Zdravím všechny přítomné a zároveň Vás chci poprosit o pomoc.
Už několik dní mě trápí, že mi zamrzává ntb a pak nelze nic jiného než tvrdý reset. Skenem Avastu jsem zjistil, že mám virus Win32:KillApp-W(PUP), který se zašil do složky C:/HP/BIN/EndProcess.exe, bohužel ho nemohu nijak z ntb vyklepat. Nechci na to použít hrubou sílu, protože ntb byl dárek k vánocům od přítelkyně a to bych doma nerozchodil......
Předem děkuji za pomoc.
pokusím se přiložit aktuální log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2012-01-05 14:04:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 296 GB (85%) free of 349 GB
Total RAM: 6092 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:02, on 5.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\O2 Mobilni internet\O2 Mobilni internet.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{76EE9EE6-D854-48C9-95BA-3479A11EB291}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11699 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1149156d-b0dc-4fcc-827b-660258b6224d -SystemEventPortName:HostProcess-ef29a2ff-2b68-48aa-aba4-e5f7d5e4a312 -IoCancelEventPortName:HostProcess-1073523b-1f14-42a8-9bf7-bcd461130488 -NonStateChangingEventPortName:HostProcess-15b5a2e5-651c-4fcd-ae25-e56b6a3e353d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:976f07a5-7b87-4d7d-9d62-a0dbf343e243
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 14143888
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2508
"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c69cdd9a-1f29-4701-8362-6119bc4d6d9f -SystemEventPortName:HostProcess-a2fb9800-7b02-4239-a3bd-0b2fdae085b1 -IoCancelEventPortName:HostProcess-a2a4eded-2442-4394-832f-ae8bef64ae6b -NonStateChangingEventPortName:HostProcess-8d4b67ed-b77c-4558-a1cb-cd34426eb004 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f1912d1f-0949-4d88-a9b0-b57aef95d587
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {7519E64E-A146-4184-831E-88C8C39FBFA8}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\O2 Mobilni internet\O2 Mobilni internet.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Opera\opera.exe"
-Minimized
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Connection Manager</Title><Text>Wi-Fi: Aplikace je deaktivována
Bluetooth®: Aplikace je deaktivována
Síť LAN: Nepřipojeno</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</IconPath><ID>1</ID><Path>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</Path><Parameters>OpenMainWindow</Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhost.exe $(Arg0)
wmiadap.exe /F /T /R
"C:\Users\Petr\Desktop\Petr\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k SDRSVC
======Scheduled tasks folder======
C:\Windows\tasks\HPCeeScheduleForPetr.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17 1744200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17 1596232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-03-11 1128448]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2480936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-08 336384]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-15 94264]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-12-24 460872]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-01-03 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-05 14:04:53 ----D---- C:\rsit
2012-01-05 13:32:40 ----D---- C:\Program Files\CCleaner
2012-01-05 12:37:56 ----SHD---- C:\$RECYCLE.BIN
2012-01-05 11:17:50 ----A---- C:\Windows\zip.exe
2012-01-05 11:17:50 ----A---- C:\Windows\SWSC.exe
2012-01-05 11:17:50 ----A---- C:\Windows\SWREG.exe
2012-01-05 11:17:50 ----A---- C:\Windows\sed.exe
2012-01-05 11:17:50 ----A---- C:\Windows\PEV.exe
2012-01-05 11:17:50 ----A---- C:\Windows\NIRCMD.exe
2012-01-05 11:17:50 ----A---- C:\Windows\MBR.exe
2012-01-05 11:17:50 ----A---- C:\Windows\grep.exe
2012-01-05 11:17:47 ----D---- C:\Windows\ERDNT
2012-01-05 11:17:44 ----D---- C:\Výsledky testu Combofixu Qoobox
2012-01-05 08:37:02 ----D---- C:\Program Files\trend micro
2012-01-05 08:20:50 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-01-05 08:20:50 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-01-05 08:20:50 ----A---- C:\Windows\SYSWOW64\java.exe
2012-01-04 22:19:16 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-04 21:37:43 ----D---- C:\Program Files\7-Zip
2012-01-04 20:43:33 ----D---- C:\Program Files (x86)\Alcohol Soft
2012-01-04 19:40:05 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-01-04 19:12:33 ----A---- C:\Windows\system32\drivers\mod7700.sys
2012-01-04 19:12:33 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2012-01-04 19:12:33 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2012-01-04 19:12:33 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2012-01-04 18:40:50 ----D---- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-04 17:46:58 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-01-04 17:46:58 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-01-04 17:46:57 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-01-04 17:46:56 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-01-04 17:46:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-01-04 17:46:55 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-01-04 17:46:55 ----A---- C:\Windows\system32\aswBoot.exe
2012-01-04 17:46:38 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-01-04 16:53:32 ----A---- C:\Windows\system32\MRT.exe
2012-01-04 10:37:04 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-01-04 10:37:04 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-01-04 10:37:04 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-01-04 10:37:04 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-01-04 10:37:04 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-01-04 09:29:41 ----A---- C:\Windows\avastSS.scr
2012-01-04 09:29:35 ----D---- C:\ProgramData\AVAST Software
2012-01-04 09:29:35 ----D---- C:\Program Files\AVAST Software
2012-01-04 04:06:18 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-01-04 04:06:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-01-04 04:06:09 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2012-01-04 04:03:45 ----D---- C:\Windows\ehome
2012-01-04 04:02:14 ----SHD---- C:\System Volume Information
2012-01-04 00:17:22 ----D---- C:\Program Files (x86)\Opera
2012-01-04 00:03:57 ----D---- C:\Program Files (x86)\O2 Mobilni internet
2012-01-03 23:13:32 ----D---- C:\totalcmd
2012-01-03 23:05:35 ----D---- C:\Program Files (x86)\Valve
2012-01-03 23:02:52 ----D---- C:\Users\Petr\AppData\Roaming\VitySoft
2012-01-03 22:59:46 ----D---- C:\Program Files (x86)\PJsoft
2012-01-03 22:47:17 ----D---- C:\Users\Petr\AppData\Roaming\OpenOffice.org
2012-01-03 22:46:17 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-01-03 22:40:43 ----D---- C:\Program Files (x86)\WinRAR
2012-01-03 22:32:43 ----D---- C:\Users\Petr\AppData\Roaming\Macromedia
2012-01-03 22:32:42 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2012-01-03 22:32:36 ----D---- C:\Program Files (x86)\Ask.com
2012-01-03 22:32:18 ----D---- C:\Program Files (x86)\The KMPlayer
2012-01-03 22:00:29 ----D---- C:\Users\Petr\AppData\Roaming\WinRAR
2012-01-03 21:55:36 ----D---- C:\Users\Petr\AppData\Roaming\Opera
2012-01-03 21:53:41 ----D---- C:\Program Files (x86)\CCleaner
