- chyba.png (52.91 KiB) Zobrazeno 3862 x
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nepodařilo se obnovit windows do dřívějšího stavu
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Nepodařilo se obnovit windows do dřívějšího stavu
Od včerejška mě notebook začal trochu zlobit a některé programy nechtěli komunikovat. Nevěnoval sem tomu tak velkou pozornost, až večer jsem se rozhodl že vrátím systém zpět ale marně. Vždy po pokusu obnovit systém my naběhne toto:
Co se týče té kontroly c běžela celou noc. Jěště taková malá věc nevím jestli to má spojitost, ale na disku c kde by měla být zobrazena ikonka systému nic není a disk se jeví jako obyčejné datové ůložiště. Jinak provádím scan: MBAM a také jsem dal test antivirem, dále jsem spustil nástroj na kontrolu systému. Možná sem tento problém vůbec nepatří ale i přez to ta každou radu děkuji
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Zdravím 
tady to je:----------------------------------------------------------------------------
CrystalDiskInfo 4.3.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/03/23 19:06:11
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- WDC WD5000BEVT-80A0RT0
- Optiarc DVD RW AD-7580S
+ ATA Channel 0 (0) [ATA]
- ERYL 0HU7GDQ ATA Device
- ATA Channel 1 (1) [ATA]
+ A2OAVU3E IDE Controller [SCSI]
- NUDSLY ZSLYJ4DENG SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-80A0RT0 : 500.1 GB [0-0-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD5000BEVT-80A0RT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-80A0RT0
Firmware : 01.01A01
Serial Number : WD-WX21A20V7405
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 5200 hod.
Power On Count : 1372 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 186 152 _21 00000000067A Čas na roztočení ploten
04 _96 _96 __0 000000001033 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _93 _93 __0 000000001450 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000055C Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000DCD Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000050 Počet vypnutí disku
C1 128 128 __0 000000035621 Počet cyklů načítání/vymazání
C2 118 101 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4132 4132 3056 3734 3035
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D38 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0041
090: 0041 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 596A 69A8 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C7A5
tady to je:----------------------------------------------------------------------------CrystalDiskInfo 4.3.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/03/23 19:06:11
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- WDC WD5000BEVT-80A0RT0
- Optiarc DVD RW AD-7580S
+ ATA Channel 0 (0) [ATA]
- ERYL 0HU7GDQ ATA Device
- ATA Channel 1 (1) [ATA]
+ A2OAVU3E IDE Controller [SCSI]
- NUDSLY ZSLYJ4DENG SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-80A0RT0 : 500.1 GB [0-0-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD5000BEVT-80A0RT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-80A0RT0
Firmware : 01.01A01
Serial Number : WD-WX21A20V7405
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 5200 hod.
Power On Count : 1372 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 186 152 _21 00000000067A Čas na roztočení ploten
04 _96 _96 __0 000000001033 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _93 _93 __0 000000001450 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000055C Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000DCD Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000050 Počet vypnutí disku
C1 128 128 __0 000000035621 Počet cyklů načítání/vymazání
C2 118 101 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4132 4132 3056 3734 3035
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D38 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0041
090: 0041 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 596A 69A8 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C7A5
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Disk je OK. Zkoušel jste ten checkdisk?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Ano ale bez výsledku stále to nejde obnovit. Jinak mi dvakrát hlásila Avira zřejmě nějaký virus nevím jestli to může mít spojitost:nevím přesně ale něco ve smyslu trayagent sysWOW64 ale nevím jestli to byla jen falešná detekce či o co de 
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2012-03-23 20:36:41
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 191 GB (75%) free of 256 GB
Total RAM: 4061 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:49, on 23.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~2\Yzshadow\YzShadow.exe
C:\PROGRA~2\VirtuaWin\VirtuaWin.exe
C:\PROGRA~2\VirtuaWin\modules\WinList.exe
H:\DesktopOK.exe
C:\Program Files (x86)\HD Tune\HDTune.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Martin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Users\Martin\AppData\Local\Seznam.cz\bin\core.4.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [sllaunch] C:\Windows\SysWOW64\sllaunch.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [slwc] C:\Windows\SysWOW64\\slwc.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS3\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: Brána aplikační vrstvy (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12289 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\alg.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe"
C:\Windows\system32\mqsvc.exe
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\System32\svchost.exe -k PeerDist
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000744
\??\C:\Windows\system32\conhost.exe "1044234095-2137635029-678803607-1921117592-19188335703432899061567318859366482489
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {3B55A6D1-B1B7-4B57-B359-88C6D56731DC}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2116
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRA~2\Yzshadow\YzShadow.exe"
"C:\PROGRA~2\VirtuaWin\VirtuaWin.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\VirtuaWin\modules\WinList.exe" -module
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"H:\DesktopOK.exe"
"C:\Program Files (x86)\HD Tune\HDTune.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Martin\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RMSchedule.job
C:\Windows\tasks\SlimDrivers Startup.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default
prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
webbooster@iminent.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\searchplugins\
avg-secure-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-01-21 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Users\Martin\AppData\Local\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-13 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-13 386840]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 9569096]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"slwc"=C:\Windows\SysWOW64\\slwc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2000-01-01 4935792]
"sllaunch"=C:\Windows\SysWOW64\sllaunch.exe [2010-10-16 145843]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-02-03 103896]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BlueSoleil.lnk - C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-01-21 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-03-23 19:11:33 ----D---- C:\Program Files (x86)\HD Tune
2012-03-23 17:10:28 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2012-03-23 16:39:39 ----D---- C:\Program Files (x86)\Yzshadow
2012-03-23 16:39:38 ----D---- C:\Program Files (x86)\VirtuaWin
2012-03-23 16:39:36 ----D---- C:\Program Files (x86)\UberIcon
2012-03-23 16:39:28 ----D---- C:\Program Files (x86)\RocketDock
2012-03-22 19:06:26 ----D---- C:\Users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VcommMgr.sys
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VComm.sys
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VBTEnum.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\VHIDMini.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BTNetFilter.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BtNetDrv.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BTHidMgr.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\btcusb.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\blueletaudio.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\btinstall.dll
