Zdravim, omylem jsem stál program, který každých 30 minut vypína PC. Z jíných stránek jsem zjistil, že se mu také říka "shutEkRdeB, a tak bych chtěl požádat o radu, jak tento problém odstranit... děkuji předem za pomoc!
Logfile of random's system information tool 1.08 (written by random/random)
Run by Marek at 2011-06-10 08:35:33
Microsoft Windows 7 Home Premium
System drive C: has 616 GB (88%) free of 700 GB
Total RAM: 3948 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:35:45, on 10.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110609195544.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1803563900-3525432830-1739163771-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1803563900-3525432830-1739163771-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA0E5E8C-DECB-4708-A415-1E79C32876D8}: NameServer = 10.106.4.1,10.106.33.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Služba programu Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14417 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {2A516BFC-7DAA-418E-BA60-4350B4388A17}
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2500
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {F702F18C-72B0-48F8-9CD8-56B410E6F01A}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\mcafee.com\agent\mcagent.exe" /runkey
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_7/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=5652.045EEB50.2000635352 /prefetch:3
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_7/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=5652.009E5FA0.1447953952 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll" --lang=cs --channel=5652.04758398.1930105114 /prefetch:4
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_2/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_500ms_queue_prefetch/DnsParallelism/parallel_7/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=5652.07D8C6F0.1993747553 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Marek\AppData\Local\Google\Chrome\APPLIC~1\120742~1.91\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Marek\AppData\Local\Google\Chrome\Application\12.0.742.91\gcswf32.dll" --lang=cs --channel=5652.07E950A0.1992789246 /prefetch:4 --flash-broker=6000
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Marek\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\At1.job
C:\Windows\tasks\At10.job
C:\Windows\tasks\At11.job
C:\Windows\tasks\At12.job
C:\Windows\tasks\At13.job
C:\Windows\tasks\At14.job
C:\Windows\tasks\At15.job
C:\Windows\tasks\At16.job
C:\Windows\tasks\At17.job
C:\Windows\tasks\At18.job
C:\Windows\tasks\At19.job
C:\Windows\tasks\At2.job
C:\Windows\tasks\At20.job
C:\Windows\tasks\At21.job
C:\Windows\tasks\At3.job
C:\Windows\tasks\At4.job
C:\Windows\tasks\At5.job
C:\Windows\tasks\At6.job
C:\Windows\tasks\At7.job
C:\Windows\tasks\At8.job
C:\Windows\tasks\At9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL [2011-03-11 283352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110609195544.dll [2011-04-14 82576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [2011-03-11 238056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-28 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110609195544.dll [2011-04-14 75848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14 609544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14 609544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-23 11725928]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-12-10 2186856]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-10-29 860040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-12-30 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-12-30 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-12-30 418328]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-11-26 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-11-26 379040]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"ICQ"=C:\Program Files (x86)\ICQ7.5\ICQ.exe [2011-06-10 124216]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-14 283160]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-04-05 1486392]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2010-11-12 296768]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-12-09 1025616]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-11 439568]
"MDS_Menu"=C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2010-12-10 177448]
"TaskTray"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-12-23 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-10 08:35:33 ----D---- C:\rsit
2011-06-10 08:35:33 ----D---- C:\Program Files\trend micro
2011-06-10 08:24:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-06-10 08:24:55 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-06-10 08:04:21 ----D---- C:\Users\Marek\AppData\Roaming\ICQ
2011-06-10 08:04:11 ----D---- C:\Program Files (x86)\ICQ7.5
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\wextract.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\url.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\msls31.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\mshta.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\inseng.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\icardie.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2011-06-09 15:16:57 ----A---- C:\Windows\SYSWOW64\admparse.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\wininet.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\wextract.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\webcheck.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\vbscript.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\urlmon.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\url.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\pngfilt.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\occache.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\msrating.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\msls31.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\mshtmler.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\mshtml.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\mshta.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\jscript9.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\jscript.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\inseng.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\imgutil.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iexpress.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieUnatt.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieui.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iesysprep.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iesetup.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iertutil.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iernonce.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iepeers.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieframe.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieapfltr.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieakui.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieaksie.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ieakeng.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\ie4uinit.exe
2011-06-09 15:16:57 ----A---- C:\Windows\system32\icardie.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\dxtrans.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\dxtmsft.dll
2011-06-09 15:16:57 ----A---- C:\Windows\system32\admparse.dll
2011-06-09 14:55:24 ----A---- C:\Windows\system32\MRT.exe
2011-06-09 08:32:49 ----D---- C:\Program Files (x86)\Call of Duty 2
2011-06-07 08:25:23 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-06-07 08:25:23 ----A---- C:\Windows\system32\wcncsvc.dll
2011-06-07 08:22:44 ----A---- C:\Windows\system32\browserchoice.exe
2011-06-06 19:52:35 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-06-06 19:50:03 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-06-06 19:50:02 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-06-06 19:50:02 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-06-06 19:50:02 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-06-06 19:50:01 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-06-06 19:50:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-06-06 19:50:01 ----A---- C:\Windows\system32\PresentationHost.exe
2011-06-06 19:50:01 ----A---- C:\Windows\system32\netfxperf.dll
2011-06-06 19:50:01 ----A---- C:\Windows\system32\mscoree.dll
2011-06-06 19:50:01 ----A---- C:\Windows\system32\dfshim.dll
2011-06-06 19:43:40 ----D---- C:\Windows\SYSWOW64\Wat
2011-06-06 19:43:40 ----D---- C:\Windows\system32\Wat
2011-06-06 08:03:25 ----D---- C:\Program Files (x86)\World of Warcraft
2011-06-06 08:02:02 ----D---- C:\Program Files (x86)\Stronghold Crusader
2011-06-06 08:01:24 ----D---- C:\Program Files (x86)\Heroes IV
2011-06-06 07:57:05 ----D---- C:\Program Files (x86)\CS
2011-06-04 15:05:11 ----D---- C:\Windows\SYSWOW64\NV
2011-06-04 15:05:11 ----D---- C:\Windows\system32\NV
2011-06-04 14:54:19 ----D---- C:\ProgramData\NVIDIA
2011-06-04 14:53:01 ----D---- C:\ProgramData\NVIDIA Corporation
2011-06-04 14:51:14 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-06-04 14:51:14 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2011-06-04 14:51:14 ----A---- C:\Windows\system32\nvwgf2umx.dll
2011-06-04 14:51:14 ----A---- C:\Windows\system32\nvumdshimx.dll
2011-06-04 14:51:14 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2011-06-04 14:51:13 ----A---- C:\Windows\SYSWOW64\nvoptimusmft.dll
2011-06-04 14:51:13 ----A---- C:\Windows\system32\nvoptimusmft.dll
2011-06-04 14:51:13 ----A---- C:\Windows\system32\nvoglv64.dll
2011-06-04 14:51:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-06-04 14:51:12 ----A---- C:\Windows\system32\nvinitx.dll
2011-06-04 14:51:12 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-06-04 14:51:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2011-06-04 14:51:11 ----A---- C:\Windows\system32\nvgenco642040.dll
2011-06-04 14:51:10 ----A---- C:\Windows\system32\nvdispco642090.dll
2011-06-04 14:51:09 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2011-06-04 14:51:08 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-06-04 14:51:08 ----A---- C:\Windows\system32\nvdecodemft.dll
2011-06-04 14:51:08 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-06-04 14:51:07 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-06-04 14:51:07 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-06-04 14:51:07 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-06-04 14:51:07 ----A---- C:\Windows\system32\nvcuvid.dll
2011-06-04 14:51:07 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-06-04 14:51:07 ----A---- C:\Windows\system32\nvcuda.dll
2011-06-04 14:51:06 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-06-04 14:51:06 ----A---- C:\Windows\system32\nvcompiler.dll
