Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2012-01-06 07:11:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (11%) free of 238 GB
Total RAM: 2972 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:12:47, on 6.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\NirSoft\Volumouse\volumouse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Honza\AppData\Local\Google\Update\1.3.21.93\GoogleCrashHandler.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Connectify\Connectify.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\PSPad editor\PSPad.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Kerio\VPN Client\kvpncgui.exe
C:\WINDOWS\system32\ping.exe
C:\Windows\system32\conhost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\Desktop\!!!Dočasné\RSIT.exe
C:\Program Files\trend micro\Honza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.google.com/kundrt.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTubeUploaderLib.YouTubeUploaderLib - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [gemstrmw] C:\Windows\system32\gemstrmw.exe /r
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files\NirSoft\Volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Google Update] "C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [googletalk] C:\Users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Connectify] C:\Program Files\Connectify\Connectify.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = C:\Program Files\Miranda IM\miranda32.exe
O4 - Startup: USBDeview.exe – zástupce.lnk = C:\Programy\usbdeview\USBDeview.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\Windows\system32\bgsvcgen.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files\Connectify\ConnectifyService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Kerio VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit (mi-raysat_3dsmax2011_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
--
End of file - 14650 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
C:\Windows\tasks\RMSchedule.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.kundrt.net"
prefs.js - "extensions.enabledItems" - "{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, bkmrksync@nokia.com:1.0.0.736, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}:1.0.2, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, 2020Player@2020Technologies.com:4.5.2.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88, {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://www.google.com/search?sourceid=n ... t&hl=cs&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\8.0.0.1802959\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
IICAClient.xpt
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
cgpcfg.dll
CgpCore.dll
confmgr.dll
ctxlogging.dll
ctxmui.dll
ICAClObj.class
icafile.dll
icalogon.dll
Microsoft.VC80.CRT.manifest
msvcm80.dll
msvcp80.dll
msvcr80.dll
np-mswmp.dll
npdeployJava1.dll
npicaN.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
sslsdk_b.dll
TcpPServ.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\extensions\
2020Player@2020Technologies.com
{0b457cAA-602d-484a-8fe7-c1d894a011ba}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{3112ca9c-de6d-4884-a869-9855de68056c}
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin.xml
wolframalpha.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-03 175400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-03 175400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-03 175400]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-03 175400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2010-11-15 112600]
""= []
"gemstrmw"=C:\Windows\system32\gemstrmw.exe [2003-08-29 24576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"$Volumouse$"=C:\Program Files\NirSoft\Volumouse\volumouse.exe [2009-08-05 33280]
"Nektra OEAPI"= []
"Google Update"=C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2011-11-19 2500424]
""= []
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 90624]
"googletalk"=C:\Users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Connectify"=C:\Program Files\Connectify\Connectify.exe [2011-12-01 3073864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
C:\Program Files\Kerio\VPN Client\kvpncgui.exe [2011-04-21 5291656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Miranda IM.lnk - C:\Program Files\Miranda IM\miranda32.exe
USBDeview.exe – zástupce.lnk - C:\Programy\usbdeview\USBDeview.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.yv12"=yv12vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2012-01-06 07:11:52 ----D---- C:\Program Files\trend micro
2012-01-06 07:11:51 ----D---- C:\rsit
2012-01-05 21:49:56 ----A---- C:\Windows\system32\lsdelete.exe
2011-12-29 15:15:27 ----D---- C:\Program Files\Wireshark
2011-12-28 11:51:47 ----D---- C:\Users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 15:42:35 ----D---- C:\ProgramData\Freemake
2011-12-27 15:42:15 ----D---- C:\Program Files\Freemake
2011-12-25 14:20:12 ----D---- C:\Users\Honza\AppData\Roaming\Mp3tag
2011-12-25 14:19:47 ----D---- C:\Program Files\Mp3tag
2011-12-25 13:25:57 ----D---- C:\ProgramData\NCH Software
2011-12-25 13:25:36 ----D---- C:\Users\Honza\AppData\Roaming\NCH Software
2011-12-25 12:24:08 ----D---- C:\Users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 09:59:06 ----D---- C:\Program Files\LightScribe
2011-12-23 09:57:36 ----D---- C:\Program Files\LightScribe Template Labeler
2011-12-19 16:01:12 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2011-12-19 15:59:12 ----N---- C:\Windows\system32\acaptuser32.dll
2011-12-19 13:36:33 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-12-19 11:15:20 ----D---- C:\ProgramData\Martau
2011-12-19 11:15:01 ----D---- C:\Program Files\Total Uninstall 5
2011-12-16 17:54:01 ----A---- C:\Windows\system32\SER9PL.sys
2011-12-15 17:19:08 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-15 17:19:07 ----A---- C:\Windows\system32\iertutil.dll
2011-12-15 17:19:06 ----A---- C:\Windows\system32\jscript9.dll
2011-12-15 17:19:06 ----A---- C:\Windows\system32\jscript.dll
2011-12-15 17:19:05 ----A---- C:\Windows\system32\wininet.dll
2011-12-15 17:19:05 ----A---- C:\Windows\system32\url.dll
2011-12-15 17:19:05 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-15 17:19:05 ----A---- C:\Windows\system32\ieui.dll
2011-12-15 17:19:04 ----A---- C:\Windows\system32\urlmon.dll
2011-12-15 17:19:03 ----A---- C:\Windows\system32\mshtml.dll
2011-12-15 17:19:00 ----A---- C:\Windows\system32\ieframe.dll
2011-12-15 06:12:20 ----A---- C:\Windows\system32\win32k.sys
2011-12-15 06:12:16 ----A---- C:\Windows\system32\tzres.dll
2011-12-15 06:12:09 ----A---- C:\Windows\system32\EncDec.dll
2011-12-15 06:12:08 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-15 06:12:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-15 06:12:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-13 13:36:37 ----D---- C:\ProgramData\PlotSoft
2011-12-13 13:36:37 ----D---- C:\Program Files\PlotSoft
2011-12-12 10:06:32 ----D---- C:\Users\Honza\AppData\Roaming\Google
2011-12-08 10:45:51 ----D---- C:\Program Files\GeoGebra
======List of files/folders modified in the last 1 month======
2012-01-06 07:12:46 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2012-01-06 07:12:14 ----D---- C:\Windows\Prefetch
2012-01-06 07:12:12 ----D---- C:\Windows\Temp
2012-01-06 07:11:52 ----RD---- C:\Program Files
2012-01-06 06:59:20 ----D---- C:\Users\Honza\AppData\Roaming\translateclient
2012-01-06 06:55:32 ----A---- C:\ProgramData\HPWALog.txt
2012-01-06 06:52:02 ----AD---- C:\ProgramData\TEMP
2012-01-06 03:52:21 ----SHD---- C:\System Volume Information
2012-01-06 03:35:33 ----D---- C:\Windows\system32\config
2012-01-05 21:57:42 ----HD---- C:\ProgramData
2012-01-05 21:56:13 ----D---- C:\Windows\Tasks
2012-01-05 21:49:56 ----D---- C:\Windows\System32
2012-01-05 13:41:50 ----D---- C:\Programy
2012-01-05 12:18:23 ----D---- C:\VueScan
2012-01-05 12:07:34 ----D---- C:\Windows\tracing
2012-01-03 11:45:39 ----D---- C:\Users\Honza\AppData\Roaming\hpqLog
2012-01-03 09:58:21 ----D---- C:\Windows\system32\Tasks
2012-01-02 20:30:11 ----D---- C:\Windows\inf
2012-01-02 20:30:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-01 11:53:50 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2012-01-01 11:25:36 ----D---- C:\Program Files\Mozilla Firefox
2011-12-31 18:52:52 ----D---- C:\LCS
2011-12-28 12:05:00 ----D---- C:\Users\Honza\AppData\Roaming\Azureus
2011-12-23 10:27:51 ----D---- C:\Users\Honza\AppData\Roaming\Adobe
2011-12-23 09:59:13 ----SHD---- C:\Windows\Installer
2011-12-23 09:50:43 ----D---- C:\Program Files\Common Files\LightScribe
2011-12-23 09:49:44 ----D---- C:\Windows\system32\catroot2
2011-12-23 09:47:57 ----D---- C:\SWSetup
2011-12-19 19:37:24 ----D---- C:\Program Files\Registry Mechanic
2011-12-19 13:47:35 ----D---- C:\Program Files\Autodesk
2011-12-19 13:40:55 ----D---- C:\ProgramData\Autodesk
2011-12-19 13:36:33 ----D---- C:\Program Files\Common Files
2011-12-19 13:26:18 ----D---- C:\Program Files\Connectify
2011-12-18 12:11:56 ----D---- C:\Program Files\Vuze
2011-12-16 17:54:08 ----D---- C:\Windows\system32\catroot
2011-12-16 17:54:07 ----D---- C:\Windows\system32\DriverStore
2011-12-16 17:54:01 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-16 08:37:50 ----D---- C:\Windows\rescache