2012-01-03 21:50:47 ----D---- C:\ProgramData\Alwil Software
2012-01-03 21:50:47 ----D---- C:\Program Files\Alwil Software
2012-01-03 20:19:27 ----D---- C:\Users\Petr\AppData\Roaming\Malwarebytes
2012-01-03 20:19:21 ----D---- C:\ProgramData\Malwarebytes
2012-01-03 20:19:21 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-01-03 20:19:20 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-03 20:15:20 ----D---- C:\Users\Petr\AppData\Roaming\ATI
2012-01-03 20:14:19 ----D---- C:\Users\Petr\AppData\Roaming\Intel Corporation
2012-01-03 20:14:19 ----D---- C:\Users\Petr\AppData\Roaming\hpqLog
2012-01-03 20:14:18 ----D---- C:\Users\Petr\AppData\Roaming\Synaptics
2012-01-03 20:13:54 ----D---- C:\Users\Petr\AppData\Roaming\Identities
2012-01-03 20:12:11 ----D---- C:\Users\Petr\AppData\Roaming\Hewlett-Packard
2012-01-03 20:10:07 ----D---- C:\Users\Petr\AppData\Roaming\Media Center Programs
2012-01-03 20:10:06 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Šablony
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Plocha
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Oblíbené položky
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Nabídka Start
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Dokumenty
2012-01-03 20:09:56 ----SHD---- C:\ProgramData\Data aplikací
2012-01-03 20:07:38 ----ASH---- C:\pagefile.sys
2012-01-03 19:37:23 ----D---- C:\ProgramData\ATI
2012-01-03 19:36:07 ----ASH---- C:\hiberfil.sys
2012-01-03 19:29:53 ----D---- C:\Program Files (x86)\Microsoft
2012-01-03 19:28:47 ----D---- C:\Program Files (x86)\HP SimplePass 2011
2012-01-03 19:28:41 ----D---- C:\Program Files\Common Files\AuthenTec
2012-01-03 19:28:40 ----D---- C:\ProgramData\Downloaded Installations
2012-01-03 19:28:21 ----D---- C:\ProgramData\Norton
2012-01-03 19:28:03 ----D---- C:\ProgramData\NortonInstaller
2012-01-03 19:27:24 ----D---- C:\Program Files (x86)\CyberLink
2012-01-03 19:26:48 ----D---- C:\ProgramData\Temp
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\url.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-01-03 19:22:29 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\wininet.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\wextract.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\webcheck.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\vbscript.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\urlmon.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\url.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\pngfilt.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\occache.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\msrating.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\msls31.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\mshtmler.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\mshtmled.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\mshtml.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\mshta.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\msfeedssync.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\msfeeds.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\licmgr10.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\jscript9.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\jscript.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\inseng.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\imgutil.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iexpress.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieUnatt.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieui.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iesysprep.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iesetup.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iertutil.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iernonce.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iepeers.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieframe.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\iedkcs32.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieapfltr.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieapfltr.dat
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieakui.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieaksie.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ieakeng.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\ie4uinit.exe
2012-01-03 19:22:29 ----A---- C:\Windows\system32\icardie.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\dxtrans.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\dxtmsft.dll
2012-01-03 19:22:29 ----A---- C:\Windows\system32\admparse.dll
2012-01-03 19:21:59 ----D---- C:\Windows\Hewlett-Packard
2012-01-03 19:21:25 ----D---- C:\Windows\Driver Cache
2012-01-03 19:21:25 ----D---- C:\Program Files (x86)\HP
2012-01-03 19:20:23 ----A---- C:\Windows\system32\drivers\btwrchid.sys
2012-01-03 19:20:23 ----A---- C:\Windows\system32\drivers\btwl2cap.sys
2012-01-03 19:20:23 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2012-01-03 19:20:23 ----A---- C:\Windows\system32\drivers\btwampfl.sys
2012-01-03 19:20:22 ----A---- C:\Windows\system32\drivers\btwaudio.sys
2012-01-03 19:19:28 ----D---- C:\Program Files\WIDCOMM
2012-01-03 19:18:38 ----A---- C:\Windows\system32\bcmwlrc.dll
2012-01-03 19:18:38 ----A---- C:\Windows\system32\bcmwlcoi.dll
2012-01-03 19:18:37 ----A---- C:\Windows\system32\drivers\BCMWL664.SYS
2012-01-03 19:18:37 ----A---- C:\Windows\system32\bcmihvui64.dll
2012-01-03 19:18:37 ----A---- C:\Windows\system32\bcmihvsrv64.dll
2012-01-03 19:18:36 ----D---- C:\Program Files\Broadcom
2012-01-03 19:18:10 ----D---- C:\Program Files (x86)\Renesas Electronics
2012-01-03 19:17:25 ----D---- C:\Program Files\Validity Sensors
2012-01-03 19:17:07 ----D---- C:\Program Files\Synaptics
2012-01-03 19:16:13 ----D---- C:\Windows\SoftwareDistribution
2012-01-03 19:16:13 ----A---- C:\Windows\system32\RTNUninst64.dll
2012-01-03 19:16:13 ----A---- C:\Windows\system32\RtNicProp64.dll
2012-01-03 19:16:13 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2012-01-03 19:16:07 ----D---- C:\Windows\SYSWOW64\sda
2012-01-03 19:16:01 ----A---- C:\Windows\system32\drivers\RtsPStor.sys
2012-01-03 19:16:00 ----D---- C:\Program Files (x86)\Realtek
2012-01-03 19:16:00 ----A---- C:\Windows\SYSWOW64\RtsPStorIcon.dll
2012-01-03 19:15:51 ----A---- C:\Windows\system32\HPToneCtrls64.dll
2012-01-03 19:15:51 ----A---- C:\Windows\system32\AESTEC64.dll
2012-01-03 19:15:51 ----A---- C:\Windows\system32\AESTAR64.dll
2012-01-03 19:15:51 ----A---- C:\Windows\system32\AESTAC64.dll
2012-01-03 19:15:50 ----D---- C:\Windows\system32\SRSLabs
2012-01-03 19:15:50 ----A---- C:\Windows\system32\stlang64.dll
2012-01-03 19:15:50 ----A---- C:\Windows\system32\IDTNX.dll
2012-01-03 19:15:50 ----A---- C:\Windows\system32\IDTNJ.exe
2012-01-03 19:15:50 ----A---- C:\Windows\system32\IDTNHP.dll
2012-01-03 19:15:50 ----A---- C:\Windows\system32\IDTNGUI.exe
2012-01-03 19:15:50 ----A---- C:\Windows\system32\AESTCo64.dll
2012-01-03 19:15:50 ----A---- C:\Windows\sttray64.exe
2012-01-03 19:15:25 ----A---- C:\Windows\system32\staco64.dll
2012-01-03 19:15:25 ----A---- C:\Windows\system32\drivers\stwrt64.sys
2012-01-03 19:15:24 ----N---- C:\Windows\system32\stapi64.dll
2012-01-03 19:15:24 ----A---- C:\Windows\system32\stcplx64.dll
2012-01-03 19:15:24 ----A---- C:\Windows\system32\stapo64.dll
2012-01-03 19:15:21 ----D---- C:\Program Files\IDT
2012-01-03 19:15:18 ----D---- C:\Program Files\Common Files\Intel
2012-01-03 19:14:19 ----A---- C:\Windows\SYSWOW64\atipblup.dat
2012-01-03 19:14:19 ----A---- C:\Windows\system32\atipblup.dat
2012-01-03 19:13:41 ----D---- C:\Program Files\ATI
2012-01-03 19:13:39 ----D---- C:\Program Files (x86)\ATI Technologies
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igdumdx32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igdumd32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\iglhsip64.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\iglhcp64.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxtray.exe
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxTMM.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxsrvc.exe
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxsrvc.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxress.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxpph.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxpers.exe
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxext.exe
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxexps.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxdo.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxdev.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igfxcmrt64.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igdumd64.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\igdde64.dll
2012-01-03 19:13:14 ----A---- C:\Windows\system32\drivers\igdpmd64.sys
2012-01-03 19:13:14 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2012-01-03 19:13:13 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2012-01-03 19:13:13 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2012-01-03 19:13:13 ----A---- C:\Windows\system32\igd10umd64.dll
2012-01-03 19:13:13 ----A---- C:\Windows\system32\ig4icd64.dll
2012-01-03 19:13:13 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2012-01-03 19:13:13 ----A---- C:\Windows\system32\hkcmd.exe
2012-01-03 19:13:13 ----A---- C:\Windows\system32\hccutils.dll
2012-01-03 19:13:12 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2012-01-03 19:13:12 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2012-01-03 19:13:12 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2012-01-03 19:13:12 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll
2012-01-03 19:13:12 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2012-01-03 19:13:12 ----A---- C:\Windows\system32\GfxUI.exe
2012-01-03 19:13:12 ----A---- C:\Windows\system32\gfxSrvc.dll
2012-01-03 19:13:12 ----A---- C:\Windows\system32\difx64.exe
2012-01-03 19:13:12 ----A---- C:\Windows\system32\coinst.dll
2012-01-03 19:13:12 ----A---- C:\Windows\system32\atiuxp64.dll
2012-01-03 19:13:12 ----A---- C:\Windows\system32\atiumd6v.dll
2012-01-03 19:13:12 ----A---- C:\Windows\system32\atiumd6a.dll
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2012-01-03 19:13:11 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atiumd64.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atiu9p64.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atitmm64.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atipdl64.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atipblag.dat
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atio6axx.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atimuixx.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\atimpc64.dll
2012-01-03 19:13:11 ----A---- C:\Windows\system32\amdpcom64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2012-01-03 19:13:10 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2012-01-03 19:13:10 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2012-01-03 19:13:10 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atiicdxx.dat
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atig6txx.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atig6pxx.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atiesrxx.exe
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atiedu64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atieclxx.exe
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atidxx64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\ATIDEMGX.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\aticfx64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\aticalrt64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\aticaldd64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\aticalcl64.dll
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atibtmon.exe
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atiapfxx.exe
2012-01-03 19:13:10 ----A---- C:\Windows\system32\atiadlxx.dll
2012-01-03 19:13:06 ----A---- C:\Windows\system32\IntcDAuC.dll
2012-01-03 19:13:06 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2012-01-03 19:12:50 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2012-01-03 19:12:48 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-03 19:11:57 ----D---- C:\Program Files (x86)\Intel
2012-01-03 19:11:57 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2012-01-03 19:11:54 ----D---- C:\Intel
2012-01-03 19:08:35 ----AH---- C:\Windows\SYSWOW64\ezsidmv.dat
2012-01-03 19:07:35 ----D---- C:\Windows\Prefetch
======List of files/folders modified in the last 1 month======
2012-01-05 14:05:02 ----D---- C:\Windows\Temp
2012-01-05 14:02:33 ----D---- C:\Windows
2012-01-05 14:01:35 ----D---- C:\Windows\ModemLogs
2012-01-05 13:50:37 ----D---- C:\Windows\System32
2012-01-05 13:50:37 ----D---- C:\Windows\inf
2012-01-05 13:50:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-05 13:35:11 ----D---- C:\Windows\system32\config
2012-01-05 13:32:40 ----RD---- C:\Program Files
2012-01-05 11:23:21 ----A---- C:\Windows\system.ini
2012-01-05 11:23:17 ----D---- C:\Windows\system32\drivers\etc
2012-01-05 11:21:37 ----D---- C:\Windows\SYSWOW64\drivers
2012-01-05 11:21:37 ----D---- C:\Windows\SysWOW64
2012-01-05 11:21:37 ----D---- C:\Windows\system32\drivers
2012-01-05 11:21:37 ----D---- C:\Windows\AppPatch
2012-01-05 11:21:35 ----D---- C:\Program Files\Common Files
2012-01-05 11:21:35 ----D---- C:\Program Files (x86)\Common Files
2012-01-05 09:01:38 ----D---- C:\Windows\system32\catroot2
2012-01-05 08:30:34 ----D---- C:\Windows\Tasks
2012-01-05 08:30:34 ----D---- C:\Windows\system32\Tasks
2012-01-05 08:20:59 ----SHD---- C:\Windows\Installer
2012-01-05 08:20:48 ----D---- C:\Program Files (x86)\Java
2012-01-05 08:18:05 ----D---- C:\Windows\system32\NDF
2012-01-05 08:02:10 ----D---- C:\Windows\system32\wbem
2012-01-05 07:54:20 ----RSD---- C:\Windows\Fonts
2012-01-05 07:54:19 ----D---- C:\Windows\system32\wfp
2012-01-05 07:54:18 ----D---- C:\Windows\winsxs
2012-01-05 07:53:17 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-01-05 07:53:17 ----D---- C:\Windows\SYSWOW64\migration
2012-01-05 07:53:17 ----D---- C:\Windows\SYSWOW64\en-US
2012-01-05 07:53:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-01-05 07:53:17 ----D---- C:\Windows\system32\sk-SK
2012-01-05 07:53:17 ----D---- C:\Windows\system32\migration
2012-01-05 07:53:17 ----D---- C:\Windows\system32\en-US
2012-01-05 07:53:17 ----D---- C:\Windows\system32\cs-CZ
2012-01-05 07:53:17 ----D---- C:\Program Files\Internet Explorer
2012-01-05 07:53:17 ----D---- C:\Program Files\Common Files\System
2012-01-05 07:53:17 ----D---- C:\Program Files (x86)\Internet Explorer
2012-01-05 07:53:11 ----D---- C:\Windows\system32\DriverStore
2012-01-05 07:53:11 ----D---- C:\Windows\system32\CodeIntegrity
2012-01-05 07:53:11 ----D---- C:\Windows\servicing
2012-01-05 07:51:35 ----D---- C:\Windows\system32\catroot
2012-01-05 07:51:27 ----D---- C:\Windows\Microsoft.NET
2012-01-05 07:51:05 ----RSD---- C:\Windows\assembly
2012-01-05 07:50:44 ----SD---- C:\ProgramData\Microsoft
2012-01-05 07:50:36 ----RD---- C:\Program Files (x86)
2012-01-04 20:22:34 ----D---- C:\Windows\Panther
2012-01-04 20:22:34 ----D---- C:\Windows\Logs
2012-01-04 20:22:34 ----D---- C:\Windows\debug
2012-01-04 18:43:14 ----D---- C:\Windows\Help
2012-01-04 18:42:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-04 18:42:15 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-01-04 18:40:50 ----D---- C:\ProgramData
2012-01-04 16:47:56 ----D---- C:\Windows\system32\drivers\UMDF
2012-01-04 16:46:28 ----D---- C:\Windows\SYSWOW64\wbem
2012-01-04 16:46:28 ----D---- C:\Windows\SYSWOW64\en
2012-01-04 16:46:28 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2012-01-04 16:46:28 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2012-01-04 16:46:27 ----D---- C:\Windows\system32\en
2012-01-04 16:46:26 ----D---- C:\Windows\system32\drivers\sk-SK
2012-01-04 16:46:26 ----D---- C:\Windows\system32\drivers\en-US
2012-01-04 16:46:26 ----D---- C:\Windows\sk-SK
2012-01-04 16:46:26 ----D---- C:\Windows\en-US
2012-01-04 16:46:26 ----D---- C:\Program Files\Windows Mail
2012-01-04 16:46:26 ----D---- C:\Program Files (x86)\Windows Mail
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\winrm
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\WCN
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\slmgr
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\migwiz
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-01-04 16:45:55 ----D---- C:\Windows\SYSWOW64\Dism
2012-01-04 16:45:55 ----D---- C:\Windows\system32\winrm
2012-01-04 16:45:55 ----D---- C:\Windows\system32\WCN
2012-01-04 16:45:54 ----D---- C:\Windows\system32\sysprep
2012-01-04 16:45:54 ----D---- C:\Windows\system32\slmgr
2012-01-04 16:45:54 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-01-04 16:45:54 ----D---- C:\Windows\system32\oobe
2012-01-04 16:45:54 ----D---- C:\Windows\system32\migwiz
2012-01-04 16:45:54 ----D---- C:\Windows\system32\Dism
2012-01-04 16:45:54 ----D---- C:\Windows\system32\Boot
2012-01-04 16:45:54 ----D---- C:\Windows\Speech
2012-01-04 16:45:42 ----D---- C:\Windows\AppCompat
2012-01-04 16:45:42 ----D---- C:\ProgramData\WildTangent
2012-01-04 16:45:42 ----D---- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2012-01-04 16:45:39 ----D---- C:\ProgramData\Hewlett-Packard
2012-01-04 16:45:39 ----D---- C:\Program Files\Windows Sidebar
2012-01-04 16:45:39 ----D---- C:\Program Files\Windows Photo Viewer
2012-01-04 16:45:39 ----D---- C:\Program Files\Windows Media Player
2012-01-04 16:45:39 ----D---- C:\Program Files\Windows Defender
2012-01-04 16:45:38 ----D---- C:\Program Files\DVD Maker
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\Windows Media Player
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\Windows Defender
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\WildTangent Games
2012-01-04 16:45:38 ----D---- C:\Program Files (x86)\HP Games
2012-01-04 16:39:56 ----RD---- C:\Users
2012-01-04 04:05:55 ----A---- C:\Windows\CSUP.txt
2012-01-04 04:03:45 ----D---- C:\Program Files\Microsoft Games
2012-01-03 23:46:45 ----D---- C:\ProgramData\Adobe
2012-01-03 20:13:41 ----D---- C:\SWSetup
2012-01-03 20:12:04 ----RD---- C:\Program Files (x86)\Online Services
2012-01-03 20:11:00 ----D---- C:\Windows\system32\restore
2012-01-03 20:10:58 ----D---- C:\SYSTEM.SAV
2012-01-03 20:10:52 ----D---- C:\Windows\system32\Recovery
2012-01-03 20:10:52 ----D---- C:\Recovery
2012-01-03 20:09:56 ----D---- C:\Program Files\Windows NT
2012-01-03 20:09:34 ----D---- C:\Windows\rescache
2012-01-03 19:30:30 ----D---- C:\HP
2012-01-03 19:28:42 ----D---- C:\Windows\system32\WinBioDatabase
2012-01-03 19:23:49 ----D---- C:\Windows\PolicyDefinitions
2012-01-03 19:21:40 ----D---- C:\Program Files\Hewlett-Packard
2012-01-03 19:20:08 ----SD---- C:\Windows\system32\Microsoft
2012-01-03 19:18:42 ----D---- C:\Windows\system32\zh-TW
2012-01-03 19:18:42 ----D---- C:\Windows\system32\zh-HK
2012-01-03 19:18:42 ----D---- C:\Windows\system32\zh-CN
2012-01-03 19:18:42 ----D---- C:\Windows\system32\tr-TR
2012-01-03 19:18:42 ----D---- C:\Windows\system32\th-TH
2012-01-03 19:18:42 ----D---- C:\Windows\system32\sv-SE
2012-01-03 19:18:42 ----D---- C:\Windows\system32\sl-SI
2012-01-03 19:18:41 ----D---- C:\Windows\system32\ru-RU
2012-01-03 19:18:41 ----D---- C:\Windows\system32\ro-RO
2012-01-03 19:18:41 ----D---- C:\Windows\system32\pt-PT
2012-01-03 19:18:41 ----D---- C:\Windows\system32\pt-BR
2012-01-03 19:18:41 ----D---- C:\Windows\system32\pl-PL
2012-01-03 19:18:41 ----D---- C:\Windows\system32\nl-NL
2012-01-03 19:18:41 ----D---- C:\Windows\system32\nb-NO
2012-01-03 19:18:41 ----D---- C:\Windows\system32\lv-LV
2012-01-03 19:18:41 ----D---- C:\Windows\system32\lt-LT
2012-01-03 19:18:41 ----D---- C:\Windows\system32\ko-KR
2012-01-03 19:18:40 ----D---- C:\Windows\system32\ja-JP
2012-01-03 19:18:40 ----D---- C:\Windows\system32\it-IT
2012-01-03 19:18:40 ----D---- C:\Windows\system32\hu-HU
2012-01-03 19:18:40 ----D---- C:\Windows\system32\hr-HR
2012-01-03 19:18:40 ----D---- C:\Windows\system32\he-IL
2012-01-03 19:18:40 ----D---- C:\Windows\system32\fr-FR
2012-01-03 19:18:40 ----D---- C:\Windows\system32\fi-FI
2012-01-03 19:18:40 ----D---- C:\Windows\system32\et-EE
2012-01-03 19:18:39 ----D---- C:\Windows\system32\es-ES
2012-01-03 19:18:39 ----D---- C:\Windows\system32\el-GR
2012-01-03 19:18:39 ----D---- C:\Windows\system32\de-DE
2012-01-03 19:18:39 ----D---- C:\Windows\system32\da-DK
2012-01-03 19:18:38 ----D---- C:\Windows\system32\bg-BG
2012-01-03 19:18:38 ----D---- C:\Windows\system32\ar-SA
2012-01-03 19:17:25 ----D---- C:\Windows\system32\WinBioPlugIns
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-07 9259520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-07 301568]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-01-03 3065408]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 23152]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-03-11 521728]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1403440]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\CF123.exe\catchme.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-07 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-01-26 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-11 297984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpCMSrv;HP Connection Manager 4.0 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrzávání ntb Windows 7
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
Také zdravím!
Pokud nejprve provedete sken ComboFix, bude RSIT čistý, neboť CF smaže všechny stopy. Dejte log z ComboFix, měl by být v c:\combofix.txt .
Pokud nejprve provedete sken ComboFix, bude RSIT čistý, neboť CF smaže všechny stopy. Dejte log z ComboFix, měl by být v c:\combofix.txt .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzávání ntb Windows 7
Tady je sken z Combofixu
ComboFix 12-01-05.01 - Petr 05.01.2012 18:59:23.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6092.3759 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\CF123.exe.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CF123.exe
c:\cf123.exe\ErrTrap1
c:\cf123.exe\pev.3XE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 18:02 . 2012-01-05 18:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 17:12 . 2012-01-05 17:12 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\offreg.dll
2012-01-05 17:05 . 2012-01-05 17:05 -------- d-----w- c:\windows\SysWow64\Wat
2012-01-05 17:05 . 2012-01-05 17:05 -------- d-----w- c:\windows\system32\Wat
2012-01-05 16:12 . 2012-01-05 16:12 -------- d-----w- c:\program files\Defraggler
2012-01-05 14:14 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2012-01-05 14:13 . 2011-07-16 05:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-05 14:12 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2012-01-05 14:12 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-01-05 14:12 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-01-05 14:12 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-01-05 14:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-01-05 14:12 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2012-01-05 14:12 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2012-01-05 14:12 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2012-01-05 14:12 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2012-01-05 14:12 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-05 14:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-01-05 14:11 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-01-05 14:11 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-01-05 14:11 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-01-05 12:32 . 2012-01-05 12:32 -------- d-----w- c:\program files\CCleaner
2012-01-05 10:17 . 2012-01-05 10:24 -------- d-----w- C:\Výsledky testu Combofixu Qoobox
2012-01-05 07:37 . 2012-01-05 13:05 -------- d-----w- c:\program files\trend micro
2012-01-05 07:20 . 2012-01-05 07:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-05 07:02 . 2012-01-05 17:07 -------- d-----w- c:\windows\system32\wbem\repository
2012-01-04 20:37 . 2012-01-05 06:52 -------- d-----w- c:\program files\7-Zip
2012-01-04 19:43 . 2012-01-04 19:43 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-01-04 19:22 . 2011-07-16 05:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-01-04 18:14 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\mpengine.dll
2012-01-04 18:12 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-01-04 18:12 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-01-04 18:12 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-01-04 18:12 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-01-04 17:40 . 2012-01-04 17:40 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-04 16:46 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-04 16:46 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-04 16:46 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-04 16:46 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-04 16:46 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-04 16:46 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-04 16:46 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-04 16:46 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-04 09:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-01-04 09:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-01-04 09:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-01-04 09:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-01-04 09:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-01-04 08:29 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\programdata\AVAST Software
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\program files\AVAST Software
2012-01-04 07:04 . 2012-01-04 07:29 -------- d-----w- c:\users\ADMINI~1
2012-01-04 03:06 . 2012-01-04 03:06 983936 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-04 03:06 . 2012-01-04 03:06 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-04 03:06 . 2012-01-04 03:06 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2012-01-04 03:03 . 2012-01-05 17:05 -------- d-----w- c:\windows\ehome
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----r- c:\users\Public\Recorded TV
2012-01-03 23:17 . 2012-01-04 19:04 -------- d-----w- c:\program files (x86)\Opera
2012-01-03 23:03 . 2012-01-04 18:12 -------- d-----w- c:\program files (x86)\O2 Mobilni internet
2012-01-03 22:13 . 2012-01-04 07:47 -------- d-----w- C:\totalcmd
2012-01-03 22:05 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Valve
2012-01-03 21:59 . 2012-01-03 21:59 -------- d-----w- c:\program files (x86)\PJsoft
2012-01-03 21:46 . 2012-01-03 21:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Ask.com
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-01-03 20:53 . 2012-01-04 07:47 -------- d-----w- c:\program files (x86)\CCleaner
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\programdata\Alwil Software
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\program files\Alwil Software
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 19:19 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 19:10 . 2012-01-05 06:54 -------- d-----w- c:\users\Petr
2012-01-03 18:37 . 2012-01-03 18:37 -------- d-----w- c:\programdata\ATI
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Microsoft
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\HP SimplePass 2011
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\programdata\Downloaded Installations
2012-01-03 18:28 . 2012-01-03 19:16 -------- d-----w- c:\programdata\Norton
2012-01-03 18:27 . 2012-01-03 18:27 -------- d-----w- c:\program files (x86)\CyberLink
2012-01-03 18:24 . 2012-01-03 18:24 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-03 18:21 . 2012-01-03 18:26 -------- d-----w- c:\windows\Hewlett-Packard
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\windows\Driver Cache
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\program files (x86)\HP
2012-01-03 18:20 . 2010-07-20 21:26 135720 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-01-03 18:20 . 2010-07-20 21:26 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-01-03 18:20 . 2010-07-14 14:25 344616 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2012-01-03 18:20 . 2010-03-02 22:37 39464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-01-03 18:20 . 2010-07-20 21:26 102952 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-01-03 18:19 . 2012-01-03 18:19 -------- d-----w- c:\program files\WIDCOMM
2012-01-03 18:18 . 2012-01-03 18:18 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-03 18:18 . 2012-01-03 18:18 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-03 18:18 . 2012-01-03 18:18 3896832 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3561472 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3065408 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files\Broadcom
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files (x86)\Renesas Electronics
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Validity Sensors
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Synaptics
2012-01-03 18:16 . 2011-02-17 01:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-01-03 18:16 . 2011-02-17 01:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-01-03 18:16 . 2011-02-17 01:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\windows\SysWow64\sda
2012-01-03 18:16 . 2011-01-13 00:10 333928 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\program files (x86)\Realtek
2012-01-03 18:16 . 2011-01-13 00:10 9888360 ----a-w- c:\windows\SysWow64\RtsPStorIcon.dll
2012-01-03 18:13 . 2012-01-03 18:13 -------- d-----w- c:\program files\ATI
2012-01-03 18:12 . 2010-12-22 20:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2012-01-03 18:12 . 2012-01-03 18:12 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-01-03 18:11 . 2012-01-03 18:15 -------- d-----w- c:\program files (x86)\Intel
2012-01-03 18:11 . 2010-12-23 19:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-01-03 18:11 . 2012-01-03 18:11 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 07:17 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-09-07 08:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-08 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-05 c:\windows\Tasks\HPCeeScheduleForPetr.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: Interfaces\{76EE9EE6-D854-48C9-95BA-3479A11EB291}: NameServer = 160.218.161.60 194.228.211.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-05 19:03:57
ComboFix-quarantined-files.txt 2012-01-05 18:03
.
Před spuštěním: Volných bajtů: 310 988 353 536
Po spuštění: Volných bajtů: 310 940 385 280
.
- - End Of File - - 34676783089D38A867F0A5A43A509AC2
ComboFix 12-01-05.01 - Petr 05.01.2012 18:59:23.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6092.3759 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\CF123.exe.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CF123.exe
c:\cf123.exe\ErrTrap1
c:\cf123.exe\pev.3XE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 18:02 . 2012-01-05 18:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 17:12 . 2012-01-05 17:12 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\offreg.dll
2012-01-05 17:05 . 2012-01-05 17:05 -------- d-----w- c:\windows\SysWow64\Wat
2012-01-05 17:05 . 2012-01-05 17:05 -------- d-----w- c:\windows\system32\Wat
2012-01-05 16:12 . 2012-01-05 16:12 -------- d-----w- c:\program files\Defraggler
2012-01-05 14:14 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2012-01-05 14:13 . 2011-07-16 05:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-01-05 14:12 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2012-01-05 14:12 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-01-05 14:12 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-01-05 14:12 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-01-05 14:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-01-05 14:12 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2012-01-05 14:12 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2012-01-05 14:12 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2012-01-05 14:12 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2012-01-05 14:12 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-05 14:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-01-05 14:11 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-01-05 14:11 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-01-05 14:11 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-01-05 12:32 . 2012-01-05 12:32 -------- d-----w- c:\program files\CCleaner
2012-01-05 10:17 . 2012-01-05 10:24 -------- d-----w- C:\Výsledky testu Combofixu Qoobox
2012-01-05 07:37 . 2012-01-05 13:05 -------- d-----w- c:\program files\trend micro
2012-01-05 07:20 . 2012-01-05 07:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-05 07:02 . 2012-01-05 17:07 -------- d-----w- c:\windows\system32\wbem\repository
2012-01-04 20:37 . 2012-01-05 06:52 -------- d-----w- c:\program files\7-Zip
2012-01-04 19:43 . 2012-01-04 19:43 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-01-04 19:22 . 2011-07-16 05:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-01-04 18:14 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\mpengine.dll
2012-01-04 18:12 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-01-04 18:12 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-01-04 18:12 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-01-04 18:12 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-01-04 17:40 . 2012-01-04 17:40 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-04 16:46 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-04 16:46 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-04 16:46 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-04 16:46 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-04 16:46 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-04 16:46 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-04 16:46 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-04 16:46 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-04 09:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-01-04 09:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-01-04 09:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-01-04 09:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-01-04 09:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-01-04 08:29 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\programdata\AVAST Software