2012-03-22 12:30:53 ----D---- C:\Program Files (x86)\IVT Corporation
2012-03-22 11:28:16 ----D---- C:\ProgramData\Bluetooth
2012-03-22 10:21:10 ----A---- C:\Windows\system32\TURegOpt.exe
2012-03-22 10:21:09 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2012-03-22 10:21:09 ----A---- C:\Windows\system32\authuitu.dll
2012-03-22 10:20:31 ----D---- C:\Program Files (x86)\TuneUp Utilities 2012
2012-03-20 23:02:03 ----D---- C:\Users\Martin\AppData\Roaming\TeamViewer
2012-03-20 22:51:09 ----D---- C:\Program Files (x86)\TeamViewer
2012-03-17 09:20:24 ----D---- C:\rsit
2012-03-14 17:48:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 17:48:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 17:48:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-14 17:48:36 ----AH---- C:\Windows\msds.dat
2012-03-14 17:48:22 ----D---- C:\vag2084
2012-03-14 17:47:24 ----D---- C:\Program Files (x86)\OBD-DIAG
2012-03-14 17:39:50 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 17:39:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 17:39:49 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 17:08:57 ----D---- C:\Program Files (x86)\WinTuning 7
2012-03-14 10:34:44 ----A---- C:\Windows\system32\rdpcorets.dll
2012-03-14 10:34:43 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 10:34:43 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-11 22:15:26 ----D---- C:\Windows\temp
2012-03-11 22:05:34 ----SHD---- C:\$RECYCLE.BIN
2012-03-11 21:35:25 ----D---- C:\Qoobox
2012-03-11 21:27:27 ----D---- C:\Windows\system32\msmq
2012-03-11 21:27:22 ----D---- C:\inetpub
2012-03-09 09:03:07 ----D---- C:\found.000
2012-03-06 23:05:22 ----D---- C:\MFT 3407
2012-03-06 22:50:55 ----D---- C:\Users\Martin\AppData\Roaming\AVG
2012-03-03 18:35:40 ----D---- C:\Users\Martin\AppData\Roaming\Avira
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-03-03 18:33:46 ----D---- C:\ProgramData\Avira
2012-03-03 18:33:46 ----D---- C:\Program Files (x86)\Avira
2012-03-03 18:22:41 ----D---- C:\ProgramData\CPA_VA
2012-03-03 18:16:38 ----D---- C:\ProgramData\Comodo
2012-03-03 18:16:35 ----D---- C:\Program Files\COMODO
2012-03-03 18:16:30 ----D---- C:\Program Files (x86)\Comodo
2012-03-03 18:16:28 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2012-03-03 18:16:28 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2012-02-27 21:53:09 ----D---- C:\Users\Martin\AppData\Roaming\CheckPoint
2012-02-27 21:52:22 ----D---- C:\Program Files\CheckPoint
2012-02-27 21:52:15 ----D---- C:\ProgramData\CheckPoint
2012-02-27 21:52:06 ----D---- C:\Program Files (x86)\CheckPoint
2012-02-27 20:51:09 ----D---- C:\My Backups
2012-02-27 20:51:04 ----A---- C:\Windows\system32\drivers\EuFdDisk.sys
2012-02-27 20:51:04 ----A---- C:\Windows\system32\drivers\eudskacs.sys
2012-02-27 20:51:03 ----A---- C:\Windows\system32\drivers\EUBKMON.sys
2012-02-27 20:51:03 ----A---- C:\Windows\system32\drivers\eubakup.sys
2012-02-27 20:15:09 ----D---- C:\Program Files (x86)\EASEUS
2012-02-27 19:57:42 ----A---- C:\Nový svazek (E) – zástupce.lnk
2012-02-26 20:02:59 ----D---- C:\Users\Martin\AppData\Roaming\DivX
2012-02-26 20:02:17 ----D---- C:\Program Files\DivX
2012-02-26 20:01:58 ----A---- C:\Windows\SYSWOW64\msxml.dll
2012-02-26 20:01:58 ----A---- C:\Windows\system32\CleanMFT64.exe
2012-02-26 20:01:54 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2012-02-26 19:59:28 ----D---- C:\Program Files (x86)\DivX
2012-02-26 19:57:59 ----D---- C:\ProgramData\DivX
2012-02-26 19:49:32 ----D---- C:\Program Files (x86)\Win7codecs
2012-02-26 19:48:16 ----D---- C:\ProgramData\Win7codecs
2012-02-24 16:42:08 ----A---- C:\Windows\NeroDigital.ini
======List of files/folders modified in the last 1 month======
2012-03-23 20:36:45 ----D---- C:\Program Files\trend micro
2012-03-23 20:23:23 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2012-03-23 19:11:33 ----RD---- C:\Program Files (x86)
2012-03-23 19:02:49 ----AD---- C:\ProgramData\Temp
2012-03-23 19:00:03 ----D---- C:\Windows\SysWOW64
2012-03-23 17:56:35 ----D---- C:\Windows\System32
2012-03-23 17:56:35 ----D---- C:\Windows\inf
2012-03-23 17:56:35 ----D---- C:\Windows
2012-03-23 17:53:10 ----HD---- C:\Windows\Icons
2012-03-23 17:39:08 ----SHD---- C:\System Volume Information
2012-03-23 17:24:05 ----HD---- C:\ASUS.DAT
2012-03-23 17:23:02 ----D---- C:\Windows\system32\Tasks
2012-03-23 17:21:48 ----D---- C:\Windows\system32\config
2012-03-23 16:42:23 ----D---- C:\SnowFiles
2012-03-23 16:42:13 ----D---- C:\Windows\system32\SLTrans
2012-03-23 16:42:01 ----D---- C:\Program Files\Windows Media Player
2012-03-23 16:41:54 ----D---- C:\Program Files\Windows Sidebar
2012-03-23 16:39:23 ----RSD---- C:\Windows\Media
2012-03-23 16:39:23 ----D---- C:\Windows\Cursors
2012-03-23 16:28:07 ----A---- C:\Windows\system32\themeui.dll
2012-03-23 16:28:07 ----A---- C:\Windows\system32\themeservice.dll
2012-03-23 16:28:06 ----A---- C:\Windows\system32\uxtheme.dll
2012-03-23 16:28:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2012-03-23 16:28:03 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2012-03-23 15:42:36 ----D---- C:\Windows\Prefetch
2012-03-23 15:16:01 ----D---- C:\Windows\winsxs
2012-03-23 09:00:25 ----D---- C:\Windows\Minidump
2012-03-23 08:11:11 ----D---- C:\Windows\system32\catroot2
2012-03-22 19:31:12 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-03-22 19:23:13 ----SHD---- C:\Windows\Installer
2012-03-22 19:23:09 ----D---- C:\Config.Msi
2012-03-22 19:23:02 ----RD---- C:\Program Files (x86)\Skype
2012-03-22 19:23:02 ----D---- C:\Program Files (x86)\Common Files
2012-03-22 19:21:55 ----D---- C:\ProgramData\Skype
2012-03-22 19:07:33 ----D---- C:\Windows\Tasks
2012-03-22 19:06:32 ----SD---- C:\ProgramData\Microsoft
2012-03-22 18:05:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-22 13:49:35 ----D---- C:\Windows\system32\drivers
2012-03-22 12:30:57 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-22 12:01:41 ----D---- C:\Windows\system32\catroot
2012-03-22 12:01:06 ----RD---- C:\Program Files
2012-03-22 12:01:05 ----D---- C:\Windows\system32\DriverStore
2012-03-22 11:58:06 ----D---- C:\Program Files (x86)\Intel
2012-03-22 11:28:16 ----D---- C:\ProgramData
2012-03-22 10:11:02 ----D---- C:\Users\Martin\AppData\Roaming\JAM Software
2012-03-17 21:26:13 ----D---- C:\Windows\system32\wdi
2012-03-17 09:01:39 ----D---- C:\Program Files (x86)\Opera
2012-03-14 18:21:04 ----D---- C:\Windows\system32\LogFiles
2012-03-14 18:17:24 ----D---- C:\Windows\debug
2012-03-14 17:48:36 ----A---- C:\Windows\win.ini
2012-03-14 17:43:06 ----A---- C:\Windows\system32\MRT.exe
2012-03-14 17:42:54 ----D---- C:\ProgramData\Microsoft Help
2012-03-12 16:53:47 ----D---- C:\Windows\rescache
2012-03-11 22:13:20 ----A---- C:\Windows\system32\cmdcsr.dll
2012-03-11 22:13:18 ----A---- C:\Windows\SYSWOW64\guard32.dll
2012-03-11 22:13:17 ----A---- C:\Windows\system32\guard64.dll
2012-03-11 22:05:38 ----A---- C:\Windows\system.ini
2012-03-11 22:05:26 ----D---- C:\Windows\system32\drivers\etc
2012-03-11 21:56:09 ----D---- C:\Windows\AppPatch
2012-03-11 21:56:03 ----D---- C:\Program Files\Common Files
2012-03-11 21:27:30 ----D---- C:\Windows\SYSWOW64\migration
2012-03-11 21:27:30 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\en-US
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-03-11 21:27:27 ----D---- C:\Windows\system32\migration
2012-03-11 21:27:27 ----D---- C:\Windows\system32\inetsrv
2012-03-11 21:27:27 ----D---- C:\Windows\system32\cs-CZ
2012-03-11 21:27:24 ----D---- C:\Windows\system32\pl-PL
2012-03-11 21:27:24 ----D---- C:\Windows\system32\hu-HU
2012-03-11 21:27:24 ----D---- C:\Windows\system32\en-US
2012-03-10 12:22:44 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2012-03-06 22:47:56 ----D---- C:\ProgramData\Norton
2012-03-04 11:02:29 ----D---- C:\Boot
2012-03-03 19:49:29 ----D---- C:\ProgramData\MFAData
2012-03-03 18:21:30 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-03-01 21:37:12 ----D---- C:\Program Files\CCleaner
2012-02-27 21:44:47 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Pro
2012-02-26 11:19:39 ----D---- C:\Windows\system32\wbem
2012-02-26 11:18:47 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-26 11:18:45 ----D---- C:\ProgramData\P4G
2012-02-26 11:18:37 ----D---- C:\Windows\registration
2012-02-24 13:17:21 ----D---- C:\ProgramData\Malwarebytes