2011-12-15 19:32:04 ----D---- C:\Windows\Microsoft.NET
2011-12-15 19:32:03 ----RSD---- C:\Windows\assembly
2011-12-15 18:37:29 ----D---- C:\Windows\winsxs
2011-12-15 18:35:50 ----D---- C:\Program Files\7-Zip
2011-12-15 18:34:03 ----D---- C:\Windows\system32\migration
2011-12-15 18:34:03 ----D---- C:\Windows\system32\cs-CZ
2011-12-15 18:34:03 ----D---- C:\Program Files\Internet Explorer
2011-12-15 17:30:30 ----D---- C:\ProgramData\Microsoft Help
2011-12-15 17:19:55 ----D---- C:\Windows\debug
2011-12-15 17:19:50 ----A---- C:\Windows\system32\MRT.exe
2011-12-15 06:07:41 ----D---- C:\Windows
2011-12-10 10:14:04 ----SHD---- C:\$Recycle.Bin
2011-12-10 10:13:35 ----RD---- C:\Users
2011-12-07 17:42:47 ----D---- C:\Users\Honza\AppData\Roaming\Autodesk
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-11-03 64512]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 RRamdisk;Ramdisk Driver; C:\Windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
R0 Soluto;Soluto; C:\Windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-13 691696]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2009-12-14 38944]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl29c22b72;MpKsl29c22b72; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl29c22b72.sys [2012-01-05 29904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2007-04-27 90688]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 kvnet;Kerio Virtual Network Adapter; C:\Windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-11-03 15232]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2009-06-17 10384]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-12-28 47360]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
S1 MpKsl080eea60;MpKsl080eea60; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl080eea60.sys []
S1 MpKsl10b8eea0;MpKsl10b8eea0; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl10b8eea0.sys []
S1 MpKsl1543cb4b;MpKsl1543cb4b; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKsl1543cb4b.sys []
S1 MpKsl220e1942;MpKsl220e1942; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl220e1942.sys []
S1 MpKsl2b632923;MpKsl2b632923; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl2b632923.sys []
S1 MpKsl2be8aa06;MpKsl2be8aa06; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5620EEB4-8CA5-45A5-8EA8-13AA7BE0F5AA}\MpKsl2be8aa06.sys []
S1 MpKsl33ae3b96;MpKsl33ae3b96; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7ED4D28-CD83-451E-B768-17A624DE5A9B}\MpKsl33ae3b96.sys []
S1 MpKsl3718b0f7;MpKsl3718b0f7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{83C1A916-8C20-4B2F-AA27-018237F1C63A}\MpKsl3718b0f7.sys []
S1 MpKsl3903f0c7;MpKsl3903f0c7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl3903f0c7.sys []
S1 MpKsl3d91a0bd;MpKsl3d91a0bd; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl3d91a0bd.sys []
S1 MpKsl4018f447;MpKsl4018f447; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26077506-BEDE-4215-9C16-04DFA501D687}\MpKsl4018f447.sys []
S1 MpKsl4cc7960e;MpKsl4cc7960e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKsl4cc7960e.sys []
S1 MpKsl4d2cf189;MpKsl4d2cf189; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3217B19-DEB2-4BC5-ACD5-5C87A2033E13}\MpKsl4d2cf189.sys []
S1 MpKsl54bc6513;MpKsl54bc6513; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{720BD033-5116-4266-B516-FF11101DA727}\MpKsl54bc6513.sys []
S1 MpKsl5606a5ad;MpKsl5606a5ad; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl5606a5ad.sys []
S1 MpKsl5754bc2e;MpKsl5754bc2e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A0AEB0D1-6B7C-43B6-9EC7-FABAB66DCCF5}\MpKsl5754bc2e.sys []
S1 MpKsl5a54d120;MpKsl5a54d120; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl5a54d120.sys []
S1 MpKsl64aa7e23;MpKsl64aa7e23; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl64aa7e23.sys []
S1 MpKsl69a770f3;MpKsl69a770f3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DD08D382-298F-4B7F-A249-951CBCC89AB7}\MpKsl69a770f3.sys []
S1 MpKsl6c9723eb;MpKsl6c9723eb; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl6c9723eb.sys []
S1 MpKsl769dd55a;MpKsl769dd55a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{040593F7-21BC-4703-8BAC-147A87CD1F80}\MpKsl769dd55a.sys []
S1 MpKsl77baeb29;MpKsl77baeb29; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D3976A9-6FA1-45DC-9049-F4F8257B9DB7}\MpKsl77baeb29.sys []
S1 MpKsl7c4d08be;MpKsl7c4d08be; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A7361BB-9DED-40FB-A628-9795CC0546AC}\MpKsl7c4d08be.sys []
S1 MpKsl7cee9b88;MpKsl7cee9b88; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D383BF4C-1E39-4D76-BE7C-2511D9865463}\MpKsl7cee9b88.sys []
S1 MpKsl7f053a4a;MpKsl7f053a4a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9BFAA67D-2159-4F27-B604-B43D9A54CADD}\MpKsl7f053a4a.sys []
S1 MpKsl87100a88;MpKsl87100a88; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl87100a88.sys []
S1 MpKsl98a15f0a;MpKsl98a15f0a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7DEEA70E-BFFB-43F3-A013-89819DC031C3}\MpKsl98a15f0a.sys []
S1 MpKsl9b796518;MpKsl9b796518; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl9b796518.sys []
S1 MpKsla5c5f999;MpKsla5c5f999; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F082C0D0-871A-4FD8-8F91-247061FCE13A}\MpKsla5c5f999.sys []
S1 MpKsla5fc5fbd;MpKsla5fc5fbd; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3F8C980A-01D4-47A1-9C9E-633116A0101C}\MpKsla5fc5fbd.sys []
S1 MpKslaa409869;MpKslaa409869; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKslaa409869.sys []
S1 MpKslbadc68e4;MpKslbadc68e4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9F19D8D1-416F-472C-80DC-2D7B6446AECC}\MpKslbadc68e4.sys []
S1 MpKslbe025c58;MpKslbe025c58; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKslbe025c58.sys []
S1 MpKslbfe38058;MpKslbfe38058; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKslbfe38058.sys []
S1 MpKslc4cb3c8e;MpKslc4cb3c8e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{940CF752-343B-42F3-8AEB-9D3FB6BCF9EC}\MpKslc4cb3c8e.sys []
S1 MpKsle967e538;MpKsle967e538; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9F7B5765-5070-442D-B181-FE0CFBED5ABD}\MpKsle967e538.sys []
S1 MpKsle9f37396;MpKsle9f37396; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A7B6220-5647-4763-9DF0-014D7D43BEA8}\MpKsle9f37396.sys []
S1 MpKslf997ae43;MpKslf997ae43; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9DD35307-275E-42DB-B655-DB2F88CD4D02}\MpKslf997ae43.sys []
S1 MpKslf9ecf4fa;MpKslf9ecf4fa; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A435D5E8-947C-46AF-8B9F-EA4BA4AC0D82}\MpKslf9ecf4fa.sys []
S1 MpKslfeb60d99;MpKslfeb60d99; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD5DD22E-6B0E-4EA3-9295-09ACEA5B0AC1}\MpKslfeb60d99.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 ALSysIO;ALSysIO; \??\C:\Users\Honza\AppData\Local\Temp\ALSysIO.sys []
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 eusk3usb;SmartKey 3 USB; C:\Windows\System32\Drivers\eusk3usb.sys [2004-11-18 45534]
S3 GemCCID;GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys []
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS [2004-03-24 17280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTNLUSB.SYS [2007-04-27 35328]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\system32\bgsvcgen.exe [2009-12-14 139264]
R2 Connectify;Connectify; C:\Program Files\Connectify\ConnectifyService.exe [2011-12-01 69632]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
R2 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 KVPNCSvc;Kerio VPN Client Service; C:\Program Files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-07-21 392224]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-01-25 791608]
R3 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-04 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S3 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2011-07-01 14848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SynoDrService;SynoDrService; C:\Program Files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Zdravim a pekny den preji 
Jak jste na to rozesilani spamu prisel 
Jak jste na to rozesilani spamu prisel "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Dobrý den,
upozornil mě na to můj provider.
upozornil mě na to můj provider.
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
http://www.malwarebytes.org
Verze databáze: v2012.01.06.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Honza :: HP6730B [administrátor]
Ochrana: Povolena
6.1.2012 19:34:01
mbam-log-2012-01-07 (06-03-20).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 818436
Uplynulý čas: 8 hodin, 14 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Program Files\DVDFab 6\dbghelp.dll (Trojan.FakeMS) -> Žádná instrukce nebyla provedena.
C:\Programy\wirelessnetview\WirelessNetView.exe (PUP.WirelessNetworkTool) -> Žádná instrukce nebyla provedena.
(konec)
http://www.malwarebytes.org
Verze databáze: v2012.01.06.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Honza :: HP6730B [administrátor]
Ochrana: Povolena
6.1.2012 19:34:01
mbam-log-2012-01-07 (06-03-20).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 818436
Uplynulý čas: 8 hodin, 14 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Program Files\DVDFab 6\dbghelp.dll (Trojan.FakeMS) -> Žádná instrukce nebyla provedena.
C:\Programy\wirelessnetview\WirelessNetView.exe (PUP.WirelessNetworkTool) -> Žádná instrukce nebyla provedena.
(konec)
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Nalezy nemaztePROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
ComboFix 12-01-06.03 - Honza 07.01.2012 18:30:59.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1489 [GMT 1:00]
Spuštěný z: c:\users\Honza\Desktop\!!!DoŔasnÚ\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Honza\AppData\Local\assembly\tmp
c:\users\Honza\AppData\Local\TempDIR
c:\users\Honza\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\Honza\AppData\Roaming\inst.exe
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\html
c:\windows\system32\html\calendar.html
c:\windows\system32\html\calendarbottom.html
c:\windows\system32\html\calendartop.html
c:\windows\system32\html\crystalexportdialog.htm
c:\windows\system32\html\crystalprinthost.html
c:\windows\system32\images
c:\windows\system32\images\toolbar\calendar.gif
c:\windows\system32\images\toolbar\crlogo.gif
c:\windows\system32\images\toolbar\export.gif
c:\windows\system32\images\toolbar\export_over.gif
c:\windows\system32\images\toolbar\exportd.gif
c:\windows\system32\images\toolbar\First.gif
c:\windows\system32\images\toolbar\first_over.gif
c:\windows\system32\images\toolbar\Firstd.gif
c:\windows\system32\images\toolbar\gotopage.gif
c:\windows\system32\images\toolbar\gotopage_over.gif
c:\windows\system32\images\toolbar\gotopaged.gif
c:\windows\system32\images\toolbar\grouptree.gif
c:\windows\system32\images\toolbar\grouptree_over.gif
c:\windows\system32\images\toolbar\grouptreed.gif
c:\windows\system32\images\toolbar\grouptreepressed.gif
c:\windows\system32\images\toolbar\Last.gif
c:\windows\system32\images\toolbar\last_over.gif
c:\windows\system32\images\toolbar\Lastd.gif
c:\windows\system32\images\toolbar\Next.gif
c:\windows\system32\images\toolbar\next_over.gif
c:\windows\system32\images\toolbar\Nextd.gif
c:\windows\system32\images\toolbar\Prev.gif
c:\windows\system32\images\toolbar\prev_over.gif
c:\windows\system32\images\toolbar\Prevd.gif
c:\windows\system32\images\toolbar\print.gif
c:\windows\system32\images\toolbar\print_over.gif
c:\windows\system32\images\toolbar\printd.gif
c:\windows\system32\images\toolbar\Refresh.gif
c:\windows\system32\images\toolbar\refresh_over.gif
c:\windows\system32\images\toolbar\refreshd.gif
c:\windows\system32\images\toolbar\Search.gif
c:\windows\system32\images\toolbar\search_over.gif
c:\windows\system32\images\toolbar\searchd.gif
c:\windows\system32\images\toolbar\up.gif
c:\windows\system32\images\toolbar\up_over.gif
c:\windows\system32\images\toolbar\upd.gif
c:\windows\system32\images\tree\begindots.gif
c:\windows\system32\images\tree\beginminus.gif
c:\windows\system32\images\tree\beginplus.gif
c:\windows\system32\images\tree\blank.gif
c:\windows\system32\images\tree\blankdots.gif
c:\windows\system32\images\tree\dots.gif
c:\windows\system32\images\tree\lastdots.gif
c:\windows\system32\images\tree\lastminus.gif
c:\windows\system32\images\tree\lastplus.gif
c:\windows\system32\images\tree\Magnify.gif
c:\windows\system32\images\tree\minus.gif
c:\windows\system32\images\tree\minusbox.gif
c:\windows\system32\images\tree\plus.gif
c:\windows\system32\images\tree\plusbox.gif
c:\windows\system32\images\tree\singleminus.gif
c:\windows\system32\images\tree\singleplus.gif
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 17:45 . 2012-01-07 17:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 17:45 . 2012-01-07 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 17:07 . 2012-01-07 17:07 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\MpKslf5c43e2c.sys
2012-01-07 17:06 . 2012-01-07 17:47 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\offreg.dll
2012-01-07 17:06 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- C:\rsit
2012-01-05 20:49 . 2011-11-20 09:26 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-11-03 11:06 . 2011-09-03 07:55 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R1 MpKsl080eea60;MpKsl080eea60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl080eea60.sys [x]
R1 MpKsl10b8eea0;MpKsl10b8eea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl10b8eea0.sys [x]
R1 MpKsl1543cb4b;MpKsl1543cb4b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKsl1543cb4b.sys [x]
R1 MpKsl220e1942;MpKsl220e1942;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl220e1942.sys [x]
R1 MpKsl2b632923;MpKsl2b632923;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl2b632923.sys [x]
R1 MpKsl2be8aa06;MpKsl2be8aa06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5620EEB4-8CA5-45A5-8EA8-13AA7BE0F5AA}\MpKsl2be8aa06.sys [x]
R1 MpKsl33ae3b96;MpKsl33ae3b96;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7ED4D28-CD83-451E-B768-17A624DE5A9B}\MpKsl33ae3b96.sys [x]
R1 MpKsl3718b0f7;MpKsl3718b0f7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83C1A916-8C20-4B2F-AA27-018237F1C63A}\MpKsl3718b0f7.sys [x]
R1 MpKsl3903f0c7;MpKsl3903f0c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl3903f0c7.sys [x]
R1 MpKsl3d91a0bd;MpKsl3d91a0bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl3d91a0bd.sys [x]
R1 MpKsl4018f447;MpKsl4018f447;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26077506-BEDE-4215-9C16-04DFA501D687}\MpKsl4018f447.sys [x]
R1 MpKsl4cc7960e;MpKsl4cc7960e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKsl4cc7960e.sys [x]
R1 MpKsl4d2cf189;MpKsl4d2cf189;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B3217B19-DEB2-4BC5-ACD5-5C87A2033E13}\MpKsl4d2cf189.sys [x]
R1 MpKsl54bc6513;MpKsl54bc6513;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{720BD033-5116-4266-B516-FF11101DA727}\MpKsl54bc6513.sys [x]
R1 MpKsl5606a5ad;MpKsl5606a5ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl5606a5ad.sys [x]
R1 MpKsl5754bc2e;MpKsl5754bc2e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0AEB0D1-6B7C-43B6-9EC7-FABAB66DCCF5}\MpKsl5754bc2e.sys [x]
R1 MpKsl5a54d120;MpKsl5a54d120;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl5a54d120.sys [x]
R1 MpKsl64aa7e23;MpKsl64aa7e23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl64aa7e23.sys [x]
R1 MpKsl69a770f3;MpKsl69a770f3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD08D382-298F-4B7F-A249-951CBCC89AB7}\MpKsl69a770f3.sys [x]
R1 MpKsl6c9723eb;MpKsl6c9723eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl6c9723eb.sys [x]
R1 MpKsl769dd55a;MpKsl769dd55a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{040593F7-21BC-4703-8BAC-147A87CD1F80}\MpKsl769dd55a.sys [x]
R1 MpKsl77baeb29;MpKsl77baeb29;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D3976A9-6FA1-45DC-9049-F4F8257B9DB7}\MpKsl77baeb29.sys [x]
R1 MpKsl7c4d08be;MpKsl7c4d08be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A7361BB-9DED-40FB-A628-9795CC0546AC}\MpKsl7c4d08be.sys [x]
R1 MpKsl7cee9b88;MpKsl7cee9b88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D383BF4C-1E39-4D76-BE7C-2511D9865463}\MpKsl7cee9b88.sys [x]
R1 MpKsl7f053a4a;MpKsl7f053a4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9BFAA67D-2159-4F27-B604-B43D9A54CADD}\MpKsl7f053a4a.sys [x]
R1 MpKsl87100a88;MpKsl87100a88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl87100a88.sys [x]
R1 MpKsl98a15f0a;MpKsl98a15f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DEEA70E-BFFB-43F3-A013-89819DC031C3}\MpKsl98a15f0a.sys [x]
R1 MpKsl9b796518;MpKsl9b796518;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl9b796518.sys [x]
R1 MpKsla5c5f999;MpKsla5c5f999;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F082C0D0-871A-4FD8-8F91-247061FCE13A}\MpKsla5c5f999.sys [x]
R1 MpKsla5fc5fbd;MpKsla5fc5fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3F8C980A-01D4-47A1-9C9E-633116A0101C}\MpKsla5fc5fbd.sys [x]
R1 MpKslaa409869;MpKslaa409869;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKslaa409869.sys [x]
R1 MpKslbadc68e4;MpKslbadc68e4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F19D8D1-416F-472C-80DC-2D7B6446AECC}\MpKslbadc68e4.sys [x]
R1 MpKslbe025c58;MpKslbe025c58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKslbe025c58.sys [x]
R1 MpKslbfe38058;MpKslbfe38058;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKslbfe38058.sys [x]
R1 MpKslc4cb3c8e;MpKslc4cb3c8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{940CF752-343B-42F3-8AEB-9D3FB6BCF9EC}\MpKslc4cb3c8e.sys [x]
R1 MpKsle967e538;MpKsle967e538;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F7B5765-5070-442D-B181-FE0CFBED5ABD}\MpKsle967e538.sys [x]
R1 MpKsle9f37396;MpKsle9f37396;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A7B6220-5647-4763-9DF0-014D7D43BEA8}\MpKsle9f37396.sys [x]
R1 MpKslf997ae43;MpKslf997ae43;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DD35307-275E-42DB-B655-DB2F88CD4D02}\MpKslf997ae43.sys [x]
R1 MpKslf9ecf4fa;MpKslf9ecf4fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A435D5E8-947C-46AF-8B9F-EA4BA4AC0D82}\MpKslf9ecf4fa.sys [x]
R1 MpKslfeb60d99;MpKslfeb60d99;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD5DD22E-6B0E-4EA3-9295-09ACEA5B0AC1}\MpKslfeb60d99.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-11-03 64512]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 MpKslf5c43e2c;MpKslf5c43e2c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\MpKslf5c43e2c.sys [2012-01-07 29904]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-06 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://partnerpage.google.com/kundrt.net
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: csob.cz\bb24
Trusted Zone: csob.cz\ib24
Trusted Zone: ica.cz\b
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=cs&q=
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.scr=MicroStation Resource
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-OEXPRESS - (no file)
HKCU-Run-Nektra OEAPI - (no file)
AddRemove-Helios Red - 2009 - KUNDRT - c:\windows\IsUn0405.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(5696)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\NirSoft\Volumouse\vlmshlp.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\bgsvcgen.exe
c:\program files\Connectify\ConnectifyD.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Hewlett-Packard\Shared\hpCaslNotification.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 18:56:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 17:56
.
Před spuštěním: Volných bajtů: 28 049 776 640
Po spuštění: Volných bajtů: 28 666 884 096
.
- - End Of File - - D6CF9538BEB1C8FF7141AA4A1B147F17
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1489 [GMT 1:00]
Spuštěný z: c:\users\Honza\Desktop\!!!DoŔasnÚ\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Honza\AppData\Local\assembly\tmp
c:\users\Honza\AppData\Local\TempDIR
c:\users\Honza\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\Honza\AppData\Roaming\inst.exe
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\html
c:\windows\system32\html\calendar.html
c:\windows\system32\html\calendarbottom.html
c:\windows\system32\html\calendartop.html
c:\windows\system32\html\crystalexportdialog.htm
c:\windows\system32\html\crystalprinthost.html
c:\windows\system32\images
c:\windows\system32\images\toolbar\calendar.gif
c:\windows\system32\images\toolbar\crlogo.gif
c:\windows\system32\images\toolbar\export.gif
c:\windows\system32\images\toolbar\export_over.gif
c:\windows\system32\images\toolbar\exportd.gif
c:\windows\system32\images\toolbar\First.gif
c:\windows\system32\images\toolbar\first_over.gif
c:\windows\system32\images\toolbar\Firstd.gif
c:\windows\system32\images\toolbar\gotopage.gif
c:\windows\system32\images\toolbar\gotopage_over.gif
c:\windows\system32\images\toolbar\gotopaged.gif
c:\windows\system32\images\toolbar\grouptree.gif
c:\windows\system32\images\toolbar\grouptree_over.gif
c:\windows\system32\images\toolbar\grouptreed.gif
c:\windows\system32\images\toolbar\grouptreepressed.gif
c:\windows\system32\images\toolbar\Last.gif
c:\windows\system32\images\toolbar\last_over.gif
c:\windows\system32\images\toolbar\Lastd.gif
c:\windows\system32\images\toolbar\Next.gif
c:\windows\system32\images\toolbar\next_over.gif
c:\windows\system32\images\toolbar\Nextd.gif
c:\windows\system32\images\toolbar\Prev.gif
c:\windows\system32\images\toolbar\prev_over.gif
c:\windows\system32\images\toolbar\Prevd.gif
c:\windows\system32\images\toolbar\print.gif
c:\windows\system32\images\toolbar\print_over.gif
c:\windows\system32\images\toolbar\printd.gif
c:\windows\system32\images\toolbar\Refresh.gif
c:\windows\system32\images\toolbar\refresh_over.gif
c:\windows\system32\images\toolbar\refreshd.gif
c:\windows\system32\images\toolbar\Search.gif
c:\windows\system32\images\toolbar\search_over.gif
c:\windows\system32\images\toolbar\searchd.gif
c:\windows\system32\images\toolbar\up.gif
c:\windows\system32\images\toolbar\up_over.gif
c:\windows\system32\images\toolbar\upd.gif
c:\windows\system32\images\tree\begindots.gif
c:\windows\system32\images\tree\beginminus.gif
c:\windows\system32\images\tree\beginplus.gif
c:\windows\system32\images\tree\blank.gif
c:\windows\system32\images\tree\blankdots.gif
c:\windows\system32\images\tree\dots.gif
c:\windows\system32\images\tree\lastdots.gif
c:\windows\system32\images\tree\lastminus.gif
c:\windows\system32\images\tree\lastplus.gif
c:\windows\system32\images\tree\Magnify.gif
c:\windows\system32\images\tree\minus.gif
c:\windows\system32\images\tree\minusbox.gif
c:\windows\system32\images\tree\plus.gif
c:\windows\system32\images\tree\plusbox.gif
c:\windows\system32\images\tree\singleminus.gif
c:\windows\system32\images\tree\singleplus.gif
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 17:45 . 2012-01-07 17:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 17:45 . 2012-01-07 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 17:07 . 2012-01-07 17:07 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\MpKslf5c43e2c.sys
2012-01-07 17:06 . 2012-01-07 17:47 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\offreg.dll
2012-01-07 17:06 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- C:\rsit
2012-01-05 20:49 . 2011-11-20 09:26 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-11-03 11:06 . 2011-09-03 07:55 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R1 MpKsl080eea60;MpKsl080eea60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl080eea60.sys [x]
R1 MpKsl10b8eea0;MpKsl10b8eea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl10b8eea0.sys [x]
R1 MpKsl1543cb4b;MpKsl1543cb4b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKsl1543cb4b.sys [x]
R1 MpKsl220e1942;MpKsl220e1942;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl220e1942.sys [x]
R1 MpKsl2b632923;MpKsl2b632923;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl2b632923.sys [x]
R1 MpKsl2be8aa06;MpKsl2be8aa06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5620EEB4-8CA5-45A5-8EA8-13AA7BE0F5AA}\MpKsl2be8aa06.sys [x]
R1 MpKsl33ae3b96;MpKsl33ae3b96;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7ED4D28-CD83-451E-B768-17A624DE5A9B}\MpKsl33ae3b96.sys [x]
R1 MpKsl3718b0f7;MpKsl3718b0f7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83C1A916-8C20-4B2F-AA27-018237F1C63A}\MpKsl3718b0f7.sys [x]
R1 MpKsl3903f0c7;MpKsl3903f0c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl3903f0c7.sys [x]
R1 MpKsl3d91a0bd;MpKsl3d91a0bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl3d91a0bd.sys [x]
R1 MpKsl4018f447;MpKsl4018f447;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26077506-BEDE-4215-9C16-04DFA501D687}\MpKsl4018f447.sys [x]
R1 MpKsl4cc7960e;MpKsl4cc7960e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKsl4cc7960e.sys [x]
R1 MpKsl4d2cf189;MpKsl4d2cf189;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B3217B19-DEB2-4BC5-ACD5-5C87A2033E13}\MpKsl4d2cf189.sys [x]
R1 MpKsl54bc6513;MpKsl54bc6513;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{720BD033-5116-4266-B516-FF11101DA727}\MpKsl54bc6513.sys [x]
R1 MpKsl5606a5ad;MpKsl5606a5ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl5606a5ad.sys [x]
R1 MpKsl5754bc2e;MpKsl5754bc2e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0AEB0D1-6B7C-43B6-9EC7-FABAB66DCCF5}\MpKsl5754bc2e.sys [x]
R1 MpKsl5a54d120;MpKsl5a54d120;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl5a54d120.sys [x]
R1 MpKsl64aa7e23;MpKsl64aa7e23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl64aa7e23.sys [x]
R1 MpKsl69a770f3;MpKsl69a770f3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD08D382-298F-4B7F-A249-951CBCC89AB7}\MpKsl69a770f3.sys [x]
R1 MpKsl6c9723eb;MpKsl6c9723eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl6c9723eb.sys [x]
R1 MpKsl769dd55a;MpKsl769dd55a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{040593F7-21BC-4703-8BAC-147A87CD1F80}\MpKsl769dd55a.sys [x]
R1 MpKsl77baeb29;MpKsl77baeb29;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D3976A9-6FA1-45DC-9049-F4F8257B9DB7}\MpKsl77baeb29.sys [x]
R1 MpKsl7c4d08be;MpKsl7c4d08be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A7361BB-9DED-40FB-A628-9795CC0546AC}\MpKsl7c4d08be.sys [x]
R1 MpKsl7cee9b88;MpKsl7cee9b88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D383BF4C-1E39-4D76-BE7C-2511D9865463}\MpKsl7cee9b88.sys [x]
R1 MpKsl7f053a4a;MpKsl7f053a4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9BFAA67D-2159-4F27-B604-B43D9A54CADD}\MpKsl7f053a4a.sys [x]
R1 MpKsl87100a88;MpKsl87100a88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl87100a88.sys [x]
R1 MpKsl98a15f0a;MpKsl98a15f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DEEA70E-BFFB-43F3-A013-89819DC031C3}\MpKsl98a15f0a.sys [x]
R1 MpKsl9b796518;MpKsl9b796518;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl9b796518.sys [x]
R1 MpKsla5c5f999;MpKsla5c5f999;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F082C0D0-871A-4FD8-8F91-247061FCE13A}\MpKsla5c5f999.sys [x]
R1 MpKsla5fc5fbd;MpKsla5fc5fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3F8C980A-01D4-47A1-9C9E-633116A0101C}\MpKsla5fc5fbd.sys [x]
R1 MpKslaa409869;MpKslaa409869;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKslaa409869.sys [x]
R1 MpKslbadc68e4;MpKslbadc68e4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F19D8D1-416F-472C-80DC-2D7B6446AECC}\MpKslbadc68e4.sys [x]
R1 MpKslbe025c58;MpKslbe025c58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKslbe025c58.sys [x]
R1 MpKslbfe38058;MpKslbfe38058;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKslbfe38058.sys [x]
R1 MpKslc4cb3c8e;MpKslc4cb3c8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{940CF752-343B-42F3-8AEB-9D3FB6BCF9EC}\MpKslc4cb3c8e.sys [x]
R1 MpKsle967e538;MpKsle967e538;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F7B5765-5070-442D-B181-FE0CFBED5ABD}\MpKsle967e538.sys [x]
R1 MpKsle9f37396;MpKsle9f37396;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A7B6220-5647-4763-9DF0-014D7D43BEA8}\MpKsle9f37396.sys [x]
R1 MpKslf997ae43;MpKslf997ae43;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DD35307-275E-42DB-B655-DB2F88CD4D02}\MpKslf997ae43.sys [x]
R1 MpKslf9ecf4fa;MpKslf9ecf4fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A435D5E8-947C-46AF-8B9F-EA4BA4AC0D82}\MpKslf9ecf4fa.sys [x]
R1 MpKslfeb60d99;MpKslfeb60d99;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD5DD22E-6B0E-4EA3-9295-09ACEA5B0AC1}\MpKslfeb60d99.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-11-03 64512]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 MpKslf5c43e2c;MpKslf5c43e2c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A2694D5-298B-4647-AE5D-046E3D7A0B86}\MpKslf5c43e2c.sys [2012-01-07 29904]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 11:06]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-06 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://partnerpage.google.com/kundrt.net
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: csob.cz\bb24
Trusted Zone: csob.cz\ib24
Trusted Zone: ica.cz\b
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=cs&q=
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.scr=MicroStation Resource
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-OEXPRESS - (no file)
HKCU-Run-Nektra OEAPI - (no file)
AddRemove-Helios Red - 2009 - KUNDRT - c:\windows\IsUn0405.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(5696)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\NirSoft\Volumouse\vlmshlp.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\bgsvcgen.exe
c:\program files\Connectify\ConnectifyD.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Hewlett-Packard\Shared\hpCaslNotification.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 18:56:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 17:56
.
Před spuštěním: Volných bajtů: 28 049 776 640
Po spuštění: Volných bajtů: 28 666 884 096
.
- - End Of File - - D6CF9538BEB1C8FF7141AA4A1B147F17
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Odinstalujte Lavasoft Ad-Aware Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- c:\windows\System32\acaptuser32.dll
- Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Send File
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Pokud nemate, tak presunte Combofix primo na disk c:\
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] DDS:: uStart Page = hxxp://partnerpage.google.com/kundrt.net uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s Trusted Zone: csob.cz\bb24 Trusted Zone: csob.cz\ib24 Trusted Zone: ica.cz\b Firefox:: FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\ FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=n ... t&hl=cs&q= Driver:: MpKsl080eea60 MpKsl10b8eea0 MpKsl1543cb4b MpKsl220e1942 MpKsl2b632923 MpKsl2be8aa06 MpKsl33ae3b96 MpKsl3718b0f7 MpKsl3903f0c7 MpKsl3d91a0bd MpKsl4018f447 MpKsl4cc7960e MpKsl4d2cf189 MpKsl54bc6513 MpKsl5606a5ad MpKsl5754bc2e MpKsl5a54d120 MpKsl64aa7e23 MpKsl69a770f3 MpKsl6c9723eb MpKsl769dd55a MpKsl77baeb29 MpKsl7c4d08be MpKsl7cee9b88 MpKsl7f053a4a MpKsl87100a88 MpKsl98a15f0a MpKsl9b796518 MpKsla5c5f999 MpKsla5fc5fbd MpKslaa409869 MpKslbadc68e4 MpKslbe025c58 MpKslbfe38058 MpKslc4cb3c8e MpKsle967e538 MpKsle9f37396 MpKslf997ae43 MpKslf9ecf4fa MpKslfeb60d99 gupdate gupdatem Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- "Acrobat Assistant 8.0"=- "Malwarebytes' Anti-Malware"=- Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
ComboFix 12-01-06.03 - Honza 07.01.2012 19:58:37.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1271 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\2012-01-06 - HKFree - zablokovßnÝ netu, spamovßnÝ z mÚho PC\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\apache2triad\AppData\Local\temp
2012-01-07 18:24 . 2012-01-07 18:24 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\MpKsl5defb7d6.sys
2012-01-07 18:24 . 2012-01-07 18:24 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\offreg.dll
2012-01-07 18:23 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R1 MpKsl080eea60;MpKsl080eea60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl080eea60.sys [x]
R1 MpKsl10b8eea0;MpKsl10b8eea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl10b8eea0.sys [x]
R1 MpKsl1543cb4b;MpKsl1543cb4b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKsl1543cb4b.sys [x]
R1 MpKsl220e1942;MpKsl220e1942;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl220e1942.sys [x]
R1 MpKsl2b632923;MpKsl2b632923;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl2b632923.sys [x]
R1 MpKsl2be8aa06;MpKsl2be8aa06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5620EEB4-8CA5-45A5-8EA8-13AA7BE0F5AA}\MpKsl2be8aa06.sys [x]
R1 MpKsl33ae3b96;MpKsl33ae3b96;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7ED4D28-CD83-451E-B768-17A624DE5A9B}\MpKsl33ae3b96.sys [x]
R1 MpKsl3718b0f7;MpKsl3718b0f7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83C1A916-8C20-4B2F-AA27-018237F1C63A}\MpKsl3718b0f7.sys [x]
R1 MpKsl3903f0c7;MpKsl3903f0c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl3903f0c7.sys [x]
R1 MpKsl3d91a0bd;MpKsl3d91a0bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl3d91a0bd.sys [x]
R1 MpKsl4018f447;MpKsl4018f447;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26077506-BEDE-4215-9C16-04DFA501D687}\MpKsl4018f447.sys [x]
R1 MpKsl4cc7960e;MpKsl4cc7960e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKsl4cc7960e.sys [x]
R1 MpKsl4d2cf189;MpKsl4d2cf189;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B3217B19-DEB2-4BC5-ACD5-5C87A2033E13}\MpKsl4d2cf189.sys [x]
R1 MpKsl54bc6513;MpKsl54bc6513;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{720BD033-5116-4266-B516-FF11101DA727}\MpKsl54bc6513.sys [x]
R1 MpKsl5606a5ad;MpKsl5606a5ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl5606a5ad.sys [x]
R1 MpKsl5754bc2e;MpKsl5754bc2e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0AEB0D1-6B7C-43B6-9EC7-FABAB66DCCF5}\MpKsl5754bc2e.sys [x]
R1 MpKsl5a54d120;MpKsl5a54d120;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl5a54d120.sys [x]
R1 MpKsl64aa7e23;MpKsl64aa7e23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl64aa7e23.sys [x]
R1 MpKsl69a770f3;MpKsl69a770f3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD08D382-298F-4B7F-A249-951CBCC89AB7}\MpKsl69a770f3.sys [x]
R1 MpKsl6c9723eb;MpKsl6c9723eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl6c9723eb.sys [x]
R1 MpKsl769dd55a;MpKsl769dd55a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{040593F7-21BC-4703-8BAC-147A87CD1F80}\MpKsl769dd55a.sys [x]
R1 MpKsl77baeb29;MpKsl77baeb29;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D3976A9-6FA1-45DC-9049-F4F8257B9DB7}\MpKsl77baeb29.sys [x]
R1 MpKsl7c4d08be;MpKsl7c4d08be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A7361BB-9DED-40FB-A628-9795CC0546AC}\MpKsl7c4d08be.sys [x]
R1 MpKsl7cee9b88;MpKsl7cee9b88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D383BF4C-1E39-4D76-BE7C-2511D9865463}\MpKsl7cee9b88.sys [x]
R1 MpKsl7f053a4a;MpKsl7f053a4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9BFAA67D-2159-4F27-B604-B43D9A54CADD}\MpKsl7f053a4a.sys [x]
R1 MpKsl87100a88;MpKsl87100a88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl87100a88.sys [x]
R1 MpKsl98a15f0a;MpKsl98a15f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DEEA70E-BFFB-43F3-A013-89819DC031C3}\MpKsl98a15f0a.sys [x]
R1 MpKsl9b796518;MpKsl9b796518;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl9b796518.sys [x]
R1 MpKsla5c5f999;MpKsla5c5f999;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F082C0D0-871A-4FD8-8F91-247061FCE13A}\MpKsla5c5f999.sys [x]
R1 MpKsla5fc5fbd;MpKsla5fc5fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3F8C980A-01D4-47A1-9C9E-633116A0101C}\MpKsla5fc5fbd.sys [x]
R1 MpKslaa409869;MpKslaa409869;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKslaa409869.sys [x]
R1 MpKslbadc68e4;MpKslbadc68e4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F19D8D1-416F-472C-80DC-2D7B6446AECC}\MpKslbadc68e4.sys [x]
R1 MpKslbe025c58;MpKslbe025c58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKslbe025c58.sys [x]
R1 MpKslbfe38058;MpKslbfe38058;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKslbfe38058.sys [x]