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\program files\AVAST Software
2012-01-04 07:04 . 2012-01-04 07:29 -------- d-----w- c:\users\ADMINI~1
2012-01-04 03:06 . 2012-01-04 03:06 983936 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-04 03:06 . 2012-01-04 03:06 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-04 03:06 . 2012-01-04 03:06 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2012-01-04 03:03 . 2012-01-05 17:05 -------- d-----w- c:\windows\ehome
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----r- c:\users\Public\Recorded TV
2012-01-03 23:17 . 2012-01-04 19:04 -------- d-----w- c:\program files (x86)\Opera
2012-01-03 23:03 . 2012-01-04 18:12 -------- d-----w- c:\program files (x86)\O2 Mobilni internet
2012-01-03 22:13 . 2012-01-04 07:47 -------- d-----w- C:\totalcmd
2012-01-03 22:05 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Valve
2012-01-03 21:59 . 2012-01-03 21:59 -------- d-----w- c:\program files (x86)\PJsoft
2012-01-03 21:46 . 2012-01-03 21:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Ask.com
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-01-03 20:53 . 2012-01-04 07:47 -------- d-----w- c:\program files (x86)\CCleaner
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\programdata\Alwil Software
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\program files\Alwil Software
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 19:19 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 19:10 . 2012-01-05 06:54 -------- d-----w- c:\users\Petr
2012-01-03 18:37 . 2012-01-03 18:37 -------- d-----w- c:\programdata\ATI
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Microsoft
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\HP SimplePass 2011
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\programdata\Downloaded Installations
2012-01-03 18:28 . 2012-01-03 19:16 -------- d-----w- c:\programdata\Norton
2012-01-03 18:27 . 2012-01-03 18:27 -------- d-----w- c:\program files (x86)\CyberLink
2012-01-03 18:24 . 2012-01-03 18:24 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-03 18:21 . 2012-01-03 18:26 -------- d-----w- c:\windows\Hewlett-Packard
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\windows\Driver Cache
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\program files (x86)\HP
2012-01-03 18:20 . 2010-07-20 21:26 135720 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-01-03 18:20 . 2010-07-20 21:26 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-01-03 18:20 . 2010-07-14 14:25 344616 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2012-01-03 18:20 . 2010-03-02 22:37 39464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-01-03 18:20 . 2010-07-20 21:26 102952 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-01-03 18:19 . 2012-01-03 18:19 -------- d-----w- c:\program files\WIDCOMM
2012-01-03 18:18 . 2012-01-03 18:18 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-03 18:18 . 2012-01-03 18:18 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-03 18:18 . 2012-01-03 18:18 3896832 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3561472 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3065408 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files\Broadcom
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files (x86)\Renesas Electronics
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Validity Sensors
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Synaptics
2012-01-03 18:16 . 2011-02-17 01:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-01-03 18:16 . 2011-02-17 01:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-01-03 18:16 . 2011-02-17 01:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\windows\SysWow64\sda
2012-01-03 18:16 . 2011-01-13 00:10 333928 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\program files (x86)\Realtek
2012-01-03 18:16 . 2011-01-13 00:10 9888360 ----a-w- c:\windows\SysWow64\RtsPStorIcon.dll
2012-01-03 18:13 . 2012-01-03 18:13 -------- d-----w- c:\program files\ATI
2012-01-03 18:12 . 2010-12-22 20:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2012-01-03 18:12 . 2012-01-03 18:12 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-01-03 18:11 . 2012-01-03 18:15 -------- d-----w- c:\program files (x86)\Intel
2012-01-03 18:11 . 2010-12-23 19:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-01-03 18:11 . 2012-01-03 18:11 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 07:17 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-09-07 08:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-08 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-05 c:\windows\Tasks\HPCeeScheduleForPetr.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: Interfaces\{76EE9EE6-D854-48C9-95BA-3479A11EB291}: NameServer = 160.218.161.60 194.228.211.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-05 19:03:57
ComboFix-quarantined-files.txt 2012-01-05 18:03
.
Před spuštěním: Volných bajtů: 310 988 353 536
Po spuštění: Volných bajtů: 310 940 385 280
.
- - End Of File - - 34676783089D38A867F0A5A43A509AC2
Re: Zamrzávání ntb Windows 7
Tady mám ještě předchozí sken z Combofixu
ComboFix 12-01-05.01 - Petr 05.01.2012 11:18:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6092.4400 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\Petr\Downloads\CF123.exe.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 10:23 . 2012-01-05 10:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 10:09 . 2012-01-05 10:15 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\offreg.dll
2012-01-05 07:37 . 2012-01-05 07:37 -------- d-----w- C:\rsit
2012-01-05 07:37 . 2012-01-05 07:37 -------- d-----w- c:\program files\trend micro
2012-01-05 07:20 . 2012-01-05 07:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-05 07:02 . 2012-01-05 10:13 -------- d-----w- c:\windows\system32\wbem\repository
2012-01-04 20:37 . 2012-01-05 06:52 -------- d-----w- c:\program files\7-Zip
2012-01-04 19:43 . 2012-01-04 19:43 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-01-04 18:14 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\mpengine.dll
2012-01-04 18:12 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-01-04 18:12 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-01-04 18:12 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-01-04 18:12 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-01-04 17:40 . 2012-01-04 17:40 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-04 16:46 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-04 16:46 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-04 16:46 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-04 16:46 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-04 16:46 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-04 16:46 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-04 16:46 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-04 16:46 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-04 09:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-01-04 09:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-01-04 09:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-01-04 09:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-01-04 09:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-01-04 08:29 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\programdata\AVAST Software
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\program files\AVAST Software
2012-01-04 07:04 . 2012-01-04 07:29 -------- d-----w- c:\users\ADMINI~1
2012-01-04 03:06 . 2012-01-04 03:06 983936 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-04 03:06 . 2012-01-04 03:06 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-04 03:06 . 2012-01-04 03:06 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2012-01-04 03:03 . 2012-01-05 06:53 -------- d-----w- c:\windows\ehome
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----r- c:\users\Public\Recorded TV
2012-01-03 23:17 . 2012-01-04 19:04 -------- d-----w- c:\program files (x86)\Opera
2012-01-03 23:03 . 2012-01-04 18:12 -------- d-----w- c:\program files (x86)\O2 Mobilni internet
2012-01-03 22:13 . 2012-01-04 07:47 -------- d-----w- C:\totalcmd
2012-01-03 22:05 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Valve
2012-01-03 21:59 . 2012-01-03 21:59 -------- d-----w- c:\program files (x86)\PJsoft
2012-01-03 21:46 . 2012-01-03 21:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Ask.com
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-01-03 20:53 . 2012-01-04 07:47 -------- d-----w- c:\program files (x86)\CCleaner
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\programdata\Alwil Software
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\program files\Alwil Software
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 19:19 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 19:10 . 2012-01-05 06:54 -------- d-----w- c:\users\Petr
2012-01-03 18:37 . 2012-01-03 18:37 -------- d-----w- c:\programdata\ATI
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Microsoft
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\HP SimplePass 2011
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\programdata\Downloaded Installations
2012-01-03 18:28 . 2012-01-03 19:16 -------- d-----w- c:\programdata\Norton
2012-01-03 18:27 . 2012-01-03 18:27 -------- d-----w- c:\program files (x86)\CyberLink
2012-01-03 18:24 . 2012-01-03 18:24 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-03 18:21 . 2012-01-03 18:26 -------- d-----w- c:\windows\Hewlett-Packard
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\windows\Driver Cache
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\program files (x86)\HP
2012-01-03 18:20 . 2010-07-20 21:26 135720 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-01-03 18:20 . 2010-07-20 21:26 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-01-03 18:20 . 2010-07-14 14:25 344616 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2012-01-03 18:20 . 2010-03-02 22:37 39464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-01-03 18:20 . 2010-07-20 21:26 102952 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-01-03 18:19 . 2012-01-03 18:19 -------- d-----w- c:\program files\WIDCOMM
2012-01-03 18:18 . 2012-01-03 18:18 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-03 18:18 . 2012-01-03 18:18 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-03 18:18 . 2012-01-03 18:18 3896832 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3561472 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3065408 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files\Broadcom
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files (x86)\Renesas Electronics
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Validity Sensors
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Synaptics
2012-01-03 18:16 . 2011-02-17 01:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-01-03 18:16 . 2011-02-17 01:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-01-03 18:16 . 2011-02-17 01:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\windows\SysWow64\sda
2012-01-03 18:16 . 2011-01-13 00:10 333928 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\program files (x86)\Realtek
2012-01-03 18:16 . 2011-01-13 00:10 9888360 ----a-w- c:\windows\SysWow64\RtsPStorIcon.dll
2012-01-03 18:13 . 2012-01-03 18:13 -------- d-----w- c:\program files\ATI
2012-01-03 18:12 . 2010-12-22 20:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2012-01-03 18:12 . 2012-01-03 18:12 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-01-03 18:11 . 2012-01-03 18:15 -------- d-----w- c:\program files (x86)\Intel
2012-01-03 18:11 . 2010-12-23 19:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-01-03 18:11 . 2012-01-03 18:11 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 07:17 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-09-07 08:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-08 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-05 c:\windows\Tasks\HPCeeScheduleForPetr.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: Interfaces\{76EE9EE6-D854-48C9-95BA-3479A11EB291}: NameServer = 194.228.211.33 160.218.167.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-05 11:24:48
ComboFix-quarantined-files.txt 2012-01-05 10:24
.