2012-02-24 11:32:59 ----D---- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-04-20 35384]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2011-07-27 24456]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-02-20 132704]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 559384]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-02-20 310368]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-21 526392]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-03-11 132320]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-09 27760]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-22 272448]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 93200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-12-09 97312]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 37896]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 37384]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 25360]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 47368]
R3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2010-03-29 64040]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 23152]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248]
R3 VHidMinidrv;Bluetooth HID Device Service; C:\Windows\system32\drivers\VHIDMini.sys [2007-03-05 23184]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2000-01-01 2182768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2010-07-28 476928]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2012-03-22 15672]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 2815496]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
R2 PeerDistSvc;BranchCache; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
R2 Start BT in service;Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2000-01-01 27760]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-27 647680]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-21 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
-----------------EOF-----------------
Run by Martin at 2012-03-23 20:36:41
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 191 GB (75%) free of 256 GB
Total RAM: 4061 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:49, on 23.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~2\Yzshadow\YzShadow.exe
C:\PROGRA~2\VirtuaWin\VirtuaWin.exe
C:\PROGRA~2\VirtuaWin\modules\WinList.exe
H:\DesktopOK.exe
C:\Program Files (x86)\HD Tune\HDTune.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Martin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Users\Martin\AppData\Local\Seznam.cz\bin\core.4.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [sllaunch] C:\Windows\SysWOW64\sllaunch.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [slwc] C:\Windows\SysWOW64\\slwc.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS3\Services\Tcpip\..\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: Brána aplikační vrstvy (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12289 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\alg.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe"
C:\Windows\system32\mqsvc.exe
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\System32\svchost.exe -k PeerDist
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000744
\??\C:\Windows\system32\conhost.exe "1044234095-2137635029-678803607-1921117592-19188335703432899061567318859366482489
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {3B55A6D1-B1B7-4B57-B359-88C6D56731DC}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2116
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRA~2\Yzshadow\YzShadow.exe"
"C:\PROGRA~2\VirtuaWin\VirtuaWin.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\VirtuaWin\modules\WinList.exe" -module
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"H:\DesktopOK.exe"
"C:\Program Files (x86)\HD Tune\HDTune.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Martin\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RMSchedule.job
C:\Windows\tasks\SlimDrivers Startup.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default
prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
webbooster@iminent.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\searchplugins\
avg-secure-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-01-21 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Users\Martin\AppData\Local\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-13 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-13 386840]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 9569096]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"slwc"=C:\Windows\SysWOW64\\slwc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2000-01-01 4935792]
"sllaunch"=C:\Windows\SysWOW64\sllaunch.exe [2010-10-16 145843]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-02-03 103896]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BlueSoleil.lnk - C:\Program Files (x86)\IVT Corporation\BlueSoleil\gprs.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-01-21 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-03-23 19:11:33 ----D---- C:\Program Files (x86)\HD Tune
2012-03-23 17:10:28 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2012-03-23 16:39:39 ----D---- C:\Program Files (x86)\Yzshadow
2012-03-23 16:39:38 ----D---- C:\Program Files (x86)\VirtuaWin
2012-03-23 16:39:36 ----D---- C:\Program Files (x86)\UberIcon
2012-03-23 16:39:28 ----D---- C:\Program Files (x86)\RocketDock
2012-03-22 19:06:26 ----D---- C:\Users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VcommMgr.sys
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VComm.sys
2012-03-22 12:31:02 ----A---- C:\Windows\system32\drivers\VBTEnum.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\VHIDMini.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BTNetFilter.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BtNetDrv.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BTHidMgr.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\btcusb.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\drivers\blueletaudio.sys
2012-03-22 12:31:01 ----A---- C:\Windows\system32\btinstall.dll
2012-03-22 12:30:53 ----D---- C:\Program Files (x86)\IVT Corporation
2012-03-22 11:28:16 ----D---- C:\ProgramData\Bluetooth
2012-03-22 10:21:10 ----A---- C:\Windows\system32\TURegOpt.exe
2012-03-22 10:21:09 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2012-03-22 10:21:09 ----A---- C:\Windows\system32\authuitu.dll
2012-03-22 10:20:31 ----D---- C:\Program Files (x86)\TuneUp Utilities 2012
2012-03-20 23:02:03 ----D---- C:\Users\Martin\AppData\Roaming\TeamViewer
2012-03-20 22:51:09 ----D---- C:\Program Files (x86)\TeamViewer
2012-03-17 09:20:24 ----D---- C:\rsit
2012-03-14 17:48:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 17:48:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 17:48:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-14 17:48:36 ----AH---- C:\Windows\msds.dat
2012-03-14 17:48:22 ----D---- C:\vag2084
2012-03-14 17:47:24 ----D---- C:\Program Files (x86)\OBD-DIAG
2012-03-14 17:39:50 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 17:39:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 17:39:49 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 17:08:57 ----D---- C:\Program Files (x86)\WinTuning 7
2012-03-14 10:34:44 ----A---- C:\Windows\system32\rdpcorets.dll
2012-03-14 10:34:43 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 10:34:43 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 10:34:43 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-11 22:15:26 ----D---- C:\Windows\temp
2012-03-11 22:05:34 ----SHD---- C:\$RECYCLE.BIN
2012-03-11 21:35:25 ----D---- C:\Qoobox
2012-03-11 21:27:27 ----D---- C:\Windows\system32\msmq
2012-03-11 21:27:22 ----D---- C:\inetpub
2012-03-09 09:03:07 ----D---- C:\found.000
2012-03-06 23:05:22 ----D---- C:\MFT 3407
2012-03-06 22:50:55 ----D---- C:\Users\Martin\AppData\Roaming\AVG
2012-03-03 18:35:40 ----D---- C:\Users\Martin\AppData\Roaming\Avira
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-03-03 18:33:47 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-03-03 18:33:46 ----D---- C:\ProgramData\Avira
2012-03-03 18:33:46 ----D---- C:\Program Files (x86)\Avira
2012-03-03 18:22:41 ----D---- C:\ProgramData\CPA_VA
2012-03-03 18:16:38 ----D---- C:\ProgramData\Comodo
2012-03-03 18:16:35 ----D---- C:\Program Files\COMODO
2012-03-03 18:16:30 ----D---- C:\Program Files (x86)\Comodo
2012-03-03 18:16:28 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2012-03-03 18:16:28 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2012-02-27 21:53:09 ----D---- C:\Users\Martin\AppData\Roaming\CheckPoint
