c:\windows\system32\DRIVERS\CsrBtPort.sys [2011-01-13 2053632]
R3 csrusb;CSR USB driver for Bluetooth dongle;c:\windows\system32\Drivers\csrusb.sys [2011-01-13 44032]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 530496]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 34304]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-06-11 1038088]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 55376]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-08 13352]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-06-10 31232]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2010-11-20 78720]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 410496]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 78848]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 273792]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 27016]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 114752]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 106560]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 115776]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 35392]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 155008]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 31104]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 140672]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 51264]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 166272]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1524816]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 128592]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 29696]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-14 13824]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 80464]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-14 93184]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 39424]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 40960]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 64592]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-14 100352]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 31232]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 215936]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 161872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-14 27776]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-11 1255736]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1504256]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 21056]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 27008]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 367696]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2010-11-20 459248]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 70224]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 223248]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14720]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2010-11-20 152960]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 15424]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 50768]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-20 46464]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 36432]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 71552]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2010-11-20 363392]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-20 514560]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 102400]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 24576]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 7680]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 8192]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 119296]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 88576]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-14 60928]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 113152]
S2 MCEBuddy;MCEBuddy Service;c:\program files\Tyrell\MCEBuddy\MCEBuddySvc.exe [2010-01-24 16384]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 651264]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3524608]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 45056]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 229888]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 90624]
S3 circlass;Uživatelská infračervená zařízení;c:\windows\system32\DRIVERS\circlass.sys [2009-07-14 45568]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 38912]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 982912]
S3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 31232]
S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [2007-07-13 24200]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 30208]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-14 77312]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 287744]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 128000]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-14 318976]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2011-01-08 34032]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 413184]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 167936]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 125440]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 48640]
S3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576]
S3 wbondir;Winbond CIR Transceiver;c:\windows\system32\DRIVERS\wbondir.sys [2007-03-20 56320]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 27136]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch	REG_MULTI_SZ   	Power PlugPlay DcomLaunch
wcssvc	REG_MULTI_SZ   	WcsPlugInService

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
sppuinotify

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalServiceNetworkRestricted
BthHFSrv

.
Obsah adresáře 'Naplánované úlohy'

2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001Core.job
- c:\users\piserius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-12 05:47]

2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3272508772-2545286518-2963466812-1001UA.job
- c:\users\piserius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-12 05:47]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 13:27	509952	----a-w-	c:\windows\System32\ntshrui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalSystemNetworkRestricted
homegrouplistener

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: {02B3FB44-FBF7-426E-BEC1-A351C6B958CE} = 8.8.8.8,208.67.222.222
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3272508772-2545286518-2963466812-1001\Software\SecuROM\License information*]
"datasecu"=hex:34,1e,74,c6,27,34,92,75,e5,12,70,76,fb,ed,60,78,08,66,f5,aa,b8,
   2f,8d,25,ab,b4,eb,75,9c,c6,8b,0f,cc,b6,c9,35,c5,d3,f3,62,8a,53,ea,11,4b,34,\
"rkeysecu"=hex:2f,71,e8,43,a1,29,dc,52,f5,e8,a9,0e,97,c0,25,c5

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
.
**************************************************************************
.
Celkový čas: 2011-02-22  21:52:21 - počítač byl restartován
ComboFix-quarantined-files.txt  2011-02-22 20:52
ComboFix2.txt  2011-02-22 20:12

Před spuštěním: Volných bajtů: 375 645 995 008
Po spuštění: Volných bajtů: 375 356 522 496

- - End Of File - - 9712B218FC3BBC1232B52DEE7B9F2BF1

Re: log Hijack

Napsal: 22 úno 2011 21:59
od Rudy
Log již vypadá čistý. Nastala nějaká změna?

Re: log Hijack

Napsal: 22 úno 2011 22:02
od piserius
Zatím jsem moc nezaregistroval, ale během zítřka náležitě vyzkouším.
Děkuji za pomoc.

Re: log Hijack

Napsal: 22 úno 2011 22:11
od Rudy
Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 4 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz