Prosím o kontrolu logu
Napsal: 21 črc 2011 04:19
ComboFix 11-07-20.05 - prostelow 21.07.2011 5:01.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1042 [GMT 2:00]
Spuštěný z: c:\users\prostelow\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.jar
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\programdata\mazuki.dll
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-21 do 2011-07-21 )))))))))))))))))))))))))))))))
.
.
2011-07-21 03:08 . 2011-07-21 03:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-21 00:31 . 2011-07-21 00:31 -------- d-----w- c:\users\Public\CyberLink
2011-07-21 00:31 . 2011-07-21 00:31 -------- d-----w- c:\users\prostelow\AppData\Roaming\CyberLink
2011-07-21 00:30 . 2011-07-21 00:30 -------- d-----w- c:\programdata\PDVD
2011-07-21 00:30 . 2011-07-21 00:31 -------- d-----w- c:\programdata\CyberLink
2011-07-21 00:30 . 2011-07-21 00:30 -------- d-----w- c:\users\prostelow\AppData\Local\MediaServer
2011-07-21 00:28 . 2011-07-21 00:28 -------- d-----w- c:\program files (x86)\CyberLink
2011-07-21 00:28 . 2011-07-21 00:28 -------- d-----w- c:\programdata\install_clap
2011-07-20 23:57 . 2011-07-21 00:53 -------- d-----w- c:\users\prostelow\AppData\Roaming\Media Player Classic
2011-07-20 23:56 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-07-20 23:56 . 2011-06-02 00:15 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-07-20 23:56 . 2011-06-02 00:10 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-07-20 23:56 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-07-20 23:56 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-07-20 23:56 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-07-20 23:56 . 2011-06-16 08:00 73216 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-07-20 23:56 . 2011-07-20 23:56 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-07-19 02:18 . 2011-03-21 19:22 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-07-19 02:18 . 2011-03-21 19:22 452200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-07-17 21:34 . 2011-07-17 21:34 -------- d-----w- c:\program files (x86)\Digital Transforms
2011-07-13 10:32 . 2011-07-13 10:32 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-07-12 19:04 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-07-12 18:49 . 2011-07-12 18:49 -------- d-----w- c:\programdata\Boss Media
2011-07-12 18:49 . 2011-07-12 18:49 -------- d-----w- c:\users\prostelow\AppData\Local\Boss Media
2011-07-12 18:48 . 2011-07-13 15:13 -------- d-----w- c:\program files (x86)\ParadisePoker
2011-07-10 20:04 . 2011-07-10 20:04 -------- d-----w- c:\program files\pokerstrip
2011-07-10 12:44 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-10 12:18 . 2011-07-20 23:51 -------- d-----w- c:\program files (x86)\VideoLAN
2011-07-09 16:55 . 2011-07-09 16:55 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-09 13:44 . 2011-07-09 13:44 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2011-07-09 11:53 . 2011-07-09 11:53 -------- d-----w- c:\users\prostelow\AppData\Roaming\Need for Speed World
2011-07-09 10:40 . 2011-07-09 10:40 -------- d-----w- c:\users\prostelow\AppData\Local\Electronic_Arts_Inc
2011-07-09 10:39 . 2011-07-09 10:39 -------- d-----w- c:\programdata\Electronic Arts
2011-07-09 10:39 . 2011-07-09 10:39 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-07-08 19:02 . 2011-07-08 19:02 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2011-07-07 11:33 . 2011-07-18 22:34 -------- d-----w- c:\program files (x86)\TableNinja
2011-07-06 23:50 . 2011-07-06 23:51 -------- d-----w- c:\program files (x86)\Polda 5
2011-07-06 23:49 . 2011-07-06 23:49 -------- d-----w- c:\program files (x86)\Polda 4
2011-07-06 23:49 . 2011-07-06 23:49 -------- d-----w- c:\program files (x86)\Polda
2011-07-06 23:45 . 2011-07-06 23:48 -------- d-----w- c:\program files (x86)\Polda 3
2011-07-06 23:43 . 2011-07-06 23:43 -------- d-----w- c:\program files (x86)\Polda 2
2011-07-06 15:59 . 2011-07-06 15:59 -------- d-----w- c:\users\prostelow\AppData\Local\In_The_Money_LLC
2011-07-06 15:59 . 2011-07-06 16:15 -------- d-----w- c:\users\prostelow\AppData\Local\In The Money
2011-07-06 15:59 . 2011-07-06 15:59 -------- d-----w- c:\program files (x86)\In The Money
2011-07-03 14:18 . 2011-07-03 14:18 -------- d-----w- C:\TopCD
2011-07-03 12:11 . 2011-07-03 12:26 -------- d-----w- C:\HMArchive
2011-07-03 12:02 . 2011-07-19 02:30 -------- d-----w- c:\users\postgres
2011-07-03 12:00 . 2011-07-03 12:00 -------- d-----w- c:\program files (x86)\PostgreSQL
2011-07-03 11:56 . 2011-07-03 11:58 -------- d-----w- C:\PSQLINSTALL
2011-07-03 11:56 . 2011-07-03 11:56 -------- d-----w- c:\program files (x86)\RVG Software
2011-07-03 03:35 . 2011-07-03 03:36 -------- d-----w- c:\program files (x86)\PokerShortcuts
2011-07-02 20:57 . 2011-07-19 17:43 -------- d-----w- c:\users\prostelow\AppData\Local\PokerStars
2011-07-02 20:55 . 2011-07-02 20:59 -------- d-----w- c:\program files (x86)\PokerStars
2011-07-02 18:00 . 2011-07-02 18:00 -------- d-----w- c:\users\prostelow\AppData\Local\P5
2011-07-02 18:00 . 2011-07-08 07:07 -------- d-----w- C:\bwinPoker JPC
2011-07-02 15:55 . 2011-07-02 15:55 -------- d-----w- c:\program files\PoselSmrti
2011-07-02 15:55 . 2011-07-03 05:11 -------- d-----w- c:\program files (x86)\PoselSmrti
2011-07-02 14:22 . 2011-07-02 14:23 -------- d-----w- c:\program files (x86)\Ve stínu havrana
2011-07-02 13:29 . 2011-07-02 13:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-07-02 13:29 . 2011-07-02 13:29 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-07-02 13:29 . 2011-07-02 13:29 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-07-02 13:29 . 2011-07-02 13:29 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-07-02 13:29 . 2011-07-02 13:29 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-07-02 12:09 . 2000-06-23 12:05 136704 ----a-w- c:\windows\SysWow64\iacenc.dll
2011-07-02 12:09 . 2000-06-23 08:37 142336 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\Npindeo.dll
2011-07-02 12:09 . 2000-06-22 11:09 56320 ------w- c:\windows\SysWow64\iyvu9_32.dll
2011-07-02 12:09 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\Ligos
2011-07-02 12:07 . 1998-10-29 17:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-02 12:06 . 2011-07-02 13:38 -------- d-----w- c:\program files\Ztracený Ostrov
2011-07-02 11:58 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\1C
2011-07-02 10:56 . 2011-07-02 15:20 -------- d-----w- c:\users\prostelow\AppData\Roaming\Broken Sword 2.5
2011-07-02 10:54 . 2011-07-02 10:55 -------- d-----w- c:\program files (x86)\Broken Sword 2.5
2011-07-02 09:20 . 2011-07-05 15:47 -------- d-----w- c:\program files (x86)\Centauri
2011-07-01 23:03 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\LostFellas
2011-07-01 20:49 . 2011-07-01 20:49 -------- d-----w- c:\program files (x86)\Error Games
2011-06-29 19:53 . 2011-07-20 18:05 -------- d-----w- c:\users\prostelow\AppData\Local\Share Rapid Poker
2011-06-28 13:14 . 2011-07-19 03:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-28 13:14 . 2011-06-28 13:16 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-24 08:52 . 2011-06-24 08:52 -------- d-----w- c:\users\prostelow\AppData\Roaming\Day 1 Studios
2011-06-24 08:05 . 2011-06-24 08:05 -------- d-----w- c:\program files (x86)\WB Games
2011-06-22 09:45 . 2011-06-24 07:38 -------- d-----w- c:\program files (x86)\Serious Sam HD - The Second Encounter
2011-06-21 15:44 . 2011-06-21 15:44 -------- d-----w- c:\users\prostelow\AppData\Local\4A Games
2011-06-21 15:42 . 2011-06-21 15:42 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-21 15:41 . 2011-06-21 15:42 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-20 14:44 . 2011-04-12 17:34 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-07-20 14:44 . 2011-03-16 18:47 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-07-19 12:08 . 2011-03-18 10:18 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-06-30 08:38 . 2011-01-06 16:37 92688 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 08:38 . 2011-01-06 16:37 41712 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38 . 2011-01-06 16:36 252344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38 . 2011-01-06 16:36 16016 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37 . 2010-12-29 00:42 285256 ----a-w- c:\windows\SysWow64\guard32.dll
2011-06-30 08:37 . 2010-12-29 00:42 363560 ----a-w- c:\windows\system32\guard64.dll
2011-06-29 09:46 . 2011-03-16 18:47 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-09 12:25 . 2011-06-09 12:25 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-08 19:47 . 2011-06-08 19:47 34064 ----a-w- c:\windows\SysWow64\lhacm.acm
2011-06-03 05:57 . 2011-07-12 19:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-25 04:26 . 2011-05-25 04:26 9359872 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:53 . 2011-05-25 03:53 23336960 ----a-w- c:\windows\system32\atio6axx.dll
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2011-05-25 03:07 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 03:06 . 2011-01-26 22:59 811008 ----a-w- c:\windows\system32\aticfx64.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:04 . 2011-05-25 03:04 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-05-25 03:02 . 2011-05-25 03:02 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-05-25 03:00 . 2011-05-25 03:00 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-05-25 02:59 . 2011-05-25 02:59 3810816 ----a-w- c:\windows\system32\atiumd6a.dll
2011-05-25 02:58 . 2011-05-25 02:58 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 02:50 . 2011-05-25 02:50 4017152 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-05-25 02:49 . 2009-07-13 21:59 5008384 ----a-w- c:\windows\system32\atidxx64.dll
2011-05-25 02:47 . 2011-05-25 02:47 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-05-25 02:47 . 2011-05-25 02:47 8489472 ----a-w- c:\windows\system32\aticaldd64.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-05-25 02:39 . 2011-05-25 02:39 4330496 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-05-25 02:33 . 2011-05-25 02:33 5486592 ----a-w- c:\windows\system32\atiumd64.dll
2011-05-25 02:26 . 2011-05-25 02:26 366592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-05-25 02:26 . 2011-05-25 02:26 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 309760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2011-01-26 22:12 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 02:24 . 2011-05-25 02:24 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 02:24 . 2011-05-25 02:24 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-05-25 02:24 . 2011-05-25 02:24 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:19 . 2011-01-26 22:20 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-03 05:29 . 2011-06-15 08:16 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 08:16 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-15 08:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-15 08:16 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-15 08:16 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:40 . 2011-06-15 08:16 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 02:39 . 2011-06-15 08:16 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:39 . 2011-06-15 08:16 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-25 05:33 . 2011-06-15 08:16 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:34 . 2011-06-15 08:16 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-23 01:29 . 2011-06-15 10:49 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 01:19 . 2011-06-15 10:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 23:35 . 2011-06-15 10:49 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-22 23:25 . 2011-06-15 10:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-22 22:15 . 2011-05-24 18:50 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2010-05-26 147456]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/07/21 02:30];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13302b8e-91c4-11e0-bdae-001617d515d5}]
\shell\AutoRun\command - F:\SPE4.part1.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3629636225-1037310863-750933646-1001Core.job
- c:\users\prostelow\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 09:18]
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3629636225-1037310863-750933646-1001UA.job
- c:\users\prostelow\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 09:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 9048392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = my.daemon-search.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 80.250.1.161 80.250.1.155
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-MiNODLogin - c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
AddRemove-Universal Replayer - c:\windows\system32\javaws.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\windows\SOUNDMAN.EXE
c:\advanced wheel mouse\wh_exec.exe
.
**************************************************************************
.
Celkový čas: 2011-07-21 05:16:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-21 03:16
.
Před spuštěním: Volných bajtů: 38 288 728 064
Po spuštění: Volných bajtů: 38 189 383 680
.
- - End Of File - - 47431FCA129233FA534AF4F2153AAA1D
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1042 [GMT 2:00]
Spuštěný z: c:\users\prostelow\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET\MiNODLogin
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.jar
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files (x86)\ESET\MiNODLogin\servidores.xml
c:\programdata\mazuki.dll
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-21 do 2011-07-21 )))))))))))))))))))))))))))))))
.
.
2011-07-21 03:08 . 2011-07-21 03:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-21 00:31 . 2011-07-21 00:31 -------- d-----w- c:\users\Public\CyberLink
2011-07-21 00:31 . 2011-07-21 00:31 -------- d-----w- c:\users\prostelow\AppData\Roaming\CyberLink
2011-07-21 00:30 . 2011-07-21 00:30 -------- d-----w- c:\programdata\PDVD
2011-07-21 00:30 . 2011-07-21 00:31 -------- d-----w- c:\programdata\CyberLink
2011-07-21 00:30 . 2011-07-21 00:30 -------- d-----w- c:\users\prostelow\AppData\Local\MediaServer
2011-07-21 00:28 . 2011-07-21 00:28 -------- d-----w- c:\program files (x86)\CyberLink
2011-07-21 00:28 . 2011-07-21 00:28 -------- d-----w- c:\programdata\install_clap
2011-07-20 23:57 . 2011-07-21 00:53 -------- d-----w- c:\users\prostelow\AppData\Roaming\Media Player Classic
2011-07-20 23:56 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2011-07-20 23:56 . 2011-06-02 00:15 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-07-20 23:56 . 2011-06-02 00:10 644608 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-07-20 23:56 . 2011-03-19 19:00 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-07-20 23:56 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2011-07-20 23:56 . 2008-09-24 18:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
2011-07-20 23:56 . 2011-06-16 08:00 73216 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-07-20 23:56 . 2011-07-20 23:56 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-07-19 02:18 . 2011-03-21 19:22 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-07-19 02:18 . 2011-03-21 19:22 452200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-07-17 21:34 . 2011-07-17 21:34 -------- d-----w- c:\program files (x86)\Digital Transforms
2011-07-13 10:32 . 2011-07-13 10:32 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-07-12 19:04 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-07-12 18:49 . 2011-07-12 18:49 -------- d-----w- c:\programdata\Boss Media
2011-07-12 18:49 . 2011-07-12 18:49 -------- d-----w- c:\users\prostelow\AppData\Local\Boss Media
2011-07-12 18:48 . 2011-07-13 15:13 -------- d-----w- c:\program files (x86)\ParadisePoker
2011-07-10 20:04 . 2011-07-10 20:04 -------- d-----w- c:\program files\pokerstrip
2011-07-10 12:44 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-10 12:18 . 2011-07-20 23:51 -------- d-----w- c:\program files (x86)\VideoLAN
2011-07-09 16:55 . 2011-07-09 16:55 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-09 13:44 . 2011-07-09 13:44 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2011-07-09 11:53 . 2011-07-09 11:53 -------- d-----w- c:\users\prostelow\AppData\Roaming\Need for Speed World
2011-07-09 10:40 . 2011-07-09 10:40 -------- d-----w- c:\users\prostelow\AppData\Local\Electronic_Arts_Inc
2011-07-09 10:39 . 2011-07-09 10:39 -------- d-----w- c:\programdata\Electronic Arts
2011-07-09 10:39 . 2011-07-09 10:39 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-07-08 19:02 . 2011-07-08 19:02 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2011-07-07 11:33 . 2011-07-18 22:34 -------- d-----w- c:\program files (x86)\TableNinja
2011-07-06 23:50 . 2011-07-06 23:51 -------- d-----w- c:\program files (x86)\Polda 5
2011-07-06 23:49 . 2011-07-06 23:49 -------- d-----w- c:\program files (x86)\Polda 4
2011-07-06 23:49 . 2011-07-06 23:49 -------- d-----w- c:\program files (x86)\Polda
2011-07-06 23:45 . 2011-07-06 23:48 -------- d-----w- c:\program files (x86)\Polda 3
2011-07-06 23:43 . 2011-07-06 23:43 -------- d-----w- c:\program files (x86)\Polda 2
2011-07-06 15:59 . 2011-07-06 15:59 -------- d-----w- c:\users\prostelow\AppData\Local\In_The_Money_LLC
2011-07-06 15:59 . 2011-07-06 16:15 -------- d-----w- c:\users\prostelow\AppData\Local\In The Money
2011-07-06 15:59 . 2011-07-06 15:59 -------- d-----w- c:\program files (x86)\In The Money
2011-07-03 14:18 . 2011-07-03 14:18 -------- d-----w- C:\TopCD
2011-07-03 12:11 . 2011-07-03 12:26 -------- d-----w- C:\HMArchive
2011-07-03 12:02 . 2011-07-19 02:30 -------- d-----w- c:\users\postgres
2011-07-03 12:00 . 2011-07-03 12:00 -------- d-----w- c:\program files (x86)\PostgreSQL
2011-07-03 11:56 . 2011-07-03 11:58 -------- d-----w- C:\PSQLINSTALL
2011-07-03 11:56 . 2011-07-03 11:56 -------- d-----w- c:\program files (x86)\RVG Software
2011-07-03 03:35 . 2011-07-03 03:36 -------- d-----w- c:\program files (x86)\PokerShortcuts
2011-07-02 20:57 . 2011-07-19 17:43 -------- d-----w- c:\users\prostelow\AppData\Local\PokerStars
2011-07-02 20:55 . 2011-07-02 20:59 -------- d-----w- c:\program files (x86)\PokerStars
2011-07-02 18:00 . 2011-07-02 18:00 -------- d-----w- c:\users\prostelow\AppData\Local\P5
2011-07-02 18:00 . 2011-07-08 07:07 -------- d-----w- C:\bwinPoker JPC
2011-07-02 15:55 . 2011-07-02 15:55 -------- d-----w- c:\program files\PoselSmrti
2011-07-02 15:55 . 2011-07-03 05:11 -------- d-----w- c:\program files (x86)\PoselSmrti
2011-07-02 14:22 . 2011-07-02 14:23 -------- d-----w- c:\program files (x86)\Ve stínu havrana
2011-07-02 13:29 . 2011-07-02 13:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-07-02 13:29 . 2011-07-02 13:29 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-07-02 13:29 . 2011-07-02 13:29 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-07-02 13:29 . 2011-07-02 13:29 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-07-02 13:29 . 2011-07-02 13:29 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-07-02 12:09 . 2000-06-23 12:05 136704 ----a-w- c:\windows\SysWow64\iacenc.dll
2011-07-02 12:09 . 2000-06-23 08:37 142336 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\Npindeo.dll
2011-07-02 12:09 . 2000-06-22 11:09 56320 ------w- c:\windows\SysWow64\iyvu9_32.dll
2011-07-02 12:09 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\Ligos
2011-07-02 12:07 . 1998-10-29 17:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-07-02 12:06 . 2011-07-02 13:38 -------- d-----w- c:\program files\Ztracený Ostrov
2011-07-02 11:58 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\1C
2011-07-02 10:56 . 2011-07-02 15:20 -------- d-----w- c:\users\prostelow\AppData\Roaming\Broken Sword 2.5
2011-07-02 10:54 . 2011-07-02 10:55 -------- d-----w- c:\program files (x86)\Broken Sword 2.5
2011-07-02 09:20 . 2011-07-05 15:47 -------- d-----w- c:\program files (x86)\Centauri
2011-07-01 23:03 . 2011-07-02 13:58 -------- d-----w- c:\program files (x86)\LostFellas
2011-07-01 20:49 . 2011-07-01 20:49 -------- d-----w- c:\program files (x86)\Error Games
2011-06-29 19:53 . 2011-07-20 18:05 -------- d-----w- c:\users\prostelow\AppData\Local\Share Rapid Poker
2011-06-28 13:14 . 2011-07-19 03:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-28 13:14 . 2011-06-28 13:16 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-24 08:52 . 2011-06-24 08:52 -------- d-----w- c:\users\prostelow\AppData\Roaming\Day 1 Studios
2011-06-24 08:05 . 2011-06-24 08:05 -------- d-----w- c:\program files (x86)\WB Games
2011-06-22 09:45 . 2011-06-24 07:38 -------- d-----w- c:\program files (x86)\Serious Sam HD - The Second Encounter
2011-06-21 15:44 . 2011-06-21 15:44 -------- d-----w- c:\users\prostelow\AppData\Local\4A Games
2011-06-21 15:42 . 2011-06-21 15:42 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-06-21 15:41 . 2011-06-21 15:42 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-20 14:44 . 2011-04-12 17:34 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-07-20 14:44 . 2011-03-16 18:47 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-07-19 12:08 . 2011-03-18 10:18 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-06-30 08:38 . 2011-01-06 16:37 92688 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 08:38 . 2011-01-06 16:37 41712 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38 . 2011-01-06 16:36 252344 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38 . 2011-01-06 16:36 16016 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37 . 2010-12-29 00:42 285256 ----a-w- c:\windows\SysWow64\guard32.dll
2011-06-30 08:37 . 2010-12-29 00:42 363560 ----a-w- c:\windows\system32\guard64.dll
2011-06-29 09:46 . 2011-03-16 18:47 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-09 12:25 . 2011-06-09 12:25 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-08 19:47 . 2011-06-08 19:47 34064 ----a-w- c:\windows\SysWow64\lhacm.acm
2011-06-03 05:57 . 2011-07-12 19:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-25 04:26 . 2011-05-25 04:26 9359872 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:53 . 2011-05-25 03:53 23336960 ----a-w- c:\windows\system32\atio6axx.dll