2012-02-27 21:52:22 ----D---- C:\Program Files\CheckPoint
2012-02-27 21:52:15 ----D---- C:\ProgramData\CheckPoint
2012-02-27 21:52:06 ----D---- C:\Program Files (x86)\CheckPoint
2012-02-27 20:51:09 ----D---- C:\My Backups
2012-02-27 20:51:04 ----A---- C:\Windows\system32\drivers\EuFdDisk.sys
2012-02-27 20:51:04 ----A---- C:\Windows\system32\drivers\eudskacs.sys
2012-02-27 20:51:03 ----A---- C:\Windows\system32\drivers\EUBKMON.sys
2012-02-27 20:51:03 ----A---- C:\Windows\system32\drivers\eubakup.sys
2012-02-27 20:15:09 ----D---- C:\Program Files (x86)\EASEUS
2012-02-27 19:57:42 ----A---- C:\Nový svazek (E) – zástupce.lnk
2012-02-26 20:02:59 ----D---- C:\Users\Martin\AppData\Roaming\DivX
2012-02-26 20:02:17 ----D---- C:\Program Files\DivX
2012-02-26 20:01:58 ----A---- C:\Windows\SYSWOW64\msxml.dll
2012-02-26 20:01:58 ----A---- C:\Windows\system32\CleanMFT64.exe
2012-02-26 20:01:54 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2012-02-26 19:59:28 ----D---- C:\Program Files (x86)\DivX
2012-02-26 19:57:59 ----D---- C:\ProgramData\DivX
2012-02-26 19:49:32 ----D---- C:\Program Files (x86)\Win7codecs
2012-02-26 19:48:16 ----D---- C:\ProgramData\Win7codecs
2012-02-24 16:42:08 ----A---- C:\Windows\NeroDigital.ini
======List of files/folders modified in the last 1 month======
2012-03-23 20:36:45 ----D---- C:\Program Files\trend micro
2012-03-23 20:23:23 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2012-03-23 19:11:33 ----RD---- C:\Program Files (x86)
2012-03-23 19:02:49 ----AD---- C:\ProgramData\Temp
2012-03-23 19:00:03 ----D---- C:\Windows\SysWOW64
2012-03-23 17:56:35 ----D---- C:\Windows\System32
2012-03-23 17:56:35 ----D---- C:\Windows\inf
2012-03-23 17:56:35 ----D---- C:\Windows
2012-03-23 17:53:10 ----HD---- C:\Windows\Icons
2012-03-23 17:39:08 ----SHD---- C:\System Volume Information
2012-03-23 17:24:05 ----HD---- C:\ASUS.DAT
2012-03-23 17:23:02 ----D---- C:\Windows\system32\Tasks
2012-03-23 17:21:48 ----D---- C:\Windows\system32\config
2012-03-23 16:42:23 ----D---- C:\SnowFiles
2012-03-23 16:42:13 ----D---- C:\Windows\system32\SLTrans
2012-03-23 16:42:01 ----D---- C:\Program Files\Windows Media Player
2012-03-23 16:41:54 ----D---- C:\Program Files\Windows Sidebar
2012-03-23 16:39:23 ----RSD---- C:\Windows\Media
2012-03-23 16:39:23 ----D---- C:\Windows\Cursors
2012-03-23 16:28:07 ----A---- C:\Windows\system32\themeui.dll
2012-03-23 16:28:07 ----A---- C:\Windows\system32\themeservice.dll
2012-03-23 16:28:06 ----A---- C:\Windows\system32\uxtheme.dll
2012-03-23 16:28:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2012-03-23 16:28:03 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2012-03-23 15:42:36 ----D---- C:\Windows\Prefetch
2012-03-23 15:16:01 ----D---- C:\Windows\winsxs
2012-03-23 09:00:25 ----D---- C:\Windows\Minidump
2012-03-23 08:11:11 ----D---- C:\Windows\system32\catroot2
2012-03-22 19:31:12 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-03-22 19:23:13 ----SHD---- C:\Windows\Installer
2012-03-22 19:23:09 ----D---- C:\Config.Msi
2012-03-22 19:23:02 ----RD---- C:\Program Files (x86)\Skype
2012-03-22 19:23:02 ----D---- C:\Program Files (x86)\Common Files
2012-03-22 19:21:55 ----D---- C:\ProgramData\Skype
2012-03-22 19:07:33 ----D---- C:\Windows\Tasks
2012-03-22 19:06:32 ----SD---- C:\ProgramData\Microsoft
2012-03-22 18:05:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-22 13:49:35 ----D---- C:\Windows\system32\drivers
2012-03-22 12:30:57 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-22 12:01:41 ----D---- C:\Windows\system32\catroot
2012-03-22 12:01:06 ----RD---- C:\Program Files
2012-03-22 12:01:05 ----D---- C:\Windows\system32\DriverStore
2012-03-22 11:58:06 ----D---- C:\Program Files (x86)\Intel
2012-03-22 11:28:16 ----D---- C:\ProgramData
2012-03-22 10:11:02 ----D---- C:\Users\Martin\AppData\Roaming\JAM Software
2012-03-17 21:26:13 ----D---- C:\Windows\system32\wdi
2012-03-17 09:01:39 ----D---- C:\Program Files (x86)\Opera
2012-03-14 18:21:04 ----D---- C:\Windows\system32\LogFiles
2012-03-14 18:17:24 ----D---- C:\Windows\debug
2012-03-14 17:48:36 ----A---- C:\Windows\win.ini
2012-03-14 17:43:06 ----A---- C:\Windows\system32\MRT.exe
2012-03-14 17:42:54 ----D---- C:\ProgramData\Microsoft Help
2012-03-12 16:53:47 ----D---- C:\Windows\rescache
2012-03-11 22:13:20 ----A---- C:\Windows\system32\cmdcsr.dll
2012-03-11 22:13:18 ----A---- C:\Windows\SYSWOW64\guard32.dll
2012-03-11 22:13:17 ----A---- C:\Windows\system32\guard64.dll
2012-03-11 22:05:38 ----A---- C:\Windows\system.ini
2012-03-11 22:05:26 ----D---- C:\Windows\system32\drivers\etc
2012-03-11 21:56:09 ----D---- C:\Windows\AppPatch
2012-03-11 21:56:03 ----D---- C:\Program Files\Common Files
2012-03-11 21:27:30 ----D---- C:\Windows\SYSWOW64\migration
2012-03-11 21:27:30 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\en-US
2012-03-11 21:27:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-03-11 21:27:27 ----D---- C:\Windows\system32\migration
2012-03-11 21:27:27 ----D---- C:\Windows\system32\inetsrv
2012-03-11 21:27:27 ----D---- C:\Windows\system32\cs-CZ
2012-03-11 21:27:24 ----D---- C:\Windows\system32\pl-PL
2012-03-11 21:27:24 ----D---- C:\Windows\system32\hu-HU
2012-03-11 21:27:24 ----D---- C:\Windows\system32\en-US
2012-03-10 12:22:44 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2012-03-06 22:47:56 ----D---- C:\ProgramData\Norton
2012-03-04 11:02:29 ----D---- C:\Boot
2012-03-03 19:49:29 ----D---- C:\ProgramData\MFAData
2012-03-03 18:21:30 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-03-01 21:37:12 ----D---- C:\Program Files\CCleaner
2012-02-27 21:44:47 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Pro
2012-02-26 11:19:39 ----D---- C:\Windows\system32\wbem
2012-02-26 11:18:47 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-26 11:18:45 ----D---- C:\ProgramData\P4G
2012-02-26 11:18:37 ----D---- C:\Windows\registration
2012-02-24 13:17:21 ----D---- C:\ProgramData\Malwarebytes
2012-02-24 11:32:59 ----D---- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-04-20 35384]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2011-07-27 24456]
R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 24976]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 49680]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-02-20 132704]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 559384]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-02-20 310368]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-21 526392]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-03-11 132320]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-09 27760]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-22 272448]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 93200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-12-09 97312]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 37896]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 37384]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 25360]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 47368]
R3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2010-03-29 64040]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 23152]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 47120]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 63248]
R3 VHidMinidrv;Bluetooth HID Device Service; C:\Windows\system32\drivers\VHIDMini.sys [2007-03-05 23184]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2000-01-01 2182768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2010-07-28 476928]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2012-03-22 15672]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [2008-03-19 166520]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 2815496]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
R2 PeerDistSvc;BranchCache; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
R2 Start BT in service;Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2000-01-01 27760]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-27 647680]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-21 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
-----------------EOF-----------------
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Šmejda tam vidím. Dejte log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
ComboFix 12-03-22.01 - Martin 23.03.2012 21:27:38.6.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.1482 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-23 do 2012-03-23 )))))))))))))))))))))))))))))))
.