R1 MpKslc4cb3c8e;MpKslc4cb3c8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{940CF752-343B-42F3-8AEB-9D3FB6BCF9EC}\MpKslc4cb3c8e.sys [x]
R1 MpKsle967e538;MpKsle967e538;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F7B5765-5070-442D-B181-FE0CFBED5ABD}\MpKsle967e538.sys [x]
R1 MpKsle9f37396;MpKsle9f37396;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A7B6220-5647-4763-9DF0-014D7D43BEA8}\MpKsle9f37396.sys [x]
R1 MpKslf997ae43;MpKslf997ae43;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DD35307-275E-42DB-B655-DB2F88CD4D02}\MpKslf997ae43.sys [x]
R1 MpKslf9ecf4fa;MpKslf9ecf4fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A435D5E8-947C-46AF-8B9F-EA4BA4AC0D82}\MpKslf9ecf4fa.sys [x]
R1 MpKslfeb60d99;MpKslfeb60d99;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD5DD22E-6B0E-4EA3-9295-09ACEA5B0AC1}\MpKslfeb60d99.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 MpKsl5defb7d6;MpKsl5defb7d6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\MpKsl5defb7d6.sys [2012-01-07 29904]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL5DEFB7D6
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://partnerpage.google.com/kundrt.net
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: csob.cz\bb24
Trusted Zone: csob.cz\ib24
Trusted Zone: ica.cz\b
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=cs&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(712)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2012-01-07 20:16:47
ComboFix-quarantined-files.txt 2012-01-07 19:16
ComboFix2.txt 2012-01-07 17:57
.
Před spuštěním: Volných bajtů: 27 696 439 296
Po spuštění: Volných bajtů: 27 396 509 696
.
- - End Of File - - A14A2ADEE7DAC61A2E45DE918019B9AD
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1271 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\2012-01-06 - HKFree - zablokovßnÝ netu, spamovßnÝ z mÚho PC\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 19:13 . 2012-01-07 19:13 -------- d-----w- c:\users\apache2triad\AppData\Local\temp
2012-01-07 18:24 . 2012-01-07 18:24 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\MpKsl5defb7d6.sys
2012-01-07 18:24 . 2012-01-07 18:24 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\offreg.dll
2012-01-07 18:23 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R1 MpKsl080eea60;MpKsl080eea60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl080eea60.sys [x]
R1 MpKsl10b8eea0;MpKsl10b8eea0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl10b8eea0.sys [x]
R1 MpKsl1543cb4b;MpKsl1543cb4b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKsl1543cb4b.sys [x]
R1 MpKsl220e1942;MpKsl220e1942;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl220e1942.sys [x]
R1 MpKsl2b632923;MpKsl2b632923;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F321B337-79BC-4AB6-B7F5-83D3CFBEE97D}\MpKsl2b632923.sys [x]
R1 MpKsl2be8aa06;MpKsl2be8aa06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5620EEB4-8CA5-45A5-8EA8-13AA7BE0F5AA}\MpKsl2be8aa06.sys [x]
R1 MpKsl33ae3b96;MpKsl33ae3b96;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7ED4D28-CD83-451E-B768-17A624DE5A9B}\MpKsl33ae3b96.sys [x]
R1 MpKsl3718b0f7;MpKsl3718b0f7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{83C1A916-8C20-4B2F-AA27-018237F1C63A}\MpKsl3718b0f7.sys [x]
R1 MpKsl3903f0c7;MpKsl3903f0c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl3903f0c7.sys [x]
R1 MpKsl3d91a0bd;MpKsl3d91a0bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl3d91a0bd.sys [x]
R1 MpKsl4018f447;MpKsl4018f447;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26077506-BEDE-4215-9C16-04DFA501D687}\MpKsl4018f447.sys [x]
R1 MpKsl4cc7960e;MpKsl4cc7960e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKsl4cc7960e.sys [x]
R1 MpKsl4d2cf189;MpKsl4d2cf189;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B3217B19-DEB2-4BC5-ACD5-5C87A2033E13}\MpKsl4d2cf189.sys [x]
R1 MpKsl54bc6513;MpKsl54bc6513;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{720BD033-5116-4266-B516-FF11101DA727}\MpKsl54bc6513.sys [x]
R1 MpKsl5606a5ad;MpKsl5606a5ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9F0E39-4212-4BE8-A0E4-1607867B4F35}\MpKsl5606a5ad.sys [x]
R1 MpKsl5754bc2e;MpKsl5754bc2e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0AEB0D1-6B7C-43B6-9EC7-FABAB66DCCF5}\MpKsl5754bc2e.sys [x]
R1 MpKsl5a54d120;MpKsl5a54d120;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl5a54d120.sys [x]
R1 MpKsl64aa7e23;MpKsl64aa7e23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl64aa7e23.sys [x]
R1 MpKsl69a770f3;MpKsl69a770f3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD08D382-298F-4B7F-A249-951CBCC89AB7}\MpKsl69a770f3.sys [x]
R1 MpKsl6c9723eb;MpKsl6c9723eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4612060-CF2C-4F95-8F30-E67582E4841F}\MpKsl6c9723eb.sys [x]
R1 MpKsl769dd55a;MpKsl769dd55a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{040593F7-21BC-4703-8BAC-147A87CD1F80}\MpKsl769dd55a.sys [x]
R1 MpKsl77baeb29;MpKsl77baeb29;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D3976A9-6FA1-45DC-9049-F4F8257B9DB7}\MpKsl77baeb29.sys [x]
R1 MpKsl7c4d08be;MpKsl7c4d08be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A7361BB-9DED-40FB-A628-9795CC0546AC}\MpKsl7c4d08be.sys [x]
R1 MpKsl7cee9b88;MpKsl7cee9b88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D383BF4C-1E39-4D76-BE7C-2511D9865463}\MpKsl7cee9b88.sys [x]
R1 MpKsl7f053a4a;MpKsl7f053a4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9BFAA67D-2159-4F27-B604-B43D9A54CADD}\MpKsl7f053a4a.sys [x]
R1 MpKsl87100a88;MpKsl87100a88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl87100a88.sys [x]
R1 MpKsl98a15f0a;MpKsl98a15f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DEEA70E-BFFB-43F3-A013-89819DC031C3}\MpKsl98a15f0a.sys [x]
R1 MpKsl9b796518;MpKsl9b796518;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKsl9b796518.sys [x]
R1 MpKsla5c5f999;MpKsla5c5f999;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F082C0D0-871A-4FD8-8F91-247061FCE13A}\MpKsla5c5f999.sys [x]
R1 MpKsla5fc5fbd;MpKsla5fc5fbd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3F8C980A-01D4-47A1-9C9E-633116A0101C}\MpKsla5fc5fbd.sys [x]
R1 MpKslaa409869;MpKslaa409869;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FC8423D-F4C1-451A-9158-D4ABBF68F09A}\MpKslaa409869.sys [x]
R1 MpKslbadc68e4;MpKslbadc68e4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F19D8D1-416F-472C-80DC-2D7B6446AECC}\MpKslbadc68e4.sys [x]
R1 MpKslbe025c58;MpKslbe025c58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F8B0CA9-DC14-4DD7-B6BF-82741A2E1932}\MpKslbe025c58.sys [x]
R1 MpKslbfe38058;MpKslbfe38058;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45DAE10B-5CD3-4B61-9123-E8504BC80AA6}\MpKslbfe38058.sys [x]
R1 MpKslc4cb3c8e;MpKslc4cb3c8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{940CF752-343B-42F3-8AEB-9D3FB6BCF9EC}\MpKslc4cb3c8e.sys [x]
R1 MpKsle967e538;MpKsle967e538;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F7B5765-5070-442D-B181-FE0CFBED5ABD}\MpKsle967e538.sys [x]
R1 MpKsle9f37396;MpKsle9f37396;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A7B6220-5647-4763-9DF0-014D7D43BEA8}\MpKsle9f37396.sys [x]
R1 MpKslf997ae43;MpKslf997ae43;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DD35307-275E-42DB-B655-DB2F88CD4D02}\MpKslf997ae43.sys [x]
R1 MpKslf9ecf4fa;MpKslf9ecf4fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A435D5E8-947C-46AF-8B9F-EA4BA4AC0D82}\MpKslf9ecf4fa.sys [x]
R1 MpKslfeb60d99;MpKslfeb60d99;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD5DD22E-6B0E-4EA3-9295-09ACEA5B0AC1}\MpKslfeb60d99.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 135664]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 MpKsl5defb7d6;MpKsl5defb7d6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\MpKsl5defb7d6.sys [2012-01-07 29904]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL5DEFB7D6
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://partnerpage.google.com/kundrt.net
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: csob.cz\bb24
Trusted Zone: csob.cz\ib24
Trusted Zone: ica.cz\b
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=cs&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(712)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2012-01-07 20:16:47
ComboFix-quarantined-files.txt 2012-01-07 19:16
ComboFix2.txt 2012-01-07 17:57
.