2011-06-04 14:51:05 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-06-04 14:51:05 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2011-06-04 14:51:05 ----A---- C:\Windows\system32\OpenCL.dll
2011-06-04 14:51:05 ----A---- C:\Windows\system32\nvapi64.dll
2011-06-04 14:28:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-06-04 14:28:03 ----A---- C:\Windows\system32\kerberos.dll
2011-06-04 14:27:54 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-06-04 14:27:54 ----A---- C:\Windows\system32\tzres.dll
2011-06-04 14:27:22 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-06-04 14:27:22 ----A---- C:\Windows\system32\poqexec.exe
2011-06-04 14:27:20 ----A---- C:\Windows\explorer.exe
2011-06-04 14:27:19 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-06-04 14:27:15 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-06-04 14:27:15 ----A---- C:\Windows\system32\EncDec.dll
2011-06-04 14:27:15 ----A---- C:\Windows\system32\CPFilters.dll
2011-06-04 14:27:14 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-06-04 14:27:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-06-04 14:27:14 ----A---- C:\Windows\system32\sbe.dll
2011-06-04 14:27:08 ----A---- C:\Windows\system32\taskschd.dll
2011-06-04 14:27:08 ----A---- C:\Windows\system32\taskeng.exe
2011-06-04 14:27:08 ----A---- C:\Windows\system32\schedsvc.dll
2011-06-04 14:27:07 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-06-04 14:27:07 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-06-04 14:27:07 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-06-04 14:27:07 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-06-04 14:27:07 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-06-04 14:27:07 ----A---- C:\Windows\system32\taskcomp.dll
2011-06-04 14:27:07 ----A---- C:\Windows\system32\schtasks.exe
2011-06-04 14:26:12 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-06-04 14:26:12 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-06-04 14:26:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-06-04 14:26:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-06-04 14:26:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-06-04 14:25:42 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-06-04 14:25:42 ----A---- C:\Windows\system32\upnp.dll
2011-06-04 14:25:42 ----A---- C:\Windows\system32\msxml6.dll
2011-06-04 14:25:42 ----A---- C:\Windows\system32\msxml3.dll
2011-06-04 14:25:41 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-06-04 14:25:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-06-04 14:25:41 ----A---- C:\Windows\system32\winhttp.dll
2011-06-04 14:25:41 ----A---- C:\Windows\system32\WebClnt.dll
2011-06-04 14:25:41 ----A---- C:\Windows\system32\davclnt.dll
2011-06-04 14:25:40 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-06-04 14:25:40 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-06-04 14:25:40 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-06-04 14:25:40 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-06-04 14:25:40 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-06-04 14:25:40 ----A---- C:\Windows\system32\wscsvc.dll
2011-06-04 14:25:40 ----A---- C:\Windows\system32\wscapi.dll
2011-06-04 14:25:40 ----A---- C:\Windows\system32\slwga.dll
2011-06-04 14:25:33 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-06-04 14:25:33 ----A---- C:\Windows\system32\XpsPrint.dll
2011-06-04 14:25:29 ----A---- C:\Windows\system32\win32k.sys
2011-06-04 14:25:23 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-06-04 14:25:23 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-06-04 14:25:23 ----A---- C:\Windows\system32\mfc42u.dll
2011-06-04 14:25:23 ----A---- C:\Windows\system32\mfc42.dll
2011-06-04 14:25:18 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-04 14:25:18 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-04 14:25:18 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-04 14:24:18 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-06-04 14:24:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-06-04 14:24:18 ----A---- C:\Windows\system32\atmlib.dll
2011-06-04 14:24:18 ----A---- C:\Windows\system32\atmfd.dll
2011-06-04 14:23:34 ----A---- C:\Windows\system32\winsrv.dll
2011-06-04 14:23:25 ----A---- C:\Windows\system32\d3d10warp.dll
2011-06-04 14:23:24 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-06-04 14:23:24 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-06-04 14:23:24 ----A---- C:\Windows\system32\DWrite.dll
2011-06-04 14:23:24 ----A---- C:\Windows\system32\d2d1.dll
2011-06-04 14:23:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-06-04 14:23:23 ----A---- C:\Windows\system32\FntCache.dll
2011-06-04 14:23:22 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-06-04 14:23:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-06-04 14:23:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-06-04 14:23:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-06-04 14:23:21 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-06-04 14:23:21 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-06-04 14:23:20 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-06-04 14:23:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-06-04 14:23:20 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-04 14:23:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-06-04 14:23:19 ----A---- C:\Windows\system32\cdd.dll
2011-06-04 14:23:10 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-06-04 14:23:10 ----A---- C:\Windows\system32\webio.dll
2011-06-04 14:23:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-06-04 14:23:05 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-06-04 14:23:01 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-06-04 14:23:01 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-06-04 14:23:01 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-06-04 14:23:01 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-06-04 14:23:01 ----A---- C:\Windows\system32\dnsapi.dll
2011-06-04 14:22:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-06-04 14:22:29 ----A---- C:\Windows\system32\ntdll.dll
2011-06-04 14:22:24 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-04 14:22:23 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-04 14:22:07 ----A---- C:\Windows\system32\winresume.exe
2011-06-04 14:22:07 ----A---- C:\Windows\system32\winload.exe
2011-06-04 14:22:06 ----A---- C:\Windows\system32\kdusb.dll
2011-06-04 14:22:06 ----A---- C:\Windows\system32\kdcom.dll
2011-06-04 14:22:06 ----A---- C:\Windows\system32\kd1394.dll
2011-06-04 14:21:59 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-06-04 14:21:55 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-06-04 14:21:55 ----A---- C:\Windows\system32\prevhost.exe
2011-06-04 14:21:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-06-04 14:21:50 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-06-04 14:21:50 ----A---- C:\Windows\system32\mstscax.dll
2011-06-04 14:21:50 ----A---- C:\Windows\system32\mstsc.exe
2011-06-04 14:21:48 ----A---- C:\Windows\system32\consent.exe
2011-06-04 14:21:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-04 14:21:44 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-04 14:21:44 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-04 14:21:44 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-06-04 14:21:37 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-06-04 14:21:37 ----A---- C:\Windows\system32\odbc32.dll
2011-06-04 14:15:20 ----D---- C:\Program Files\Common Files\Logitech
2011-06-04 14:15:18 ----D---- C:\Program Files\Logitech
2011-06-04 14:04:41 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-06-04 14:01:26 ----D---- C:\NVIDIA
2011-06-04 13:48:40 ----D---- C:\Program Files (x86)\Driver-Soft
2011-06-04 13:47:56 ----D---- C:\Users\Marek\AppData\Roaming\WinRAR
2011-06-04 13:47:52 ----D---- C:\Program Files\WinRAR
2011-06-04 10:41:30 ----D---- C:\LFS
2011-06-04 10:06:56 ----D---- C:\Program Files (x86)\GamePark
2011-06-04 10:01:24 ----D---- C:\Users\Marek\AppData\Roaming\Mozilla
2011-06-04 09:58:30 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2011-06-04 09:58:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_2.dll
2011-06-04 09:58:30 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-06-04 09:58:30 ----A---- C:\Windows\system32\x3daudio1_2.dll
2011-06-04 09:58:29 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2011-06-04 09:58:29 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2011-06-04 09:58:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2011-06-04 09:58:29 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-06-04 09:58:29 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-06-04 09:58:29 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-06-04 09:58:28 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-06-04 09:58:28 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2011-06-04 09:58:28 ----A---- C:\Windows\system32\xinput1_3.dll
2011-06-04 09:58:28 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-06-04 09:58:27 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2011-06-04 09:58:27 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2011-06-04 09:58:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2011-06-04 09:58:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-06-04 09:58:27 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-06-04 09:58:27 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-06-04 09:58:26 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2011-06-04 09:58:26 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2011-06-04 09:58:26 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-06-04 09:58:26 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-06-04 09:58:25 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2011-06-04 09:58:25 ----A---- C:\Windows\system32\d3dx10.dll
2011-06-04 09:58:23 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2011-06-04 09:58:23 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2011-06-04 09:58:23 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2011-06-04 09:58:23 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-06-04 09:58:23 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-06-04 09:58:23 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-06-04 09:58:23 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-06-04 09:58:23 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-06-04 09:58:22 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2011-06-04 09:58:22 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2011-06-04 09:58:22 ----A---- C:\Windows\system32\xinput1_2.dll
2011-06-04 09:58:22 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-06-04 09:58:21 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2011-06-04 09:58:21 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2011-06-04 09:58:21 ----A---- C:\Windows\system32\xinput1_1.dll
2011-06-04 09:58:21 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-06-04 09:58:13 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2011-06-04 09:58:13 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2011-06-04 09:58:13 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-06-04 09:58:13 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-06-04 09:58:13 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-06-04 09:58:13 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-06-04 09:58:12 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2011-06-04 09:58:12 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-06-04 09:58:12 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-06-04 09:58:12 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-06-04 09:58:11 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2011-06-04 09:58:11 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2011-06-04 09:58:11 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-06-04 09:58:11 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-06-04 09:58:10 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2011-06-04 09:58:10 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-06-04 09:58:09 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2011-06-04 09:58:09 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-06-04 09:56:53 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-06-04 09:56:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-06-04 09:56:49 ----A---- C:\Windows\game.ini
2011-06-04 09:43:06 ----D---- C:\Program Files (x86)\Activision
2011-06-04 09:38:25 ----SHD---- C:\Windows\ftpcache
2011-06-04 09:36:35 ----D---- C:\Users\Marek\AppData\Roaming\ts3overlay
2011-06-04 09:34:42 ----D---- C:\Users\Marek\AppData\Roaming\TS3Client
2011-06-04 09:31:18 ----A---- C:\Program Files (x86)\Uninstall.exe
2011-06-04 09:31:17 ----D---- C:\Program Files (x86)\pluginsdk
2011-06-04 09:31:16 ----D---- C:\Program Files (x86)\translations
2011-06-04 09:31:15 ----D---- C:\Program Files (x86)\styles
2011-06-04 09:31:13 ----D---- C:\Program Files (x86)\sound
2011-06-04 09:31:08 ----D---- C:\Program Files (x86)\soundbackends
2011-06-04 09:31:08 ----D---- C:\Program Files (x86)\plugins
2011-06-04 09:31:08 ----D---- C:\Program Files (x86)\imageformats
2011-06-04 09:31:08 ----D---- C:\Program Files (x86)\gfx
2011-06-04 09:31:08 ----D---- C:\Program Files (x86)\accessible
2011-06-04 09:23:08 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2011-06-04 09:22:26 ----D---- C:\Program Files (x86)\VLC
2011-06-04 09:12:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-04 08:33:42 ----D---- C:\Users\Marek\AppData\Roaming\PowerCinema
2011-06-04 07:46:08 ----D---- C:\ProgramData\VirtualizedApplications
2011-06-03 20:36:03 ----D---- C:\ProgramData\FarmFrenzy2
2011-06-03 19:55:03 ----D---- C:\Users\Marek\AppData\Roaming\SoftGrid Client
2011-06-03 19:54:10 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-06-03 19:54:05 ----D---- C:\Program Files\Microsoft Office
2011-06-03 19:54:05 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-06-03 19:53:38 ----D---- C:\Users\Marek\AppData\Roaming\TP
2011-06-03 19:42:19 ----D---- C:\ProgramData\Reflexive
2011-06-03 17:46:39 ----D---- C:\Program Files (x86)\Icy
2011-06-03 17:44:21 ----D---- C:\Program Files (x86)\Plants vs Zombies
2011-06-03 17:41:31 ----D---- C:\ProgramData\clear.fi
2011-06-03 17:10:30 ----D---- C:\Users\Marek\AppData\Roaming\Adobe
2011-06-03 16:50:31 ----AD---- C:\book
2011-06-03 16:49:49 ----D---- C:\Windows\cs
2011-06-03 16:49:24 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-06-03 16:48:58 ----D---- C:\Program Files (x86)\Windows Live
2011-06-03 16:48:47 ----D---- C:\Windows\PCHEALTH
2011-06-03 16:48:28 ----D---- C:\Program Files\Windows Live
2011-06-03 16:48:08 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-06-03 16:48:08 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-06-03 16:48:06 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-06-03 16:48:06 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-06-03 16:47:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2011-06-03 16:47:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-06-03 16:47:17 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2011-06-03 16:47:17 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-06-03 16:47:16 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2011-06-03 16:47:16 ----A---- C:\Windows\system32\UIRibbon.dll
2011-06-03 16:46:40 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-06-03 16:46:40 ----A---- C:\Windows\system32\mfps.dll
2011-06-03 16:46:39 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-06-03 16:46:39 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-06-03 16:46:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-06-03 16:46:38 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-06-03 16:46:38 ----A---- C:\Windows\system32\mf.dll
2011-06-03 16:45:11 ----D---- C:\Program Files (x86)\Microsoft Office
2011-06-03 16:39:05 ----D---- C:\Users\Marek\AppData\Roaming\Intel Corporation
2011-06-03 16:38:57 ----D---- C:\Users\Marek\AppData\Roaming\Macromedia
2011-06-03 16:38:34 ----D---- C:\Users\Marek\AppData\Roaming\Identities
2011-06-03 16:35:21 ----D---- C:\Users\Marek\AppData\Roaming\CyberLink
2011-06-03 16:34:35 ----SD---- C:\Users\Marek\AppData\Roaming\Microsoft
2011-06-03 16:34:35 ----D---- C:\Users\Marek\AppData\Roaming\Media Center Programs
2011-06-03 16:33:10 ----SHD---- C:\Recovery
======List of files/folders modified in the last 1 months======
2011-06-10 08:35:36 ----D---- C:\Windows\Temp
2011-06-10 08:35:33 ----RD---- C:\Program Files
2011-06-10 08:33:45 ----A---- C:\Windows\SYSWOW64\log.txt
2011-06-10 08:31:59 ----D---- C:\ProgramData\boost_interprocess
2011-06-10 08:31:45 ----D---- C:\Windows\system32\config
2011-06-10 08:24:55 ----RD---- C:\Program Files (x86)
2011-06-10 08:24:55 ----HD---- C:\ProgramData
2011-06-10 08:04:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-09 16:19:26 ----D---- C:\Windows\winsxs
2011-06-09 16:18:38 ----D---- C:\Program Files\Internet Explorer
2011-06-09 16:17:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-06-09 16:17:33 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-09 16:17:32 ----D---- C:\Windows\system32\cs-CZ
2011-06-09 16:17:30 ----D---- C:\Windows\SYSWOW64\migration
2011-06-09 16:17:30 ----D---- C:\Windows\SYSWOW64\en-US
2011-06-09 16:17:29 ----D---- C:\Windows\SysWOW64
2011-06-09 16:17:28 ----D---- C:\Windows\system32\migration
2011-06-09 16:17:28 ----D---- C:\Windows\system32\en-US
2011-06-09 16:17:28 ----D---- C:\Windows\PolicyDefinitions
2011-06-09 16:17:27 ----D---- C:\Windows\System32
2011-06-09 15:18:18 ----D---- C:\Windows\Logs
2011-06-09 15:18:17 ----D---- C:\Windows\servicing
2011-06-09 15:18:02 ----D---- C:\Windows\system32\catroot
2011-06-09 15:18:01 ----D---- C:\Windows\system32\catroot2
2011-06-09 15:03:15 ----D---- C:\Windows
2011-06-09 14:55:25 ----D---- C:\Windows\debug
2011-06-09 14:55:14 ----SHD---- C:\System Volume Information
2011-06-09 14:43:27 ----D---- C:\Windows\Tasks
2011-06-09 14:43:27 ----D---- C:\Windows\system32\Tasks
2011-06-09 14:23:26 ----SHD---- C:\Windows\Installer
2011-06-08 10:29:18 ----RSD---- C:\Windows\assembly
2011-06-08 10:29:18 ----D---- C:\Windows\Microsoft.NET
2011-06-08 08:31:43 ----D---- C:\Windows\inf
2011-06-08 08:31:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-07 08:36:22 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-07 08:35:20 ----D---- C:\Program Files\Windows Mail
2011-06-07 08:35:20 ----D---- C:\Program Files (x86)\Windows Mail
2011-06-07 08:35:14 ----D---- C:\Windows\system32\drivers
2011-06-07 08:35:14 ----D---- C:\Windows\AppPatch
2011-06-06 19:46:13 ----D---- C:\Windows\Prefetch
2011-06-06 19:43:37 ----D---- C:\Windows\system32\Boot
2011-06-06 19:39:31 ----D---- C:\Windows\system32\NDF
2011-06-04 17:06:42 ----AD---- C:\ProgramData\Temp
2011-06-04 15:06:21 ----D---- C:\Windows\system32\wdi
2011-06-04 14:54:20 ----RD---- C:\Users
2011-06-04 14:53:40 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-04 14:53:39 ----D---- C:\Windows\Help
2011-06-04 14:52:54 ----D---- C:\Windows\system32\DriverStore
2011-06-04 14:40:04 ----D---- C:\Windows\rescache
2011-06-04 14:32:24 ----D---- C:\Program Files\Windows Sidebar
2011-06-04 14:32:24 ----D---- C:\Program Files\Windows Media Player
2011-06-04 14:32:24 ----D---- C:\Program Files\Windows Journal
2011-06-04 14:32:23 ----D---- C:\Program Files\Windows Photo Viewer
2011-06-04 14:32:23 ----D---- C:\Program Files\Windows Defender
2011-06-04 14:32:23 ----D---- C:\Program Files\Common Files\System
2011-06-04 14:32:23 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-06-04 14:32:22 ----D---- C:\Windows\SYSWOW64\winrm
2011-06-04 14:32:22 ----D---- C:\Windows\SYSWOW64\slmgr
2011-06-04 14:32:22 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-06-04 14:32:22 ----D---- C:\Windows\SYSWOW64\migwiz
2011-06-04 14:32:22 ----D---- C:\Windows\SYSWOW64\en
2011-06-04 14:32:22 ----D---- C:\Windows\ehome
2011-06-04 14:32:22 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-06-04 14:32:22 ----D---- C:\Program Files (x86)\Windows Media Player
2011-06-04 14:32:22 ----D---- C:\Program Files (x86)\Windows Defender
2011-06-04 14:32:17 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2011-06-04 14:32:17 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-04 14:32:13 ----D---- C:\Windows\SYSWOW64\WCN
2011-06-04 14:32:13 ----D---- C:\Windows\SYSWOW64\wbem
2011-06-04 14:32:13 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-06-04 14:32:13 ----D---- C:\Windows\SYSWOW64\DriverStore
2011-06-04 14:32:13 ----D---- C:\Windows\SYSWOW64\Dism
2011-06-04 14:32:13 ----D---- C:\Windows\en-US
2011-06-04 14:32:12 ----D---- C:\Windows\system32\winrm
2011-06-04 14:32:12 ----D---- C:\Windows\system32\sysprep
2011-06-04 14:32:12 ----D---- C:\Windows\system32\slmgr
2011-06-04 14:32:12 ----D---- C:\Windows\system32\sk-SK
2011-06-04 14:32:12 ----D---- C:\Windows\system32\oobe
2011-06-04 14:32:12 ----D---- C:\Windows\system32\migwiz
2011-06-04 14:32:12 ----D---- C:\Windows\system32\en
2011-06-04 14:32:01 ----D---- C:\Windows\system32\drivers\en-US
2011-06-04 14:32:00 ----D---- C:\Windows\system32\WCN
2011-06-04 14:32:00 ----D---- C:\Windows\system32\Dism
2011-06-04 14:31:58 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-06-04 14:31:57 ----D---- C:\Windows\system32\wbem
2011-06-04 14:31:39 ----D---- C:\Program Files\DVD Maker
2011-06-04 14:31:25 ----D---- C:\Windows\Speech
2011-06-04 14:15:20 ----D---- C:\Program Files\Common Files
2011-06-04 12:35:08 ----D---- C:\ProgramData\McAfee
2011-06-04 09:56:51 ----D---- C:\Windows\system32\LogFiles
2011-06-04 09:34:45 ----D---- C:\Program Files (x86)\McAfee