.
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-03-23 16:39 . 2012-03-23 16:39 512 ----a-w- C:\PhysicalMBR.bin
2012-03-23 16:10 . 2012-03-23 16:20 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\Yzshadow
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\VirtuaWin
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\UberIcon
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\RocketDock
2012-03-22 18:23 . 2012-03-22 18:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-22 18:06 . 2012-03-22 18:06 -------- d-----w- c:\users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 11:31 . 2007-03-05 19:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-03-22 11:31 . 2007-03-05 19:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-03-22 11:31 . 2007-03-05 19:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-03-22 11:31 . 2007-06-24 20:56 47368 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-03-22 11:31 . 2007-06-24 20:56 37384 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 37896 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 16392 ----a-w- c:\windows\system32\btinstall.dll
2012-03-22 11:31 . 2007-03-05 19:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-03-22 11:31 . 2007-03-05 19:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-03-22 11:31 . 2007-03-05 19:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-03-22 11:31 . 2006-10-09 14:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-03-22 11:30 . 2012-03-22 11:30 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-03-22 10:28 . 2012-03-22 11:34 -------- d-----w- c:\programdata\Bluetooth
2012-03-22 09:21 . 2011-11-18 13:37 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-03-22 09:21 . 2011-11-18 13:37 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-03-22 09:21 . 2011-11-18 13:37 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-03-22 09:20 . 2012-03-22 09:21 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-03-20 22:02 . 2012-03-22 08:34 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2012-03-20 21:51 . 2012-03-20 21:51 -------- d-----w- c:\program files (x86)\TeamViewer
2012-03-17 08:20 . 2012-03-23 19:36 -------- d-----w- C:\rsit
2012-03-14 16:48 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:48 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:48 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:48 . 2012-03-14 16:48 -------- d-----w- C:\vag2084
2012-03-14 16:47 . 2012-03-14 16:47 -------- d-----w- c:\program files (x86)\OBD-DIAG
2012-03-14 16:39 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 16:39 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 16:39 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 16:17 . 2012-03-14 17:17 -------- dc----w- c:\users\Martin\AppData\Local\MigWiz
2012-03-14 16:08 . 2012-03-14 16:28 -------- d-----w- c:\program files (x86)\WinTuning 7
2012-03-14 09:34 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 09:34 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:34 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:34 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:34 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:34 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-11 20:27 . 2012-03-23 16:22 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- c:\windows\system32\msmq
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- C:\inetpub
2012-03-09 08:03 . 2012-03-09 08:03 -------- d-----w- C:\found.000
2012-03-06 22:05 . 2012-03-06 22:05 -------- d-----w- C:\MFT 3407
2012-03-06 21:50 . 2012-03-06 21:50 -------- d-----w- c:\users\Martin\AppData\Roaming\AVG
2012-03-06 07:39 . 2012-03-06 07:39 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-03 17:35 . 2012-03-03 17:35 -------- d-----w- c:\users\Martin\AppData\Roaming\Avira
2012-03-03 17:33 . 2012-03-11 17:58 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-03 17:33 . 2011-12-09 11:40 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-03 17:33 . 2011-12-09 11:40 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-03 17:33 . 2012-03-11 17:56 -------- d-----w- c:\programdata\Avira
2012-03-03 17:33 . 2012-03-03 17:33 -------- d-----w- c:\program files (x86)\Avira
2012-03-03 17:23 . 2012-03-20 09:11 -------- d-----w- c:\users\Martin\AppData\Local\Comodo
2012-03-03 17:22 . 2012-03-20 09:08 -------- d-----w- c:\programdata\CPA_VA
2012-03-03 17:16 . 2012-03-03 20:30 -------- d-----w- c:\programdata\Comodo
2012-03-03 17:16 . 2012-03-20 09:08 -------- d-----w- c:\program files\COMODO
2012-03-03 17:16 . 2012-03-20 09:11 -------- d-----w- c:\program files (x86)\Comodo
2012-03-03 17:16 . 2012-03-03 17:16 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-03-03 17:16 . 2012-03-03 17:16 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-02-27 20:53 . 2012-02-27 20:53 -------- d-----w- c:\users\Martin\AppData\Roaming\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files\CheckPoint
2012-02-27 20:52 . 2012-02-27 20:52 -------- d-----w- c:\programdata\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files (x86)\CheckPoint
2012-02-27 19:51 . 2012-02-27 19:51 -------- d-----w- C:\My Backups
2012-02-27 19:51 . 2011-12-22 22:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-02-27 19:51 . 2011-12-22 22:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-02-27 19:51 . 2011-12-22 22:09 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-02-27 19:51 . 2011-12-22 22:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-02-27 19:15 . 2012-02-27 19:48 -------- d-----w- c:\program files (x86)\EASEUS
2012-02-26 19:05 . 2012-02-26 19:05 -------- d-----w- c:\users\Martin\AppData\Local\DDMSettings
2012-02-26 19:02 . 2012-03-03 20:15 -------- d-----w- c:\users\Martin\AppData\Roaming\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-02-26 19:01 . 2012-02-03 12:35 512472 ----a-w- c:\windows\SysWow64\msxml.dll
2012-02-26 19:01 . 2012-02-03 12:35 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-02-26 19:01 . 2008-04-02 15:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-02-26 19:01 . 2008-04-02 15:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-02-26 19:01 . 2008-04-02 15:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-02-26 19:01 . 2008-09-17 21:17 658432 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-02-26 19:01 . 2012-02-26 19:01 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-02-26 19:01 . 2012-03-22 18:01 -------- d-----w- c:\program files (x86)\PC Tools Registry Mechanic
2012-02-26 18:59 . 2012-02-26 19:03 -------- d-----w- c:\program files (x86)\DivX
2012-02-26 18:57 . 2012-02-26 19:03 -------- d-----w- c:\programdata\DivX
2012-02-26 18:49 . 2012-03-01 20:58 -------- d-----w- c:\program files (x86)\Win7codecs
2012-02-26 18:48 . 2012-03-01 20:58 -------- d-----w- c:\programdata\Win7codecs
2012-02-24 15:45 . 2012-02-24 15:45 -------- d-----w- c:\users\Martin\AppData\Local\Nero_AG
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\MediaGet2
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\Media Get LLC
2012-02-24 10:57 . 2012-02-24 10:59 -------- d-sh--w- c:\users\Martin\AppData\Local\721e063c
2012-02-23 20:31 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 19:41 . 2012-02-23 21:03 -------- d-----r- C:\BOOTWIZ
2012-02-23 19:41 . 2012-02-23 20:47 24576 --sh--r- C:\bootwiz.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-23 15:28 . 2012-01-22 11:48 2851840 ----a-w- c:\windows\system32\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2012-03-23 15:28 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2012-03-23 15:28 . 2012-01-22 11:49 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2012-03-22 12:49 . 2012-02-07 18:21 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-03-13 14:34 . 2012-01-29 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-11 21:13 . 2011-12-19 17:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2012-01-17 20:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-12-19 17:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-12-19 17:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-12-19 17:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-12-19 17:58 389840 ----a-w- c:\windows\system32\guard64.dll
2012-03-06 07:39 . 2012-02-16 07:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-02-21 07:25 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-02-20 21:05 . 2012-02-20 21:05 310368 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-20 21:05 . 2012-02-20 21:05 132704 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2012-02-07 07:50 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 23:05 . 2012-01-21 23:05 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-01-21 19:30 . 2012-01-21 19:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 222208 ----a-w- c:\windows\system32\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 12288 ----a-w- c:\windows\system32\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 114176 ----a-w- c:\windows\system32\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 448512 ----a-w- c:\windows\system32\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 160256 ----a-w- c:\windows\system32\wextract.exe
2012-01-17 03:39 . 2012-01-21 17:36 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E04855C-9FA9-4E5A-8C4C-EA9732E87ED0}\mpengine.dll
2012-01-04 10:44 . 2012-01-22 08:04 14172672 ----a-w- c:\windows\system32\shell32.dll.stp
2012-01-04 10:44 . 2012-02-14 22:19 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 22:19 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 22:19 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 22:19 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 22:18 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 4935792]
"sllaunch"="c:\windows\SysWOW64\sllaunch.exe" [2010-10-16 145843]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files (x86)\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
S2 Start BT in service;Start BT in service;c:\program files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-23 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2012-02-26 12:34]
.