Před spuštěním: Volných bajtů: 27 696 439 296
Po spuštění: Volných bajtů: 27 396 509 696
.
- - End Of File - - A14A2ADEE7DAC61A2E45DE918019B9AD
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Jeste jednou to zopakujte prosim a i ten CFScript dejte primo na disk c:\
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
ComboFix 12-01-06.03 - Honza 07.01.2012 20:32:16.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1593 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL080EEA60
-------\Legacy_MPKSL10B8EEA0
-------\Legacy_MPKSL1543CB4B
-------\Legacy_MPKSL220E1942
-------\Legacy_MPKSL2B632923
-------\Legacy_MPKSL2BE8AA06
-------\Legacy_MPKSL33AE3B96
-------\Legacy_MPKSL3718B0F7
-------\Legacy_MPKSL3903F0C7
-------\Legacy_MPKSL3D91A0BD
-------\Legacy_MPKSL4018F447
-------\Legacy_MPKSL4CC7960E
-------\Legacy_MPKSL4D2CF189
-------\Legacy_MPKSL54BC6513
-------\Legacy_MPKSL5606A5AD
-------\Legacy_MPKSL5754BC2E
-------\Legacy_MPKSL5A54D120
-------\Legacy_MPKSL64AA7E23
-------\Legacy_MPKSL69A770F3
-------\Legacy_MPKSL6C9723EB
-------\Legacy_MPKSL769DD55A
-------\Legacy_MPKSL7C4D08BE
-------\Legacy_MPKSL7CEE9B88
-------\Legacy_MPKSL7F053A4A
-------\Legacy_MPKSL87100A88
-------\Legacy_MPKSL98A15F0A
-------\Legacy_MPKSL9B796518
-------\Legacy_MPKSLA5C5F999
-------\Legacy_MPKSLA5FC5FBD
-------\Legacy_MPKSLAA409869
-------\Legacy_MPKSLBADC68E4
-------\Legacy_MPKSLBE025C58
-------\Legacy_MPKSLBFE38058
-------\Legacy_MPKSLC4CB3C8E
-------\Legacy_MPKSLE967E538
-------\Legacy_MPKSLE9F37396
-------\Legacy_MPKSLF997AE43
-------\Legacy_MPKSLF9ECF4FA
-------\Legacy_MPKSLFEB60D99
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_MpKsl080eea60
-------\Service_MpKsl10b8eea0
-------\Service_MpKsl1543cb4b
-------\Service_MpKsl220e1942
-------\Service_MpKsl2b632923
-------\Service_MpKsl2be8aa06
-------\Service_MpKsl33ae3b96
-------\Service_MpKsl3718b0f7
-------\Service_MpKsl3903f0c7
-------\Service_MpKsl3d91a0bd
-------\Service_MpKsl4018f447
-------\Service_MpKsl4cc7960e
-------\Service_MpKsl4d2cf189
-------\Service_MpKsl54bc6513
-------\Service_MpKsl5606a5ad
-------\Service_MpKsl5754bc2e
-------\Service_MpKsl5a54d120
-------\Service_MpKsl64aa7e23
-------\Service_MpKsl69a770f3
-------\Service_MpKsl6c9723eb
-------\Service_MpKsl769dd55a
-------\Service_MpKsl77baeb29
-------\Service_MpKsl7c4d08be
-------\Service_MpKsl7cee9b88
-------\Service_MpKsl7f053a4a
-------\Service_MpKsl87100a88
-------\Service_MpKsl98a15f0a
-------\Service_MpKsl9b796518
-------\Service_MpKsla5c5f999
-------\Service_MpKsla5fc5fbd
-------\Service_MpKslaa409869
-------\Service_MpKslbadc68e4
-------\Service_MpKslbe025c58
-------\Service_MpKslbfe38058
-------\Service_MpKslc4cb3c8e
-------\Service_MpKsle967e538
-------\Service_MpKsle9f37396
-------\Service_MpKslf997ae43
-------\Service_MpKslf9ecf4fa
-------\Service_MpKslfeb60d99
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\apache2triad\AppData\Local\temp
2012-01-07 19:24 . 2012-01-07 19:48 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\offreg.dll
2012-01-07 18:23 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(664)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(3892)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\bgsvcgen.exe
c:\program files\Connectify\ConnectifyD.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 20:55:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 19:55
ComboFix2.txt 2012-01-07 17:57
.
Před spuštěním: Volných bajtů: 28 044 091 392
Po spuštění: Volných bajtů: 27 266 420 736
.
- - End Of File - - 0DAA8A3DE18BA419E0A30AB263FB54DA
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1593 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL080EEA60
-------\Legacy_MPKSL10B8EEA0
-------\Legacy_MPKSL1543CB4B
-------\Legacy_MPKSL220E1942
-------\Legacy_MPKSL2B632923
-------\Legacy_MPKSL2BE8AA06
-------\Legacy_MPKSL33AE3B96
-------\Legacy_MPKSL3718B0F7
-------\Legacy_MPKSL3903F0C7
-------\Legacy_MPKSL3D91A0BD
-------\Legacy_MPKSL4018F447
-------\Legacy_MPKSL4CC7960E
-------\Legacy_MPKSL4D2CF189
-------\Legacy_MPKSL54BC6513
-------\Legacy_MPKSL5606A5AD
-------\Legacy_MPKSL5754BC2E
-------\Legacy_MPKSL5A54D120
-------\Legacy_MPKSL64AA7E23
-------\Legacy_MPKSL69A770F3
-------\Legacy_MPKSL6C9723EB
-------\Legacy_MPKSL769DD55A
-------\Legacy_MPKSL7C4D08BE
-------\Legacy_MPKSL7CEE9B88
-------\Legacy_MPKSL7F053A4A
-------\Legacy_MPKSL87100A88
-------\Legacy_MPKSL98A15F0A
-------\Legacy_MPKSL9B796518
-------\Legacy_MPKSLA5C5F999
-------\Legacy_MPKSLA5FC5FBD
-------\Legacy_MPKSLAA409869
-------\Legacy_MPKSLBADC68E4
-------\Legacy_MPKSLBE025C58
-------\Legacy_MPKSLBFE38058
-------\Legacy_MPKSLC4CB3C8E
-------\Legacy_MPKSLE967E538
-------\Legacy_MPKSLE9F37396
-------\Legacy_MPKSLF997AE43
-------\Legacy_MPKSLF9ECF4FA
-------\Legacy_MPKSLFEB60D99
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_MpKsl080eea60
-------\Service_MpKsl10b8eea0
-------\Service_MpKsl1543cb4b
-------\Service_MpKsl220e1942
-------\Service_MpKsl2b632923
-------\Service_MpKsl2be8aa06
-------\Service_MpKsl33ae3b96
-------\Service_MpKsl3718b0f7
-------\Service_MpKsl3903f0c7
-------\Service_MpKsl3d91a0bd
-------\Service_MpKsl4018f447
-------\Service_MpKsl4cc7960e
-------\Service_MpKsl4d2cf189
-------\Service_MpKsl54bc6513
-------\Service_MpKsl5606a5ad
-------\Service_MpKsl5754bc2e
-------\Service_MpKsl5a54d120
-------\Service_MpKsl64aa7e23
-------\Service_MpKsl69a770f3
-------\Service_MpKsl6c9723eb
-------\Service_MpKsl769dd55a
-------\Service_MpKsl77baeb29
-------\Service_MpKsl7c4d08be
-------\Service_MpKsl7cee9b88
-------\Service_MpKsl7f053a4a
-------\Service_MpKsl87100a88
-------\Service_MpKsl98a15f0a
-------\Service_MpKsl9b796518
-------\Service_MpKsla5c5f999
-------\Service_MpKsla5fc5fbd
-------\Service_MpKslaa409869
-------\Service_MpKslbadc68e4
-------\Service_MpKslbe025c58
-------\Service_MpKslbfe38058
-------\Service_MpKslc4cb3c8e
-------\Service_MpKsle967e538
-------\Service_MpKsle9f37396
-------\Service_MpKslf997ae43
-------\Service_MpKslf9ecf4fa
-------\Service_MpKslfeb60d99
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-07 19:46 . 2012-01-07 19:46 -------- d-----w- c:\users\apache2triad\AppData\Local\temp
2012-01-07 19:24 . 2012-01-07 19:48 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\offreg.dll
2012-01-07 18:23 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71121A02-C93D-454B-80DF-6D77B261DA80}\mpengine.dll
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-06 18:31 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-06 18:31 . 2012-01-06 18:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-06 06:11 . 2012-01-06 06:12 -------- d-----w- c:\program files\trend micro
2012-01-01 10:25 . 2012-01-01 10:25 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-01 10:25 . 2012-01-01 10:25 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-01 10:25 . 2012-01-01 10:25 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-01 10:25 . 2012-01-01 10:25 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-29 14:15 . 2011-12-29 14:15 -------- d-----w- c:\program files\Wireshark
2011-12-28 10:51 . 2012-01-01 11:50 -------- d-----w- c:\users\Honza\AppData\Local\GrooveWalrus
2011-12-28 10:51 . 2012-01-06 16:55 -------- d-----w- c:\users\Honza\AppData\Roaming\GrooveWalrus
2011-12-27 14:42 . 2011-12-27 14:43 -------- d-----w- c:\programdata\Freemake
2011-12-27 14:42 . 2011-12-27 14:42 -------- d-----w- c:\program files\Freemake
2011-12-25 13:20 . 2011-12-31 12:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Mp3tag
2011-12-25 13:19 . 2011-12-25 13:20 -------- d-----w- c:\program files\Mp3tag
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\programdata\NCH Software
2011-12-25 12:25 . 2011-12-25 12:25 -------- d-----w- c:\users\Honza\AppData\Roaming\NCH Software
2011-12-25 11:24 . 2011-12-25 11:24 -------- d-----w- c:\users\Honza\AppData\Roaming\ID3 renamer
2011-12-23 08:59 . 2011-12-23 08:59 -------- d-----w- c:\program files\LightScribe
2011-12-23 08:57 . 2011-12-23 08:57 -------- d-----w- c:\program files\LightScribe Template Labeler
2011-12-19 15:01 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-19 14:59 . 2010-09-22 16:47 112056 ------w- c:\windows\system32\acaptuser32.dll
2011-12-19 12:36 . 2011-12-19 12:45 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2011-12-19 10:15 . 2011-12-19 10:15 -------- d-----w- c:\programdata\Martau
2011-12-19 10:15 . 2011-12-19 10:52 -------- d-----w- c:\program files\Total Uninstall 5