Před spuštěním: Volných bajtů: 311 091 359 744
Po spuštění: Volných bajtů: 310 575 063 040
.
- - End Of File - - AC5D151B778B85F021053BA384AED147
ComboFix 12-01-05.01 - Petr 05.01.2012 11:18:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6092.4400 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\Petr\Downloads\CF123.exe.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 10:23 . 2012-01-05 10:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 10:09 . 2012-01-05 10:15 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\offreg.dll
2012-01-05 07:37 . 2012-01-05 07:37 -------- d-----w- C:\rsit
2012-01-05 07:37 . 2012-01-05 07:37 -------- d-----w- c:\program files\trend micro
2012-01-05 07:20 . 2012-01-05 07:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-05 07:02 . 2012-01-05 10:13 -------- d-----w- c:\windows\system32\wbem\repository
2012-01-04 20:37 . 2012-01-05 06:52 -------- d-----w- c:\program files\7-Zip
2012-01-04 19:43 . 2012-01-04 19:43 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-01-04 18:14 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D72315D0-63C9-4151-BF77-AC6F724CCBDC}\mpengine.dll
2012-01-04 18:12 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-01-04 18:12 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-01-04 18:12 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-01-04 18:12 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-01-04 17:40 . 2012-01-04 17:40 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-04 16:46 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-04 16:46 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-04 16:46 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-04 16:46 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-04 16:46 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-04 16:46 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-04 16:46 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-04 16:46 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-01-04 09:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-01-04 09:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-01-04 09:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-01-04 09:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-01-04 09:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-01-04 08:29 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\programdata\AVAST Software
2012-01-04 08:29 . 2012-01-04 08:29 -------- d-----w- c:\program files\AVAST Software
2012-01-04 07:04 . 2012-01-04 07:29 -------- d-----w- c:\users\ADMINI~1
2012-01-04 03:06 . 2012-01-04 03:06 983936 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-04 03:06 . 2012-01-04 03:06 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-01-04 03:06 . 2012-01-04 03:06 31744 ----a-w- c:\windows\system32\drivers\usbrpm.sys
2012-01-04 03:03 . 2012-01-05 06:53 -------- d-----w- c:\windows\ehome
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-01-04 03:03 . 2012-01-04 03:03 -------- d-----r- c:\users\Public\Recorded TV
2012-01-03 23:17 . 2012-01-04 19:04 -------- d-----w- c:\program files (x86)\Opera
2012-01-03 23:03 . 2012-01-04 18:12 -------- d-----w- c:\program files (x86)\O2 Mobilni internet
2012-01-03 22:13 . 2012-01-04 07:47 -------- d-----w- C:\totalcmd
2012-01-03 22:05 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Valve
2012-01-03 21:59 . 2012-01-03 21:59 -------- d-----w- c:\program files (x86)\PJsoft
2012-01-03 21:46 . 2012-01-03 21:46 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\Ask.com
2012-01-03 21:32 . 2012-01-05 06:52 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-01-03 20:53 . 2012-01-04 07:47 -------- d-----w- c:\program files (x86)\CCleaner
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\programdata\Alwil Software
2012-01-03 20:50 . 2012-01-03 20:50 -------- d-----w- c:\program files\Alwil Software
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 19:19 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-03 19:19 . 2012-01-03 19:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 19:10 . 2012-01-05 06:54 -------- d-----w- c:\users\Petr
2012-01-03 18:37 . 2012-01-03 18:37 -------- d-----w- c:\programdata\ATI
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Microsoft
2012-01-03 18:29 . 2012-01-03 18:29 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\HP SimplePass 2011
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files (x86)\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\program files\Common Files\AuthenTec
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\programdata\Downloaded Installations
2012-01-03 18:28 . 2012-01-03 19:16 -------- d-----w- c:\programdata\Norton
2012-01-03 18:27 . 2012-01-03 18:27 -------- d-----w- c:\program files (x86)\CyberLink
2012-01-03 18:24 . 2012-01-03 18:24 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-03 18:21 . 2012-01-03 18:26 -------- d-----w- c:\windows\Hewlett-Packard
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\windows\Driver Cache
2012-01-03 18:21 . 2012-01-03 18:21 -------- d-----w- c:\program files (x86)\HP
2012-01-03 18:20 . 2010-07-20 21:26 135720 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-01-03 18:20 . 2010-07-20 21:26 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-01-03 18:20 . 2010-07-14 14:25 344616 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2012-01-03 18:20 . 2010-03-02 22:37 39464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2012-01-03 18:20 . 2010-07-20 21:26 102952 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-01-03 18:19 . 2012-01-03 18:19 -------- d-----w- c:\program files\WIDCOMM
2012-01-03 18:18 . 2012-01-03 18:18 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-03 18:18 . 2012-01-03 18:18 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-03 18:18 . 2012-01-03 18:18 3896832 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3561472 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-01-03 18:18 . 2012-01-03 18:18 3065408 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files\Broadcom
2012-01-03 18:18 . 2012-01-03 18:18 -------- d-----w- c:\program files (x86)\Renesas Electronics
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Validity Sensors
2012-01-03 18:17 . 2012-01-03 18:17 -------- d-----w- c:\program files\Synaptics
2012-01-03 18:16 . 2011-02-17 01:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-01-03 18:16 . 2011-02-17 01:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-01-03 18:16 . 2011-02-17 01:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\windows\SysWow64\sda
2012-01-03 18:16 . 2011-01-13 00:10 333928 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
2012-01-03 18:16 . 2012-01-03 18:16 -------- d-----w- c:\program files (x86)\Realtek
2012-01-03 18:16 . 2011-01-13 00:10 9888360 ----a-w- c:\windows\SysWow64\RtsPStorIcon.dll
2012-01-03 18:13 . 2012-01-03 18:13 -------- d-----w- c:\program files\ATI
2012-01-03 18:12 . 2010-12-22 20:06 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2012-01-03 18:12 . 2012-01-03 18:12 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-01-03 18:11 . 2012-01-03 18:15 -------- d-----w- c:\program files (x86)\Intel
2012-01-03 18:11 . 2010-12-23 19:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-01-03 18:11 . 2012-01-03 18:11 -------- d-----w- C:\Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 07:17 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-09-07 08:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-08 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-05 c:\windows\Tasks\HPCeeScheduleForPetr.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: Interfaces\{76EE9EE6-D854-48C9-95BA-3479A11EB291}: NameServer = 194.228.211.33 160.218.167.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-05 11:24:48
ComboFix-quarantined-files.txt 2012-01-05 10:24
.
Před spuštěním: Volných bajtů: 311 091 359 744
Po spuštění: Volných bajtů: 310 575 063 040
.