2011-06-04 09:31:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-04 08:34:47 ----SD---- C:\ProgramData\Microsoft
2011-06-04 08:33:55 ----D---- C:\ProgramData\CyberLink
2011-06-03 19:54:06 ----D---- C:\Program Files (x86)\Common Files
2011-06-03 19:51:19 ----D---- C:\Windows\LiveKernelReports
2011-06-03 19:39:10 ----D---- C:\Windows\system32\drivers\UMDF
2011-06-03 16:53:37 ----D---- C:\Windows\SoftwareDistribution
2011-06-03 16:50:59 ----D---- C:\Windows\system32\OEM
2011-06-03 16:50:42 ----HD---- C:\OEM
2011-06-03 16:44:21 ----D---- C:\Windows\system32\restore
2011-06-03 16:43:41 ----AD---- C:\Windows\DeployWinRE2
2011-06-03 16:38:56 ----D---- C:\ProgramData\OEM
2011-06-03 16:38:31 ----SHD---- C:\$Recycle.Bin
2011-06-03 16:33:10 ----D---- C:\Windows\system32\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-14 437272]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2011-04-14 530304]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2011-04-14 283744]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-01-08 25576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-06-19 213888]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2011-04-14 75160]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2010-12-06 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2010-12-06 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2010-12-06 62584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-09 2377216]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2010-12-16 35368]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2010-12-12 85544]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2011-04-14 63056]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-12-23 12260000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-28 2688488]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-12-02 411688]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2011-04-14 121376]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2011-04-14 190520]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2011-04-14 441840]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2011-04-14 94992]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-07-17 109056]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McMPFSvc;McAfee Služba programu Personal Firewall; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-04-14 200056]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 1005160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-06-04 75136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-28 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-24 655624]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2010-10-07 509416]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-05 1255736]
S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Automatické vypínání pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Dobrý den 
Odinstalujte Spybot - Search & Destroy + všechny toolbary
Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
Odinstalujte Spybot - Search & Destroy + všechny toolbaryProgram nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
- Stáhneme si Combofix
- Program uložíme nejlépe na Plochu
- Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
- Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
- Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,) - Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
- Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
- Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
- Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
- Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
- (Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
ComboFix 11-06-09.06 - Marek 10.06.2011 9:12.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3948.2822 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
AV: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Uninstall.exe
c:\program files (x86)\update.exe
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-10 do 2011-06-10 )))))))))))))))))))))))))))))))
.
.
2011-06-10 07:16 . 2011-06-10 07:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- C:\rsit
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- c:\program files\trend micro
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-10 06:04 . 2011-06-10 06:06 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-06-09 06:32 . 2011-06-09 12:19 -------- d-----w- c:\program files (x86)\Call of Duty 2
2011-06-07 06:25 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-06-07 06:25 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-06-07 06:22 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-06-06 17:52 . 2011-06-06 17:52 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-06-06 17:50 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-06 17:50 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\SysWow64\Wat
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\system32\Wat
2011-06-06 06:03 . 2011-06-08 17:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-06-06 06:02 . 2011-06-06 06:03 -------- d-----w- c:\program files (x86)\Stronghold Crusader
2011-06-06 06:01 . 2011-06-06 06:01 -------- d-----w- c:\program files (x86)\Heroes IV
2011-06-06 05:57 . 2011-06-06 05:59 -------- d-----w- c:\program files (x86)\CS
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\SysWow64\NV
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\system32\NV
2011-06-04 12:54 . 2011-06-09 12:48 -------- d-----w- c:\users\UpdatusUser.Marek-PC
2011-06-04 12:54 . 2011-06-04 13:05 -------- d-----w- c:\programdata\NVIDIA
2011-06-04 12:53 . 2011-06-04 12:53 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-06-04 12:28 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-06-04 12:28 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-06-04 12:26 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-06-04 12:26 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-06-04 12:26 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-04 12:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-06-04 12:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-06-04 12:24 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-06-04 12:24 . 2011-02-19 05:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-06-04 12:24 . 2011-02-19 04:13 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-06-04 12:24 . 2011-02-19 03:37 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-06-04 12:22 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-06-04 12:21 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Common Files\Logitech
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Logitech
2011-06-04 12:04 . 2011-06-04 12:54 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-04 12:01 . 2011-06-04 12:01 -------- d-----w- C:\NVIDIA
2011-06-04 11:48 . 2011-06-04 11:48 -------- d-----w- c:\program files (x86)\Driver-Soft
2011-06-04 09:15 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-04 08:41 . 2011-06-04 08:55 -------- d-----w- C:\LFS
2011-06-04 08:06 . 2011-06-04 08:06 -------- d-----w- c:\program files (x86)\GamePark
2011-06-04 07:56 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-04 07:56 . 2011-06-05 08:22 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-06-04 07:56 . 2011-06-04 09:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-04 07:43 . 2011-06-04 07:43 -------- d-----w- c:\program files (x86)\Activision
2011-06-04 07:38 . 2011-06-04 07:38 -------- d-sh--w- c:\windows\ftpcache
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\translations
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\styles
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\sound
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\plugins
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\gfx
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\imageformats
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\accessible
2011-06-04 07:22 . 2011-06-04 07:22 -------- d-----w- c:\program files (x86)\VLC
2011-06-04 05:46 . 2011-06-04 12:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-06-03 18:36 . 2011-06-03 18:49 -------- d-----w- c:\programdata\FarmFrenzy2
2011-06-03 17:54 . 2011-06-03 17:54 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-06-03 17:42 . 2011-06-03 17:42 -------- d-----w- c:\programdata\Reflexive
2011-06-03 15:46 . 2011-06-03 15:46 -------- d-----w- c:\program files (x86)\Icy
2011-06-03 15:44 . 2011-06-03 15:44 -------- d-----w- c:\program files (x86)\Plants vs Zombies
2011-06-03 15:41 . 2011-06-10 07:02 -------- d-----w- c:\programdata\clear.fi
2011-06-03 14:50 . 2011-06-03 14:50 -------- d---a-w- C:\book
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\windows\cs
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-06-03 14:48 . 2011-06-05 08:15 -------- d-----w- c:\program files (x86)\Windows Live
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\windows\PCHEALTH
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\program files\Windows Live
2011-06-03 14:48 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-06-03 14:48 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-06-03 14:48 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-06-03 14:48 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-06-03 14:47 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-03 14:47 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-06-03 14:47 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-06-03 14:47 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-06-03 14:46 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2011-06-03 14:46 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2011-06-03 14:46 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2011-06-03 14:45 . 2011-06-03 14:45 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-06-03 14:44 . 2010-06-08 22:14 1821696 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Word.cs-cz\WordMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 1248016 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\PidGenX.dll
2011-06-03 14:44 . 2010-06-03 00:03 26604032 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2011-06-03 14:44 . 2010-06-08 22:14 50688 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Rosebud.cs-cz\RosebudMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 149352 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
2011-06-03 14:44 . 2010-06-03 00:04 3025408 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\Office64WW.msi
2011-06-03 14:44 . 2010-06-03 00:04 5789544 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\osetup.dll
2011-06-03 14:44 . 2010-06-08 22:14 653312 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.sk\Proof.msi
2011-06-03 14:44 . 2010-06-08 22:14 1811968 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Publisher.cs-cz\PublisherMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 656896 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.en\Proof.msi