2012-03-22 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\65F49405: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100789
FF - user.js: extensions.BabylonToolbar_i.babExt - somoto
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.hardId - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15364
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:07
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb5
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-slwc - c:\windows\SysWOW64\\slwc.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Snow Transformation Pack - c:\windows\SysWOW64\slwc.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-23 23:01:27
ComboFix-quarantined-files.txt 2012-03-23 22:01
.
Před spuštěním: Volných bajtů: 200 944 226 304
Po spuštění: Volných bajtů: 200 797 970 432
.
- - End Of File - - 5B5176DF360FD04B4DB3FDE75950ADCD
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.1482 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-23 do 2012-03-23 )))))))))))))))))))))))))))))))
.
.
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-23 21:56 . 2012-03-23 21:56 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-03-23 16:39 . 2012-03-23 16:39 512 ----a-w- C:\PhysicalMBR.bin
2012-03-23 16:10 . 2012-03-23 16:20 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\Yzshadow
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\VirtuaWin
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\UberIcon
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\RocketDock
2012-03-22 18:23 . 2012-03-22 18:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-22 18:06 . 2012-03-22 18:06 -------- d-----w- c:\users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 11:31 . 2007-03-05 19:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-03-22 11:31 . 2007-03-05 19:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-03-22 11:31 . 2007-03-05 19:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-03-22 11:31 . 2007-06-24 20:56 47368 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-03-22 11:31 . 2007-06-24 20:56 37384 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 37896 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 16392 ----a-w- c:\windows\system32\btinstall.dll
2012-03-22 11:31 . 2007-03-05 19:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-03-22 11:31 . 2007-03-05 19:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-03-22 11:31 . 2007-03-05 19:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-03-22 11:31 . 2006-10-09 14:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-03-22 11:30 . 2012-03-22 11:30 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-03-22 10:28 . 2012-03-22 11:34 -------- d-----w- c:\programdata\Bluetooth
2012-03-22 09:21 . 2011-11-18 13:37 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-03-22 09:21 . 2011-11-18 13:37 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-03-22 09:21 . 2011-11-18 13:37 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-03-22 09:20 . 2012-03-22 09:21 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-03-20 22:02 . 2012-03-22 08:34 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2012-03-20 21:51 . 2012-03-20 21:51 -------- d-----w- c:\program files (x86)\TeamViewer
2012-03-17 08:20 . 2012-03-23 19:36 -------- d-----w- C:\rsit
2012-03-14 16:48 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:48 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:48 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:48 . 2012-03-14 16:48 -------- d-----w- C:\vag2084
2012-03-14 16:47 . 2012-03-14 16:47 -------- d-----w- c:\program files (x86)\OBD-DIAG
2012-03-14 16:39 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 16:39 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 16:39 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 16:17 . 2012-03-14 17:17 -------- dc----w- c:\users\Martin\AppData\Local\MigWiz
2012-03-14 16:08 . 2012-03-14 16:28 -------- d-----w- c:\program files (x86)\WinTuning 7
2012-03-14 09:34 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 09:34 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:34 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:34 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:34 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:34 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-11 20:27 . 2012-03-23 16:22 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- c:\windows\system32\msmq
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- C:\inetpub
2012-03-09 08:03 . 2012-03-09 08:03 -------- d-----w- C:\found.000
2012-03-06 22:05 . 2012-03-06 22:05 -------- d-----w- C:\MFT 3407
2012-03-06 21:50 . 2012-03-06 21:50 -------- d-----w- c:\users\Martin\AppData\Roaming\AVG
2012-03-06 07:39 . 2012-03-06 07:39 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-03 17:35 . 2012-03-03 17:35 -------- d-----w- c:\users\Martin\AppData\Roaming\Avira
2012-03-03 17:33 . 2012-03-11 17:58 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-03 17:33 . 2011-12-09 11:40 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-03 17:33 . 2011-12-09 11:40 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-03 17:33 . 2012-03-11 17:56 -------- d-----w- c:\programdata\Avira
2012-03-03 17:33 . 2012-03-03 17:33 -------- d-----w- c:\program files (x86)\Avira
2012-03-03 17:23 . 2012-03-20 09:11 -------- d-----w- c:\users\Martin\AppData\Local\Comodo
2012-03-03 17:22 . 2012-03-20 09:08 -------- d-----w- c:\programdata\CPA_VA
2012-03-03 17:16 . 2012-03-03 20:30 -------- d-----w- c:\programdata\Comodo
2012-03-03 17:16 . 2012-03-20 09:08 -------- d-----w- c:\program files\COMODO
2012-03-03 17:16 . 2012-03-20 09:11 -------- d-----w- c:\program files (x86)\Comodo
2012-03-03 17:16 . 2012-03-03 17:16 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-03-03 17:16 . 2012-03-03 17:16 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-02-27 20:53 . 2012-02-27 20:53 -------- d-----w- c:\users\Martin\AppData\Roaming\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files\CheckPoint
2012-02-27 20:52 . 2012-02-27 20:52 -------- d-----w- c:\programdata\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files (x86)\CheckPoint
2012-02-27 19:51 . 2012-02-27 19:51 -------- d-----w- C:\My Backups
2012-02-27 19:51 . 2011-12-22 22:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-02-27 19:51 . 2011-12-22 22:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-02-27 19:51 . 2011-12-22 22:09 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-02-27 19:51 . 2011-12-22 22:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-02-27 19:15 . 2012-02-27 19:48 -------- d-----w- c:\program files (x86)\EASEUS
2012-02-26 19:05 . 2012-02-26 19:05 -------- d-----w- c:\users\Martin\AppData\Local\DDMSettings
2012-02-26 19:02 . 2012-03-03 20:15 -------- d-----w- c:\users\Martin\AppData\Roaming\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-02-26 19:01 . 2012-02-03 12:35 512472 ----a-w- c:\windows\SysWow64\msxml.dll
2012-02-26 19:01 . 2012-02-03 12:35 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-02-26 19:01 . 2008-04-02 15:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-02-26 19:01 . 2008-04-02 15:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-02-26 19:01 . 2008-04-02 15:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-02-26 19:01 . 2008-09-17 21:17 658432 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-02-26 19:01 . 2012-02-26 19:01 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-02-26 19:01 . 2012-03-22 18:01 -------- d-----w- c:\program files (x86)\PC Tools Registry Mechanic
2012-02-26 18:59 . 2012-02-26 19:03 -------- d-----w- c:\program files (x86)\DivX
2012-02-26 18:57 . 2012-02-26 19:03 -------- d-----w- c:\programdata\DivX
2012-02-26 18:49 . 2012-03-01 20:58 -------- d-----w- c:\program files (x86)\Win7codecs
2012-02-26 18:48 . 2012-03-01 20:58 -------- d-----w- c:\programdata\Win7codecs
2012-02-24 15:45 . 2012-02-24 15:45 -------- d-----w- c:\users\Martin\AppData\Local\Nero_AG
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\MediaGet2
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\Media Get LLC
2012-02-24 10:57 . 2012-02-24 10:59 -------- d-sh--w- c:\users\Martin\AppData\Local\721e063c
2012-02-23 20:31 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 19:41 . 2012-02-23 21:03 -------- d-----r- C:\BOOTWIZ
2012-02-23 19:41 . 2012-02-23 20:47 24576 --sh--r- C:\bootwiz.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-23 15:28 . 2012-01-22 11:48 2851840 ----a-w- c:\windows\system32\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2012-03-23 15:28 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2012-03-23 15:28 . 2012-01-22 11:49 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2012-03-22 12:49 . 2012-02-07 18:21 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-03-13 14:34 . 2012-01-29 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-11 21:13 . 2011-12-19 17:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2012-01-17 20:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-12-19 17:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-12-19 17:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-12-19 17:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-12-19 17:58 389840 ----a-w- c:\windows\system32\guard64.dll
2012-03-06 07:39 . 2012-02-16 07:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-02-21 07:25 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-02-20 21:05 . 2012-02-20 21:05 310368 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-20 21:05 . 2012-02-20 21:05 132704 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2012-02-07 07:50 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 23:05 . 2012-01-21 23:05 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-01-21 19:30 . 2012-01-21 19:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 222208 ----a-w- c:\windows\system32\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 12288 ----a-w- c:\windows\system32\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 114176 ----a-w- c:\windows\system32\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 448512 ----a-w- c:\windows\system32\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 160256 ----a-w- c:\windows\system32\wextract.exe
2012-01-17 03:39 . 2012-01-21 17:36 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E04855C-9FA9-4E5A-8C4C-EA9732E87ED0}\mpengine.dll
2012-01-04 10:44 . 2012-01-22 08:04 14172672 ----a-w- c:\windows\system32\shell32.dll.stp
2012-01-04 10:44 . 2012-02-14 22:19 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 22:19 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 22:19 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 22:19 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 22:18 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 4935792]
"sllaunch"="c:\windows\SysWOW64\sllaunch.exe" [2010-10-16 145843]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files (x86)\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
S2 Start BT in service;Start BT in service;c:\program files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-23 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2012-02-26 12:34]
.