- - End Of File - - AC5D151B778B85F021053BA384AED147
Re: Zamrzávání ntb Windows 7
Pak mám ještě sken z virustotal.com je sice z dopoledne, ale prováděl jsem ho ještě před chvílí a výsledek je stejný
h a total of 26186 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
EndProcess.exe
Submission date:
2012-01-05 09:09:29 (UTC)
Current status:
finished
Result:
6/ 43 (14.0%) VT Community
goodware
Safety score: 100.0%
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2012.01.04.00 2012.01.04 -
AntiVir 7.11.20.167 2012.01.05 APPL/KillApp.A
Antiy-AVL 2.0.3.7 2012.01.05 -
Avast 6.0.1289.0 2012.01.04 Win32:KillApp-W [PUP]
AVG 10.0.0.1190 2012.01.05 -
BitDefender 7.2 2012.01.05 -
ByteHero 1.0.0.1 2011.12.31 -
CAT-QuickHeal 12.00 2012.01.05 -
ClamAV 0.97.3.0 2012.01.05 -
Commtouch 5.3.2.6 2012.01.05 -
Comodo 11196 2012.01.04 -
DrWeb 5.0.2.03300 2012.01.05 -
Emsisoft 5.1.0.11 2012.01.05 Riskware.Win32.KillApp!A2
eSafe 7.0.17.0 2012.01.03 -
eTrust-Vet 37.0.9664 2012.01.04 -
F-Prot 4.6.5.141 2012.01.03 -
F-Secure 9.0.16440.0 2012.01.05 -
Fortinet 4.3.388.0 2012.01.05 -
GData 22 2012.01.05 -
Ikarus T3.1.1.109.0 2012.01.05 -
Jiangmin 13.0.900 2012.01.04 -
K7AntiVirus 9.123.5859 2012.01.04 -
Kaspersky 9.0.0.837 2012.01.05 -
McAfee 5.400.0.1158 2012.01.05 ProcKill-BU
McAfee-GW-Edition 2010.1E 2012.01.05 ProcKill-BU
Microsoft 1.7903 2012.01.05 -
NOD32 6769 2012.01.05 -
Norman 6.07.13 2012.01.04 -
nProtect 2012-01-05.01 2012.01.05 -
Panda 10.0.3.5 2012.01.04 -
PCTools 8.0.0.5 2012.01.05 -
Prevx 3.0 2012.01.05 -
Rising 23.91.03.02 2012.01.05 -
Sophos 4.72.0 2012.01.05 Kill It
SUPERAntiSpyware 4.40.0.1006 2012.01.05 -
Symantec 20111.2.0.82 2012.01.05 -
TheHacker 6.7.0.1.371 2012.01.05 -
TrendMicro 9.500.0.1008 2012.01.05 -
TrendMicro-HouseCall 9.500.0.1008 2012.01.05 -
VBA32 3.12.16.4 2012.01.04 -
VIPRE 11355 2012.01.05 -
ViRobot 2012.1.5.4864 2012.01.05 -
VirusBuster 14.1.150.0 2012.01.04 -
h a total of 26186 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
EndProcess.exe
Submission date:
2012-01-05 09:09:29 (UTC)
Current status:
finished
Result:
6/ 43 (14.0%) VT Community
goodware
Safety score: 100.0%
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2012.01.04.00 2012.01.04 -
AntiVir 7.11.20.167 2012.01.05 APPL/KillApp.A
Antiy-AVL 2.0.3.7 2012.01.05 -
Avast 6.0.1289.0 2012.01.04 Win32:KillApp-W [PUP]
AVG 10.0.0.1190 2012.01.05 -
BitDefender 7.2 2012.01.05 -
ByteHero 1.0.0.1 2011.12.31 -
CAT-QuickHeal 12.00 2012.01.05 -
ClamAV 0.97.3.0 2012.01.05 -
Commtouch 5.3.2.6 2012.01.05 -
Comodo 11196 2012.01.04 -
DrWeb 5.0.2.03300 2012.01.05 -
Emsisoft 5.1.0.11 2012.01.05 Riskware.Win32.KillApp!A2
eSafe 7.0.17.0 2012.01.03 -
eTrust-Vet 37.0.9664 2012.01.04 -
F-Prot 4.6.5.141 2012.01.03 -
F-Secure 9.0.16440.0 2012.01.05 -
Fortinet 4.3.388.0 2012.01.05 -
GData 22 2012.01.05 -
Ikarus T3.1.1.109.0 2012.01.05 -
Jiangmin 13.0.900 2012.01.04 -
K7AntiVirus 9.123.5859 2012.01.04 -
Kaspersky 9.0.0.837 2012.01.05 -
McAfee 5.400.0.1158 2012.01.05 ProcKill-BU
McAfee-GW-Edition 2010.1E 2012.01.05 ProcKill-BU
Microsoft 1.7903 2012.01.05 -
NOD32 6769 2012.01.05 -
Norman 6.07.13 2012.01.04 -
nProtect 2012-01-05.01 2012.01.05 -
Panda 10.0.3.5 2012.01.04 -
PCTools 8.0.0.5 2012.01.05 -
Prevx 3.0 2012.01.05 -
Rising 23.91.03.02 2012.01.05 -
Sophos 4.72.0 2012.01.05 Kill It
SUPERAntiSpyware 4.40.0.1006 2012.01.05 -
Symantec 20111.2.0.82 2012.01.05 -
TheHacker 6.7.0.1.371 2012.01.05 -
TrendMicro 9.500.0.1008 2012.01.05 -
TrendMicro-HouseCall 9.500.0.1008 2012.01.05 -
VBA32 3.12.16.4 2012.01.04 -
VIPRE 11355 2012.01.05 -
ViRobot 2012.1.5.4864 2012.01.05 -
VirusBuster 14.1.150.0 2012.01.04 -
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
Několik položek bylo smazáno, zbytek logu vypadá čistý. Kde se nachází tento soubor: EndProcess.exe ?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzávání ntb Windows 7
Je uložen na C:/HP/BIN/EndProcess.exe
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
Tohle se mi zdá jako nějaká kravina. Zkuste to poslat na Avast (ten ho také označil jako vir) s poukazem, že je to regulérní soubor ovladače zařízení HP, ať vysvětlí, co je na něm závadného.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzávání ntb Windows 7
Já jsem to už do Avastu posílal, ale žádná odpověď, tak to zkusím ještě jednou. Například Malwarebyte ho vůbec nenajde, ale Avast jo. Zkoušel jsem ho dávat v Avastu i do vyjímek, ale to fungovalo jen chvíli a pak to bylo stejný.
Re: Zamrzávání ntb Windows 7
No nic přátelé, jdu ještě pokoušet štěstěnu. Děkuji za ochotu a pomoc, přeji pěkný zbytek večera.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
V tomhle adresáři jsem ještě virus neviděl. Patří to ovladači HP (nevím, jestli tiskárna, nebo skener) a je to určitě regulérní soubor.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzávání ntb Windows 7
Regulérní soubor od HP to musí být, protože je i na recovery disku.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
Jistě. Pak jen v Avastu (nebo i v jiné společnosti, jejíž produkt ho detekuje jako virus) musí vědět, proč.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zamrzávání ntb Windows 7
Co já jsem se dočetl na netu a není toho mnoho, tak by to měl být EndProcess.exe nějaký ovladač, který lépe a rychleji ukončuje bežící soubory, procesy a okna, ale jestli je to tak to nevím. Koukal jsem, že tady radil chodnik74 někomu s tím samím problémem, ale zřejmě tam neni celá komunikace, tak nevím jak to dopadlo.....
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zamrzávání ntb Windows 7
OK. Zkuste tedy ještě jednou ten Avast.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?