2011-06-03 14:44 . 2010-05-15 07:33 663040 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.de\Proof.msi
2011-06-03 14:34 . 2011-06-06 17:45 -------- d-----w- c:\users\Marek
2011-06-03 14:33 . 2011-06-03 14:33 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 13:16 . 2011-06-09 13:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-06-09 13:16 . 2011-06-09 13:16 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-06-04 12:36 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 13:48 . 2011-05-10 13:48 11744512 ----a-w- c:\program files (x86)\ts3client_win64.exe
2011-05-10 13:48 . 2011-05-10 13:48 183040 ----a-w- c:\program files (x86)\error_report.exe
2011-04-14 12:01 . 2010-12-06 10:09 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-01-06 02:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-01-06 02:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-01-06 02:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 12:01 . 2010-01-06 02:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-01-06 02:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-01-06 02:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-03-18 15:51 . 2011-03-18 15:51 2830848 ----a-w- c:\program files (x86)\QtCore4.dll
2011-03-18 15:51 . 2011-03-18 15:51 1100800 ----a-w- c:\program files (x86)\QtNetwork4.dll
2011-03-18 15:51 . 2011-03-18 15:51 10370560 ----a-w- c:\program files (x86)\QtGui4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 07:13]
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 07:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-30 418328]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: Interfaces\{FA0E5E8C-DECB-4708-A415-1E79C32876D8}: NameServer = 10.106.4.1,10.106.33.1
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\fx9tnwiu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TaskTray - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-10 09:20:10
ComboFix-quarantined-files.txt 2011-06-10 07:20
.
Před spuštěním: Volných bajtů: 651 290 775 552
Po spuštění: Volných bajtů: 650 762 096 640
.
- - End Of File - - 5EA428CE4C0FDA012DF0BA31C21E95A2
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3948.2822 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
AV: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Uninstall.exe
c:\program files (x86)\update.exe
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-10 do 2011-06-10 )))))))))))))))))))))))))))))))
.
.
2011-06-10 07:16 . 2011-06-10 07:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- C:\rsit
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- c:\program files\trend micro
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-10 06:04 . 2011-06-10 06:06 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-06-09 06:32 . 2011-06-09 12:19 -------- d-----w- c:\program files (x86)\Call of Duty 2
2011-06-07 06:25 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-06-07 06:25 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-06-07 06:22 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-06-06 17:52 . 2011-06-06 17:52 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-06-06 17:50 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-06 17:50 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\SysWow64\Wat
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\system32\Wat
2011-06-06 06:03 . 2011-06-08 17:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-06-06 06:02 . 2011-06-06 06:03 -------- d-----w- c:\program files (x86)\Stronghold Crusader
2011-06-06 06:01 . 2011-06-06 06:01 -------- d-----w- c:\program files (x86)\Heroes IV
2011-06-06 05:57 . 2011-06-06 05:59 -------- d-----w- c:\program files (x86)\CS
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\SysWow64\NV
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\system32\NV
2011-06-04 12:54 . 2011-06-09 12:48 -------- d-----w- c:\users\UpdatusUser.Marek-PC
2011-06-04 12:54 . 2011-06-04 13:05 -------- d-----w- c:\programdata\NVIDIA
2011-06-04 12:53 . 2011-06-04 12:53 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-06-04 12:28 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-06-04 12:28 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-06-04 12:26 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-06-04 12:26 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-06-04 12:26 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-04 12:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-06-04 12:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-06-04 12:24 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-06-04 12:24 . 2011-02-19 05:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-06-04 12:24 . 2011-02-19 04:13 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-06-04 12:24 . 2011-02-19 03:37 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-06-04 12:22 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-06-04 12:21 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Common Files\Logitech
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Logitech
2011-06-04 12:04 . 2011-06-04 12:54 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-04 12:01 . 2011-06-04 12:01 -------- d-----w- C:\NVIDIA
2011-06-04 11:48 . 2011-06-04 11:48 -------- d-----w- c:\program files (x86)\Driver-Soft
2011-06-04 09:15 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-04 08:41 . 2011-06-04 08:55 -------- d-----w- C:\LFS
2011-06-04 08:06 . 2011-06-04 08:06 -------- d-----w- c:\program files (x86)\GamePark
2011-06-04 07:56 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-04 07:56 . 2011-06-05 08:22 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-06-04 07:56 . 2011-06-04 09:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-04 07:43 . 2011-06-04 07:43 -------- d-----w- c:\program files (x86)\Activision
2011-06-04 07:38 . 2011-06-04 07:38 -------- d-sh--w- c:\windows\ftpcache
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\translations
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\styles
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\sound
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\plugins
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\gfx
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\imageformats
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\accessible
2011-06-04 07:22 . 2011-06-04 07:22 -------- d-----w- c:\program files (x86)\VLC
2011-06-04 05:46 . 2011-06-04 12:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-06-03 18:36 . 2011-06-03 18:49 -------- d-----w- c:\programdata\FarmFrenzy2
2011-06-03 17:54 . 2011-06-03 17:54 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-06-03 17:42 . 2011-06-03 17:42 -------- d-----w- c:\programdata\Reflexive
2011-06-03 15:46 . 2011-06-03 15:46 -------- d-----w- c:\program files (x86)\Icy
2011-06-03 15:44 . 2011-06-03 15:44 -------- d-----w- c:\program files (x86)\Plants vs Zombies
2011-06-03 15:41 . 2011-06-10 07:02 -------- d-----w- c:\programdata\clear.fi
2011-06-03 14:50 . 2011-06-03 14:50 -------- d---a-w- C:\book
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\windows\cs
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-06-03 14:48 . 2011-06-05 08:15 -------- d-----w- c:\program files (x86)\Windows Live
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\windows\PCHEALTH
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\program files\Windows Live
2011-06-03 14:48 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-06-03 14:48 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-06-03 14:48 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-06-03 14:48 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-06-03 14:47 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-03 14:47 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-06-03 14:47 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-06-03 14:47 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-06-03 14:46 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2011-06-03 14:46 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2011-06-03 14:46 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2011-06-03 14:45 . 2011-06-03 14:45 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-06-03 14:44 . 2010-06-08 22:14 1821696 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Word.cs-cz\WordMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 1248016 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\PidGenX.dll
2011-06-03 14:44 . 2010-06-03 00:03 26604032 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2011-06-03 14:44 . 2010-06-08 22:14 50688 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Rosebud.cs-cz\RosebudMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 149352 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
2011-06-03 14:44 . 2010-06-03 00:04 3025408 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\Office64WW.msi
2011-06-03 14:44 . 2010-06-03 00:04 5789544 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\osetup.dll
2011-06-03 14:44 . 2010-06-08 22:14 653312 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.sk\Proof.msi
2011-06-03 14:44 . 2010-06-08 22:14 1811968 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Publisher.cs-cz\PublisherMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 656896 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.en\Proof.msi
2011-06-03 14:44 . 2010-05-15 07:33 663040 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.de\Proof.msi
2011-06-03 14:34 . 2011-06-06 17:45 -------- d-----w- c:\users\Marek
2011-06-03 14:33 . 2011-06-03 14:33 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 13:16 . 2011-06-09 13:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-06-09 13:16 . 2011-06-09 13:16 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-06-04 12:36 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 13:48 . 2011-05-10 13:48 11744512 ----a-w- c:\program files (x86)\ts3client_win64.exe
2011-05-10 13:48 . 2011-05-10 13:48 183040 ----a-w- c:\program files (x86)\error_report.exe
2011-04-14 12:01 . 2010-12-06 10:09 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-01-06 02:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-01-06 02:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-01-06 02:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 12:01 . 2010-01-06 02:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-01-06 02:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-01-06 02:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-03-18 15:51 . 2011-03-18 15:51 2830848 ----a-w- c:\program files (x86)\QtCore4.dll
2011-03-18 15:51 . 2011-03-18 15:51 1100800 ----a-w- c:\program files (x86)\QtNetwork4.dll
2011-03-18 15:51 . 2011-03-18 15:51 10370560 ----a-w- c:\program files (x86)\QtGui4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 07:13]
.