2012-03-22 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\65F49405: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100789
FF - user.js: extensions.BabylonToolbar_i.babExt - somoto
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.hardId - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15364
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:07
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb5
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-slwc - c:\windows\SysWOW64\\slwc.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Snow Transformation Pack - c:\windows\SysWOW64\slwc.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-23 23:01:27
ComboFix-quarantined-files.txt 2012-03-23 22:01
.
Před spuštěním: Volných bajtů: 200 944 226 304
Po spuštění: Volných bajtů: 200 797 970 432
.
- - End Of File - - 5B5176DF360FD04B4DB3FDE75950ADCD
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Firefox::
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100789
FF - user.js: extensions.BabylonToolbar_i.babExt - somoto
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.hardId - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15364
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:07
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb5
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
RegLock::
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
S tím uložením do potnámkového bloku bude problém vůbec to nereaguje zkusil jsem to x-krát nevím kde by mohl býti zádrhel
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Tak konečne se mi to povedlo:
ComboFix 12-03-22.01 - Martin 24.03.2012 15:11:56.7.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.2278 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: H:\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Recent\desktop_29754742.ico
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-24 do 2012-03-24 )))))))))))))))))))))))))))))))
.
.
2012-03-23 16:39 . 2012-03-23 16:39 512 ----a-w- C:\PhysicalMBR.bin
2012-03-23 16:10 . 2012-03-24 09:22 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\Yzshadow
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\VirtuaWin
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\UberIcon
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\RocketDock
2012-03-22 18:23 . 2012-03-22 18:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-22 18:06 . 2012-03-22 18:06 -------- d-----w- c:\users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 11:31 . 2007-03-05 19:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-03-22 11:31 . 2007-03-05 19:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-03-22 11:31 . 2007-03-05 19:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-03-22 11:31 . 2007-06-24 20:56 47368 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-03-22 11:31 . 2007-06-24 20:56 37384 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 37896 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 16392 ----a-w- c:\windows\system32\btinstall.dll
2012-03-22 11:31 . 2007-03-05 19:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-03-22 11:31 . 2007-03-05 19:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-03-22 11:31 . 2007-03-05 19:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-03-22 11:31 . 2006-10-09 14:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-03-22 11:30 . 2012-03-22 11:30 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-03-22 10:28 . 2012-03-22 11:34 -------- d-----w- c:\programdata\Bluetooth
2012-03-22 09:21 . 2011-11-18 13:37 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-03-22 09:21 . 2011-11-18 13:37 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-03-22 09:21 . 2011-11-18 13:37 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-03-22 09:20 . 2012-03-22 09:21 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-03-20 22:02 . 2012-03-22 08:34 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2012-03-20 21:51 . 2012-03-20 21:51 -------- d-----w- c:\program files (x86)\TeamViewer
2012-03-17 08:20 . 2012-03-23 22:03 -------- d-----w- C:\rsit
2012-03-14 16:48 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:48 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:48 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:48 . 2012-03-14 16:48 -------- d-----w- C:\vag2084
2012-03-14 16:47 . 2012-03-14 16:47 -------- d-----w- c:\program files (x86)\OBD-DIAG
2012-03-14 16:39 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 16:39 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 16:39 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 16:17 . 2012-03-14 17:17 -------- dc----w- c:\users\Martin\AppData\Local\MigWiz
2012-03-14 16:08 . 2012-03-14 16:28 -------- d-----w- c:\program files (x86)\WinTuning 7
2012-03-14 09:34 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 09:34 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:34 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:34 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:34 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:34 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-11 20:27 . 2012-03-24 14:22 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- c:\windows\system32\msmq
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- C:\inetpub
2012-03-09 08:03 . 2012-03-09 08:03 -------- d-----w- C:\found.000
2012-03-06 22:05 . 2012-03-06 22:05 -------- d-----w- C:\MFT 3407
2012-03-06 21:50 . 2012-03-06 21:50 -------- d-----w- c:\users\Martin\AppData\Roaming\AVG
2012-03-06 07:39 . 2012-03-06 07:39 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-03 17:35 . 2012-03-03 17:35 -------- d-----w- c:\users\Martin\AppData\Roaming\Avira
2012-03-03 17:33 . 2012-03-11 17:58 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-03 17:33 . 2011-12-09 11:40 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-03 17:33 . 2011-12-09 11:40 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-03 17:33 . 2012-03-11 17:56 -------- d-----w- c:\programdata\Avira
2012-03-03 17:33 . 2012-03-03 17:33 -------- d-----w- c:\program files (x86)\Avira
2012-03-03 17:23 . 2012-03-20 09:11 -------- d-----w- c:\users\Martin\AppData\Local\Comodo
2012-03-03 17:22 . 2012-03-20 09:08 -------- d-----w- c:\programdata\CPA_VA
2012-03-03 17:16 . 2012-03-03 20:30 -------- d-----w- c:\programdata\Comodo
2012-03-03 17:16 . 2012-03-20 09:08 -------- d-----w- c:\program files\COMODO
2012-03-03 17:16 . 2012-03-20 09:11 -------- d-----w- c:\program files (x86)\Comodo
2012-03-03 17:16 . 2012-03-03 17:16 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-03-03 17:16 . 2012-03-03 17:16 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-02-27 20:53 . 2012-02-27 20:53 -------- d-----w- c:\users\Martin\AppData\Roaming\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files\CheckPoint
2012-02-27 20:52 . 2012-02-27 20:52 -------- d-----w- c:\programdata\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files (x86)\CheckPoint
2012-02-27 19:51 . 2012-02-27 19:51 -------- d-----w- C:\My Backups
2012-02-27 19:51 . 2011-12-22 22:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-02-27 19:51 . 2011-12-22 22:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-02-27 19:51 . 2011-12-22 22:09 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-02-27 19:51 . 2011-12-22 22:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-02-27 19:15 . 2012-02-27 19:48 -------- d-----w- c:\program files (x86)\EASEUS
2012-02-26 19:05 . 2012-02-26 19:05 -------- d-----w- c:\users\Martin\AppData\Local\DDMSettings
2012-02-26 19:02 . 2012-03-03 20:15 -------- d-----w- c:\users\Martin\AppData\Roaming\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-02-26 19:01 . 2012-02-03 12:35 512472 ----a-w- c:\windows\SysWow64\msxml.dll
2012-02-26 19:01 . 2012-02-03 12:35 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-02-26 19:01 . 2008-04-02 15:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-02-26 19:01 . 2008-04-02 15:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-02-26 19:01 . 2008-04-02 15:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-02-26 19:01 . 2008-09-17 21:17 658432 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-02-26 19:01 . 2012-02-26 19:01 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-02-26 19:01 . 2012-03-22 18:01 -------- d-----w- c:\program files (x86)\PC Tools Registry Mechanic