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2011-05-25 03:07 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 03:06 . 2011-01-26 22:59 811008 ----a-w- c:\windows\system32\aticfx64.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:04 . 2011-05-25 03:04 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-05-25 03:02 . 2011-05-25 03:02 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-05-25 03:00 . 2011-05-25 03:00 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-05-25 02:59 . 2011-05-25 02:59 3810816 ----a-w- c:\windows\system32\atiumd6a.dll
2011-05-25 02:58 . 2011-05-25 02:58 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 02:50 . 2011-05-25 02:50 4017152 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-05-25 02:49 . 2009-07-13 21:59 5008384 ----a-w- c:\windows\system32\atidxx64.dll
2011-05-25 02:47 . 2011-05-25 02:47 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-05-25 02:47 . 2011-05-25 02:47 8489472 ----a-w- c:\windows\system32\aticaldd64.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-05-25 02:39 . 2011-05-25 02:39 4330496 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-05-25 02:33 . 2011-05-25 02:33 5486592 ----a-w- c:\windows\system32\atiumd64.dll
2011-05-25 02:26 . 2011-05-25 02:26 366592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-05-25 02:26 . 2011-05-25 02:26 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 309760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2011-01-26 22:12 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 02:24 . 2011-05-25 02:24 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 02:24 . 2011-05-25 02:24 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-05-25 02:24 . 2011-05-25 02:24 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:19 . 2011-01-26 22:20 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-03 05:29 . 2011-06-15 08:16 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 08:16 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-15 08:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-15 08:16 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-15 08:16 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:40 . 2011-06-15 08:16 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 02:39 . 2011-06-15 08:16 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:39 . 2011-06-15 08:16 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-25 05:33 . 2011-06-15 08:16 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:34 . 2011-06-15 08:16 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-23 01:29 . 2011-06-15 10:49 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 01:19 . 2011-06-15 10:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 23:35 . 2011-06-15 10:49 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-22 23:25 . 2011-06-15 10:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-22 22:15 . 2011-05-24 18:50 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2010-05-26 147456]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/07/21 02:30];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13302b8e-91c4-11e0-bdae-001617d515d5}]
\shell\AutoRun\command - F:\SPE4.part1.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3629636225-1037310863-750933646-1001Core.job
- c:\users\prostelow\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 09:18]
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3629636225-1037310863-750933646-1001UA.job
- c:\users\prostelow\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 09:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 9048392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = my.daemon-search.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 80.250.1.161 80.250.1.155
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-MiNODLogin - c:\program files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe
AddRemove-Universal Replayer - c:\windows\system32\javaws.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\windows\SOUNDMAN.EXE
c:\advanced wheel mouse\wh_exec.exe
.
**************************************************************************
.
Celkový čas: 2011-07-21 05:16:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-21 03:16
.
Před spuštěním: Volných bajtů: 38 288 728 064
Po spuštění: Volných bajtů: 38 189 383 680
.
- - End Of File - - 47431FCA129233FA534AF4F2153AAA1D