2011-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 07:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-30 418328]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: Interfaces\{FA0E5E8C-DECB-4708-A415-1E79C32876D8}: NameServer = 10.106.4.1,10.106.33.1
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\fx9tnwiu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TaskTray - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-10 09:20:10
ComboFix-quarantined-files.txt 2011-06-10 07:20
.
Před spuštěním: Volných bajtů: 651 290 775 552
Po spuštění: Volných bajtů: 650 762 096 640
.
- - End Of File - - 5EA428CE4C0FDA012DF0BA31C21E95A2
Re: Automatické vypínání pc
Bohužel antivir se v průběhu opět zapnul 
naštěstí snad nedošlo k žadnému poškození
naštěstí snad nedošlo k žadnému poškození-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Vidím 
jak se chová pc? vypíná se po 30 minutách? Ten AV jste asi blbě vypnul,ale navadí Jdu psát opravný script..
jak se chová pc? vypíná se po 30 minutách? Ten AV jste asi blbě vypnul,ale navadí Jdu psát opravný script..Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
našel jsem toto podle toho jsem blbec(což opravdu jsem,když jsem to spustil naivně),na druhou stranu dal jsem soubor zkontrolovat a AV nic nenašel (zřejmě budu muset pořídit lepší), tak bych se chtěl zeptat jestli to tak může být odstaněno
http://myego.cz/item/pubertalni-viry-na ... /webdesign
podle toho jsem blbec(což opravdu jsem,když jsem to spustil naivně),na druhou stranu dal jsem soubor zkontrolovat a AV nic nenašel (zřejmě budu muset pořídit lepší), tak bych se chtěl zeptat jestli to tak může být odstaněnohttp://myego.cz/item/pubertalni-viry-na ... /webdesign
Naposledy upravil(a) Parezak dne 10 čer 2011 08:58, celkem upraveno 1 x.
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Opět vypnout všechny rezidentní štíty Otevřeme si Poznámkový blok 
- (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
- Vložíme do něj následující script:
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] [HKEY_USERS\S-1-5-21-1803563900-3525432830-1739163771-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] DDS:: mStart Page = hxxp://acer.msn.com Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=- "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704] "Persistence"=- "AthBtTray"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=- "Norton Online Backup"=- "Adobe Reader Speed Launcher"=- "BackupManagerTray"=- File:: c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job C:\Windows\tasks\At1.job C:\Windows\tasks\At2.job C:\Windows\tasks\At3.job C:\Windows\tasks\At4.job C:\Windows\tasks\At5.job C:\Windows\tasks\At6.job C:\Windows\tasks\At7.job C:\Windows\tasks\At8.job C:\Windows\tasks\At9.job C:\Windows\tasks\At10.job C:\Windows\tasks\At11.job C:\Windows\tasks\At12.job C:\Windows\tasks\At13.job C:\Windows\tasks\At14.job C:\Windows\tasks\At15.job C:\Windows\tasks\At16.job C:\Windows\tasks\At17.job C:\Windows\tasks\At18.job C:\Windows\tasks\At19.job C:\Windows\tasks\At20.job C:\Windows\tasks\At21.job C:\Windows\tasks\At22.job Reboot:: - Soubor uložíme na Plochu jako CFScript.txt
- Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
- Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Jinak můžete zkusit podle toho návodu Ale já ty naplánované úlohy mazal At1-22 mrkněte pak do C:\windows\tasks ,zda zde nejsou nějaké Atxx.job
Ale já ty naplánované úlohy mazal At1-22 mrkněte pak do C:\windows\tasks ,zda zde nejsou nějaké Atxx.jobNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
Nejsou Děkuji za váš čas a práci a v případě, že by problém přetrval bych se opět ozval... děkuji!
Děkuji za váš čas a práci a v případě, že by problém přetrval bych se opět ozval... děkuji!-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
ještě proveďte ten Combofix se scriptem a vložte mi sem log neutíkejte mi
neutíkejte mi Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
Ah málem jsem zapoměl hned to bude
hned to bude-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Jasný čekám na vás žádné hrr hrr a pryč neskončili jsme
čekám na vás žádné hrr hrr a pryč neskončili jsme Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
No, tak tady, po 10 minutové snaze vypnou antivirus jsem to vzdal (trochu trapné ale mám tento pc par dní, takže se tu ještě moc neorientuji) a zde je tedy výsledek:
ComboFix 11-06-09.06 - Marek 10.06.2011 10:33:23.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3948.2669 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\CFScript.txt
AV: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\tasks\At1.job"
"c:\windows\tasks\At10.job"
"c:\windows\tasks\At11.job"
"c:\windows\tasks\At12.job"
"c:\windows\tasks\At13.job"
"c:\windows\tasks\At14.job"
"c:\windows\tasks\At15.job"
"c:\windows\tasks\At16.job"
"c:\windows\tasks\At17.job"
"c:\windows\tasks\At18.job"
"c:\windows\tasks\At19.job"
"c:\windows\tasks\At2.job"
"c:\windows\tasks\At20.job"
"c:\windows\tasks\At21.job"
"c:\windows\tasks\At22.job"
"c:\windows\tasks\At3.job"
"c:\windows\tasks\At4.job"
"c:\windows\tasks\At5.job"
"c:\windows\tasks\At6.job"
"c:\windows\tasks\At7.job"
"c:\windows\tasks\At8.job"
"c:\windows\tasks\At9.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-10 do 2011-06-10 )))))))))))))))))))))))))))))))
.
.