2011-12-16 16:54 . 2005-08-03 15:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2011-12-16 16:54 . 2005-08-03 15:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2011-12-15 16:18 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-15 05:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 05:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 05:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 05:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 05:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-15 05:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\programdata\PlotSoft
2011-12-13 12:36 . 2011-12-13 12:36 -------- d-----w- c:\program files\PlotSoft
2011-12-10 09:13 . 2012-01-04 18:00 -------- d-----w- c:\users\Helenka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 10:27 . 2011-05-20 18:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-29 15:10 . 2011-11-29 15:10 679936 ----a-w- c:\windows\system32\Fliqlo.scr
2011-11-29 15:04 . 2011-11-29 15:04 201728 ----a-w- c:\windows\system32\PolarClock3.scr
2011-11-21 10:47 . 2010-04-01 18:20 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 12:42 . 2011-11-09 09:43 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-04 12:42 . 2011-11-09 09:43 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:03 . 2011-10-11 09:04 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42CAD8DB-97AF-4525-95CC-C8F3AE3BE9BE}\gapaengine.dll
2008-02-07 20:46 . 2008-02-07 20:46 13624 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-02-07 20:46 . 2008-02-07 20:46 87360 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-02-07 20:46 . 2008-02-07 20:46 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-02-07 20:46 . 2008-02-07 20:46 21824 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-02-07 20:46 . 2008-02-07 20:46 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-02-07 20:46 . 2008-02-07 20:46 31544 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-02-07 20:46 . 2008-02-07 20:46 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2007-03-16 16:27 . 2007-03-16 16:27 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2007-03-16 16:27 . 2007-03-16 16:27 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2007-03-16 16:27 . 2007-03-16 16:27 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-07-20 11:47 . 2007-07-20 11:47 981170 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-02-07 20:46 . 2008-02-07 20:46 24384 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-01-01 10:25 . 2011-03-22 14:30 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="c:\program files\NirSoft\Volumouse\volumouse.exe" [2009-08-05 33280]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-11-19 2500424]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
"googletalk"="c:\users\Honza\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Connectify"="c:\program files\Connectify\Connectify.exe" [2011-12-01 3073864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
USBDeview.exe – zástupce.lnk - c:\programy\usbdeview\USBDeview.exe [2012-1-2 54272]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-15 813584]
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2011-11-27 1703936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kerio VPN Client]
2011-04-21 05:52 5291656 ----a-w- c:\program files\Kerio\VPN Client\kvpncgui.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 ALSysIO;ALSysIO;c:\users\Honza\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 243712]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2004-11-18 45534]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1343400]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2003-12-09 10368]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-07-21 51144]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-13 691696]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2011-09-27 27248]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2011-04-21 1105544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-07-21 392224]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 243712]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-10-25 33328]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2009-06-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2009-06-17 10384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2011-08-03 7517696]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-28 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 17:46]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job
- c:\users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-13 14:02]
.
2012-01-07 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2011-06-17 15:05]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download All by ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.107.4.100 10.107.4.129 10.107.3.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\kok8xcr4.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.kundrt.net
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(664)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(3892)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\bgsvcgen.exe
c:\program files\Connectify\ConnectifyD.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\taskhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 20:55:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 19:55
ComboFix2.txt 2012-01-07 17:57
.
Před spuštěním: Volných bajtů: 28 044 091 392
Po spuštění: Volných bajtů: 27 266 420 736
.
- - End Of File - - 0DAA8A3DE18BA419E0A30AB263FB54DA
Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
Stahnete OTM (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:services Lbd ALSysIO :reg [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"=- :files C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job C:\Windows\tasks\RMSchedule.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Kliknete na cervene tlacitko MoveIt!
- Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - pravděpodobné rozesílání spamu
All processes killed
========== SERVICES/DRIVERS ==========
Service Lbd stopped successfully!
Service Lbd deleted successfully!
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
File/Folder C:\Windows\tasks\Ad-Aware Update (Weekly).job not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job moved successfully.
C:\Windows\tasks\RMSchedule.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: apache2triad
->Temp folder emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5407010 bytes
->Java cache emptied: 12642731 bytes
->FireFox cache emptied: 75845101 bytes
->Flash cache emptied: 792 bytes
User: Helenka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Honza
->Temp folder emptied: 9177 bytes
->Temporary Internet Files folder emptied: 16750683 bytes
->Java cache emptied: 90529973 bytes
->FireFox cache emptied: 66306438 bytes
->Google Chrome cache emptied: 266300995 bytes
->Flash cache emptied: 10721 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19760 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 509,00 mb
[EMPTYFLASH]
User: All Users
User: apache2triad
User: Default
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: Helenka
User: Honza
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 01082012_105917
========== SERVICES/DRIVERS ==========
Service Lbd stopped successfully!
Service Lbd deleted successfully!
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
File/Folder C:\Windows\tasks\Ad-Aware Update (Weekly).job not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780514246-760772951-711389242-1000UA.job moved successfully.
C:\Windows\tasks\RMSchedule.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: apache2triad
->Temp folder emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5407010 bytes
->Java cache emptied: 12642731 bytes
->FireFox cache emptied: 75845101 bytes
->Flash cache emptied: 792 bytes
User: Helenka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Honza
->Temp folder emptied: 9177 bytes
->Temporary Internet Files folder emptied: 16750683 bytes
->Java cache emptied: 90529973 bytes
->FireFox cache emptied: 66306438 bytes
->Google Chrome cache emptied: 266300995 bytes
->Flash cache emptied: 10721 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19760 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 509,00 mb
[EMPTYFLASH]
User: All Users
User: apache2triad
User: Default
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: Helenka
User: Honza
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 01082012_105917
Přispějete na provoz fóra?