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- C:\rsit
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- c:\program files\trend micro
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-10 06:04 . 2011-06-10 06:06 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-06-09 06:32 . 2011-06-09 12:19 -------- d-----w- c:\program files (x86)\Call of Duty 2
2011-06-07 06:25 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-06-07 06:25 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-06-07 06:22 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-06-06 17:52 . 2011-06-06 17:52 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-06-06 17:50 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-06 17:50 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\SysWow64\Wat
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\system32\Wat
2011-06-06 06:03 . 2011-06-08 17:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-06-06 06:02 . 2011-06-06 06:03 -------- d-----w- c:\program files (x86)\Stronghold Crusader
2011-06-06 06:01 . 2011-06-06 06:01 -------- d-----w- c:\program files (x86)\Heroes IV
2011-06-06 05:57 . 2011-06-06 05:59 -------- d-----w- c:\program files (x86)\CS
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\SysWow64\NV
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\system32\NV
2011-06-04 12:54 . 2011-06-09 12:48 -------- d-----w- c:\users\UpdatusUser.Marek-PC
2011-06-04 12:54 . 2011-06-04 13:05 -------- d-----w- c:\programdata\NVIDIA
2011-06-04 12:53 . 2011-06-04 12:53 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-06-04 12:28 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-06-04 12:28 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-06-04 12:26 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-06-04 12:26 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-06-04 12:26 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-04 12:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-06-04 12:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-06-04 12:24 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-06-04 12:24 . 2011-02-19 05:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-06-04 12:24 . 2011-02-19 04:13 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-06-04 12:24 . 2011-02-19 03:37 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-06-04 12:22 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-06-04 12:21 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Common Files\Logitech
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Logitech
2011-06-04 12:04 . 2011-06-04 12:54 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-04 12:01 . 2011-06-04 12:01 -------- d-----w- C:\NVIDIA
2011-06-04 11:48 . 2011-06-04 11:48 -------- d-----w- c:\program files (x86)\Driver-Soft
2011-06-04 09:15 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-04 08:41 . 2011-06-04 08:55 -------- d-----w- C:\LFS
2011-06-04 08:06 . 2011-06-04 08:06 -------- d-----w- c:\program files (x86)\GamePark
2011-06-04 07:56 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-04 07:56 . 2011-06-05 08:22 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-06-04 07:56 . 2011-06-04 09:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-04 07:43 . 2011-06-04 07:43 -------- d-----w- c:\program files (x86)\Activision
2011-06-04 07:38 . 2011-06-04 07:38 -------- d-sh--w- c:\windows\ftpcache
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\translations
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\styles
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\sound
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\plugins
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\gfx
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\imageformats
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\accessible
2011-06-04 07:22 . 2011-06-04 07:22 -------- d-----w- c:\program files (x86)\VLC
2011-06-04 05:46 . 2011-06-04 12:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-06-03 18:36 . 2011-06-03 18:49 -------- d-----w- c:\programdata\FarmFrenzy2
2011-06-03 17:54 . 2011-06-03 17:54 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-06-03 17:42 . 2011-06-03 17:42 -------- d-----w- c:\programdata\Reflexive
2011-06-03 15:46 . 2011-06-03 15:46 -------- d-----w- c:\program files (x86)\Icy
2011-06-03 15:44 . 2011-06-03 15:44 -------- d-----w- c:\program files (x86)\Plants vs Zombies
2011-06-03 15:41 . 2011-06-10 07:26 -------- d-----w- c:\programdata\clear.fi
2011-06-03 14:50 . 2011-06-03 14:50 -------- d---a-w- C:\book
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\windows\cs
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-06-03 14:48 . 2011-06-05 08:15 -------- d-----w- c:\program files (x86)\Windows Live
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\windows\PCHEALTH
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\program files\Windows Live
2011-06-03 14:48 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-06-03 14:48 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-06-03 14:48 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-06-03 14:48 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-06-03 14:47 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-03 14:47 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-06-03 14:47 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-06-03 14:47 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-06-03 14:46 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2011-06-03 14:46 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2011-06-03 14:46 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2011-06-03 14:45 . 2011-06-03 14:45 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-06-03 14:44 . 2010-06-08 22:14 1821696 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Word.cs-cz\WordMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 1248016 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\PidGenX.dll
2011-06-03 14:44 . 2010-06-03 00:03 26604032 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2011-06-03 14:44 . 2010-06-08 22:14 50688 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Rosebud.cs-cz\RosebudMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 149352 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
2011-06-03 14:44 . 2010-06-03 00:04 3025408 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\Office64WW.msi
2011-06-03 14:44 . 2010-06-03 00:04 5789544 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\osetup.dll
2011-06-03 14:44 . 2010-06-08 22:14 653312 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.sk\Proof.msi
2011-06-03 14:44 . 2010-06-08 22:14 1811968 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Publisher.cs-cz\PublisherMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 656896 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.en\Proof.msi
2011-06-03 14:44 . 2010-05-15 07:33 663040 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.de\Proof.msi
2011-06-03 14:34 . 2011-06-06 17:45 -------- d-----w- c:\users\Marek
2011-06-03 14:33 . 2011-06-03 14:33 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 13:16 . 2011-06-09 13:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-06-09 13:16 . 2011-06-09 13:16 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-06-04 12:36 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 13:48 . 2011-05-10 13:48 11744512 ----a-w- c:\program files (x86)\ts3client_win64.exe
2011-05-10 13:48 . 2011-05-10 13:48 183040 ----a-w- c:\program files (x86)\error_report.exe
2011-04-14 12:01 . 2010-12-06 10:09 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-01-06 02:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-01-06 02:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-01-06 02:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 12:01 . 2010-01-06 02:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-01-06 02:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-01-06 02:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-03-18 15:51 . 2011-03-18 15:51 2830848 ----a-w- c:\program files (x86)\QtCore4.dll
2011-03-18 15:51 . 2011-03-18 15:51 1100800 ----a-w- c:\program files (x86)\QtNetwork4.dll
2011-03-18 15:51 . 2011-03-18 15:51 10370560 ----a-w- c:\program files (x86)\QtGui4.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-10_07.17.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-10 08:36 . 2011-06-10 08:36 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-06-10 06:30 . 2011-06-10 06:30 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2010-12-06 09:39 . 2011-06-10 08:14 35736 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-10 08:14 29070 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-24 12:49 . 2011-06-10 08:13 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-24 12:49 . 2011-06-10 07:16 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-24 12:49 . 2011-06-10 07:16 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-24 12:49 . 2011-06-10 08:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-10 08:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-10 07:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-03 14:36 . 2011-06-10 08:14 4314 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1803563900-3525432830-1739163771-1001_UserData.bin
- 2011-06-10 07:00 . 2011-06-10 07:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-10 08:37 . 2011-06-10 08:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-10 08:37 . 2011-06-10 08:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-10 07:00 . 2011-06-10 07:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-10 07:00 240696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-10 08:36 240696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-06-10 05:49 . 2011-06-10 08:36 587748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1803563900-3525432830-1739163771-1001-8192.dat
- 2011-06-10 05:49 . 2011-06-10 07:00 587748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1803563900-3525432830-1739163771-1001-8192.dat
- 2009-07-14 02:34 . 2011-06-10 07:11 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-06-10 08:28 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: Interfaces\{FA0E5E8C-DECB-4708-A415-1E79C32876D8}: NameServer = 10.106.4.1,10.106.33.1
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\fx9tnwiu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-06-10 10:42:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-10 08:42
ComboFix2.txt 2011-06-10 08:18
ComboFix3.txt 2011-06-10 07:20
.
Před spuštěním: Volných bajtů: 650 621 132 800
Po spuštění: Volných bajtů: 650 557 583 360
.
- - End Of File - - A360E72C3E8031003F564F38C327E03C
(trochu trapné ale mám tento pc par dní, takže se tu ještě moc neorientuji) a zde je tedy výsledek: ComboFix 11-06-09.06 - Marek 10.06.2011 10:33:23.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3948.2669 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\CFScript.txt
AV: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus a Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\tasks\At1.job"
"c:\windows\tasks\At10.job"
"c:\windows\tasks\At11.job"
"c:\windows\tasks\At12.job"
"c:\windows\tasks\At13.job"
"c:\windows\tasks\At14.job"
"c:\windows\tasks\At15.job"
"c:\windows\tasks\At16.job"
"c:\windows\tasks\At17.job"
"c:\windows\tasks\At18.job"
"c:\windows\tasks\At19.job"
"c:\windows\tasks\At2.job"
"c:\windows\tasks\At20.job"
"c:\windows\tasks\At21.job"
"c:\windows\tasks\At22.job"
"c:\windows\tasks\At3.job"
"c:\windows\tasks\At4.job"
"c:\windows\tasks\At5.job"
"c:\windows\tasks\At6.job"
"c:\windows\tasks\At7.job"
"c:\windows\tasks\At8.job"
"c:\windows\tasks\At9.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1803563900-3525432830-1739163771-1001UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-10 do 2011-06-10 )))))))))))))))))))))))))))))))
.
.
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-10 08:36 . 2011-06-10 08:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- C:\rsit
2011-06-10 06:35 . 2011-06-10 06:35 -------- d-----w- c:\program files\trend micro
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-10 06:24 . 2011-06-10 06:58 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-10 06:04 . 2011-06-10 06:06 -------- d-----w- c:\program files (x86)\ICQ7.5
2011-06-09 06:32 . 2011-06-09 12:19 -------- d-----w- c:\program files (x86)\Call of Duty 2
2011-06-07 06:25 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-06-07 06:25 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-06-07 06:22 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-06-06 17:52 . 2011-06-06 17:52 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-06-06 17:50 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-06 17:50 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-06 17:50 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-06-06 17:50 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-06-06 17:50 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-06-06 17:50 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\SysWow64\Wat
2011-06-06 17:43 . 2011-06-06 17:43 -------- d-----w- c:\windows\system32\Wat
2011-06-06 06:03 . 2011-06-08 17:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2011-06-06 06:02 . 2011-06-06 06:03 -------- d-----w- c:\program files (x86)\Stronghold Crusader
2011-06-06 06:01 . 2011-06-06 06:01 -------- d-----w- c:\program files (x86)\Heroes IV
2011-06-06 05:57 . 2011-06-06 05:59 -------- d-----w- c:\program files (x86)\CS
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\SysWow64\NV
2011-06-04 13:05 . 2011-06-06 17:45 -------- d-----w- c:\windows\system32\NV
2011-06-04 12:54 . 2011-06-09 12:48 -------- d-----w- c:\users\UpdatusUser.Marek-PC
2011-06-04 12:54 . 2011-06-04 13:05 -------- d-----w- c:\programdata\NVIDIA
2011-06-04 12:53 . 2011-06-04 12:53 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-06-04 12:28 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-06-04 12:28 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-06-04 12:26 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-06-04 12:26 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-06-04 12:26 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-06-04 12:26 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-04 12:26 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-06-04 12:26 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-06-04 12:24 . 2011-02-19 06:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-06-04 12:24 . 2011-02-19 05:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-06-04 12:24 . 2011-02-19 04:13 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-06-04 12:24 . 2011-02-19 03:37 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-06-04 12:22 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-06-04 12:21 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Common Files\Logitech
2011-06-04 12:15 . 2011-06-04 12:15 -------- d-----w- c:\program files\Logitech
2011-06-04 12:04 . 2011-06-04 12:54 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-04 12:01 . 2011-06-04 12:01 -------- d-----w- C:\NVIDIA
2011-06-04 11:48 . 2011-06-04 11:48 -------- d-----w- c:\program files (x86)\Driver-Soft
2011-06-04 09:15 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-04 08:41 . 2011-06-04 08:55 -------- d-----w- C:\LFS
2011-06-04 08:06 . 2011-06-04 08:06 -------- d-----w- c:\program files (x86)\GamePark
2011-06-04 07:56 . 2011-06-05 10:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-04 07:56 . 2011-06-05 08:22 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-06-04 07:56 . 2011-06-04 09:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-04 07:43 . 2011-06-04 07:43 -------- d-----w- c:\program files (x86)\Activision
2011-06-04 07:38 . 2011-06-04 07:38 -------- d-sh--w- c:\windows\ftpcache
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\translations
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\styles
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\sound
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\plugins
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\gfx
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\imageformats
2011-06-04 07:31 . 2011-06-04 07:31 -------- d-----w- c:\program files (x86)\accessible
2011-06-04 07:22 . 2011-06-04 07:22 -------- d-----w- c:\program files (x86)\VLC
2011-06-04 05:46 . 2011-06-04 12:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-06-03 18:36 . 2011-06-03 18:49 -------- d-----w- c:\programdata\FarmFrenzy2
2011-06-03 17:54 . 2011-06-03 17:54 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-06-03 17:42 . 2011-06-03 17:42 -------- d-----w- c:\programdata\Reflexive
2011-06-03 15:46 . 2011-06-03 15:46 -------- d-----w- c:\program files (x86)\Icy
2011-06-03 15:44 . 2011-06-03 15:44 -------- d-----w- c:\program files (x86)\Plants vs Zombies
2011-06-03 15:41 . 2011-06-10 07:26 -------- d-----w- c:\programdata\clear.fi
2011-06-03 14:50 . 2011-06-03 14:50 -------- d---a-w- C:\book
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\windows\cs
2011-06-03 14:49 . 2011-06-03 14:49 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-06-03 14:48 . 2011-06-05 08:15 -------- d-----w- c:\program files (x86)\Windows Live
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\windows\PCHEALTH
2011-06-03 14:48 . 2011-06-03 14:48 -------- d-----w- c:\program files\Windows Live
2011-06-03 14:48 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-06-03 14:48 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-06-03 14:48 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-06-03 14:48 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-06-03 14:47 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-03 14:47 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2011-06-03 14:47 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2011-06-03 14:47 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2011-06-03 14:47 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2011-06-03 14:46 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2011-06-03 14:46 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-06-03 14:46 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-03 14:46 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2011-06-03 14:46 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2011-06-03 14:45 . 2011-06-03 14:45 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-06-03 14:44 . 2010-06-08 22:14 1821696 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Word.cs-cz\WordMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 1248016 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\PidGenX.dll
2011-06-03 14:44 . 2010-06-03 00:03 26604032 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi
2011-06-03 14:44 . 2010-06-08 22:14 50688 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Rosebud.cs-cz\RosebudMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 149352 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
2011-06-03 14:44 . 2010-06-03 00:04 3025408 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\Office64WW.msi
2011-06-03 14:44 . 2010-06-03 00:04 5789544 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\SingleImage.WW\osetup.dll
2011-06-03 14:44 . 2010-06-08 22:14 653312 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.sk\Proof.msi
2011-06-03 14:44 . 2010-06-08 22:14 1811968 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Publisher.cs-cz\PublisherMUI.msi
2011-06-03 14:44 . 2010-06-03 00:04 656896 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.en\Proof.msi
2011-06-03 14:44 . 2010-05-15 07:33 663040 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\Proofing.cs-cz\Proof.de\Proof.msi
2011-06-03 14:34 . 2011-06-06 17:45 -------- d-----w- c:\users\Marek
2011-06-03 14:33 . 2011-06-03 14:33 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 13:16 . 2011-06-09 13:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-06-09 13:16 . 2011-06-09 13:16 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-06-04 12:36 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-10 13:48 . 2011-05-10 13:48 11744512 ----a-w- c:\program files (x86)\ts3client_win64.exe
2011-05-10 13:48 . 2011-05-10 13:48 183040 ----a-w- c:\program files (x86)\error_report.exe
2011-04-14 12:01 . 2010-12-06 10:09 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 12:01 . 2010-01-06 02:04 94992 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 12:01 . 2010-01-06 02:04 75160 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 63056 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 12:01 . 2010-01-06 02:04 530304 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 12:01 . 2010-01-06 02:04 441840 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 12:01 . 2010-01-06 02:04 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 12:01 . 2010-01-06 02:04 190520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 12:01 . 2010-01-06 02:04 121376 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-03-18 15:51 . 2011-03-18 15:51 2830848 ----a-w- c:\program files (x86)\QtCore4.dll
2011-03-18 15:51 . 2011-03-18 15:51 1100800 ----a-w- c:\program files (x86)\QtNetwork4.dll
2011-03-18 15:51 . 2011-03-18 15:51 10370560 ----a-w- c:\program files (x86)\QtGui4.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-10_07.17.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-10 08:36 . 2011-06-10 08:36 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-06-10 06:30 . 2011-06-10 06:30 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2010-12-06 09:39 . 2011-06-10 08:14 35736 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-10 08:14 29070 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-24 12:49 . 2011-06-10 08:13 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-24 12:49 . 2011-06-10 07:16 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-24 12:49 . 2011-06-10 07:16 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-24 12:49 . 2011-06-10 08:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-10 08:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-10 07:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-03 14:36 . 2011-06-10 08:14 4314 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1803563900-3525432830-1739163771-1001_UserData.bin
- 2011-06-10 07:00 . 2011-06-10 07:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-10 08:37 . 2011-06-10 08:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-10 08:37 . 2011-06-10 08:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-10 07:00 . 2011-06-10 07:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-10 07:00 240696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-10 08:36 240696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-06-10 05:49 . 2011-06-10 08:36 587748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1803563900-3525432830-1739163771-1001-8192.dat
- 2011-06-10 05:49 . 2011-06-10 07:00 587748 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1803563900-3525432830-1739163771-1001-8192.dat
- 2009-07-14 02:34 . 2011-06-10 07:11 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-06-10 08:28 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-04-05 1486392]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-04-14 149032]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: Interfaces\{FA0E5E8C-DECB-4708-A415-1E79C32876D8}: NameServer = 10.106.4.1,10.106.33.1
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\fx9tnwiu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-06-10 10:42:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-10 08:42
ComboFix2.txt 2011-06-10 08:18
ComboFix3.txt 2011-06-10 07:20
.
Před spuštěním: Volných bajtů: 650 621 132 800
Po spuštění: Volných bajtů: 650 557 583 360
.
- - End Of File - - A360E72C3E8031003F564F38C327E03C
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Automatické vypínání pc
Super...odinstalujeme CF..
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter
vložte mi RSIT na kontrolu..
Po vložení RSITu po sobě uklidíme..
T-Cleaner
TFC
po restartu..jak se chová
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte entervložte mi RSIT na kontrolu..
Po vložení RSITu po sobě uklidíme..
T-Cleaner
- Spustíme,zmáčkneme klávesu A a potvrdíme ENTER(některé antiviry mohou detekovat utilitu jako vir-jedá se o falešný poplach,proto IGNOROVAT nebo dočasně vypnout antivir )
- po použití T-Cleaner smažte
TFC
- Stáhneme a spustíme program
- Klikneme na Start a potvrdíme OK
- Program začne uklízet,poté restartuje pc
- po použití program smažte
po restartu..jak se chová
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Automatické vypínání pc
Bohužel, musím nyní neprodleně odejít, program jsem odinstaloval (nevím kde vzít RSIT, nic se mi neobjevilo) zbytek dodělám, až se vrátím... ještě jednou děkuji za pomoc
Přispějete na provoz fóra?