2012-02-26 18:59 . 2012-02-26 19:03 -------- d-----w- c:\program files (x86)\DivX
2012-02-26 18:57 . 2012-02-26 19:03 -------- d-----w- c:\programdata\DivX
2012-02-26 18:49 . 2012-03-01 20:58 -------- d-----w- c:\program files (x86)\Win7codecs
2012-02-26 18:48 . 2012-03-01 20:58 -------- d-----w- c:\programdata\Win7codecs
2012-02-24 15:45 . 2012-02-24 15:45 -------- d-----w- c:\users\Martin\AppData\Local\Nero_AG
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\MediaGet2
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\Media Get LLC
2012-02-24 10:57 . 2012-02-24 10:59 -------- d-sh--w- c:\users\Martin\AppData\Local\721e063c
2012-02-23 20:31 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 19:41 . 2012-02-23 21:03 -------- d-----r- C:\BOOTWIZ
2012-02-23 19:41 . 2012-02-23 20:47 24576 --sh--r- C:\bootwiz.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-24 07:39 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-23 15:28 . 2012-01-22 11:48 2851840 ----a-w- c:\windows\system32\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2012-03-23 15:28 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2012-03-23 15:28 . 2012-01-22 11:49 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2012-03-22 12:49 . 2012-02-07 18:21 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-03-13 14:34 . 2012-01-29 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-11 21:13 . 2011-12-19 17:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2012-01-17 20:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-12-19 17:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-12-19 17:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-12-19 17:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-12-19 17:58 389840 ----a-w- c:\windows\system32\guard64.dll
2012-03-06 07:39 . 2012-02-16 07:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-02-20 21:05 . 2012-02-20 21:05 310368 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-20 21:05 . 2012-02-20 21:05 132704 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2012-02-07 07:50 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 23:05 . 2012-01-21 23:05 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-01-21 19:30 . 2012-01-21 19:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 222208 ----a-w- c:\windows\system32\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 12288 ----a-w- c:\windows\system32\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 114176 ----a-w- c:\windows\system32\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 448512 ----a-w- c:\windows\system32\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 160256 ----a-w- c:\windows\system32\wextract.exe
2012-01-17 03:39 . 2012-01-21 17:36 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E04855C-9FA9-4E5A-8C4C-EA9732E87ED0}\mpengine.dll
2012-01-04 10:44 . 2012-01-22 08:04 14172672 ----a-w- c:\windows\system32\shell32.dll.stp
2012-01-04 10:44 . 2012-02-14 22:19 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 22:19 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 22:19 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 22:19 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 22:18 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-23_21.57.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-03-24 14:24 80170 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-21 17:26 . 2012-03-24 14:24 22876 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2228829363-2496496693-1347899441-1001_UserData.bin
- 2012-01-22 02:21 . 2012-03-23 16:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-22 02:21 . 2012-03-24 13:53 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-06 10:04 . 2012-03-24 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-03-06 10:04 . 2012-03-23 16:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-24 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-23 16:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-03-23 16:22 . 2012-03-23 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-24 14:22 . 2012-03-24 14:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-23 16:22 . 2012-03-23 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-24 14:22 . 2012-03-24 14:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-20 04:34 . 2012-03-24 14:24 107008 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-08-03 19:55 . 2012-03-24 08:22 689726 c:\windows\system32\perfh015.dat
- 2009-08-03 19:55 . 2012-03-22 17:05 689726 c:\windows\system32\perfh015.dat
- 2009-08-03 20:06 . 2012-03-22 17:05 632180 c:\windows\system32\perfh00E.dat
+ 2009-08-03 20:06 . 2012-03-24 08:22 632180 c:\windows\system32\perfh00E.dat
+ 2009-07-14 02:36 . 2012-03-24 08:22 616008 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-22 17:05 616008 c:\windows\system32\perfh009.dat
- 2009-08-03 20:00 . 2012-03-22 17:05 631292 c:\windows\system32\perfh005.dat
+ 2009-08-03 20:00 . 2012-03-24 08:22 631292 c:\windows\system32\perfh005.dat
+ 2009-08-03 19:55 . 2012-03-24 08:22 134840 c:\windows\system32\perfc015.dat
- 2009-08-03 19:55 . 2012-03-22 17:05 134840 c:\windows\system32\perfc015.dat
+ 2009-08-03 20:06 . 2012-03-24 08:22 148310 c:\windows\system32\perfc00E.dat
- 2009-08-03 20:06 . 2012-03-22 17:05 148310 c:\windows\system32\perfc00E.dat
+ 2009-07-14 02:36 . 2012-03-24 08:22 106388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-22 17:05 106388 c:\windows\system32\perfc009.dat
- 2009-08-03 20:00 . 2012-03-22 17:05 121914 c:\windows\system32\perfc005.dat
+ 2009-08-03 20:00 . 2012-03-24 08:22 121914 c:\windows\system32\perfc005.dat
+ 2012-03-23 22:24 . 2012-03-23 22:24 414200 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:01 . 2012-03-24 14:21 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-23 16:21 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-21 22:46 . 2012-03-24 14:21 4788860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2228829363-2496496693-1347899441-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 4935792]
"sllaunch"="c:\windows\SysWOW64\sllaunch.exe" [2010-10-16 145843]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files (x86)\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
S2 Start BT in service;Start BT in service;c:\program files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-23 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2012-02-26 12:34]
.
2012-03-22 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\65F49405: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\progra~2\Yzshadow\YzShadow.exe
c:\progra~2\VirtuaWin\VirtuaWin.exe
c:\progra~2\VirtuaWin\modules\WinList.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files (x86)\Opera\opera.exe
.
**************************************************************************
.
Celkový čas: 2012-03-24 15:33:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-24 14:33
ComboFix2.txt 2012-03-23 22:01
.
Před spuštěním: Volných bajtů: 200 817 389 568
Po spuštění: Volných bajtů: 200 781 340 672
.
- - End Of File - - 9EEB3A5F86A7EE50851BE9A2431E938A
ComboFix 12-03-22.01 - Martin 24.03.2012 15:11:56.7.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.2278 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: H:\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Recent\desktop_29754742.ico
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-24 do 2012-03-24 )))))))))))))))))))))))))))))))
.
.
2012-03-23 16:39 . 2012-03-23 16:39 512 ----a-w- C:\PhysicalMBR.bin
2012-03-23 16:10 . 2012-03-24 09:22 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\Yzshadow
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\VirtuaWin
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\UberIcon
2012-03-23 15:39 . 2012-03-23 15:39 -------- d-----w- c:\program files (x86)\RocketDock
2012-03-22 18:23 . 2012-03-22 18:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-22 18:06 . 2012-03-22 18:06 -------- d-----w- c:\users\Martin\AppData\Roaming\Registry Mechanic
2012-03-22 11:31 . 2007-03-05 19:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-03-22 11:31 . 2007-03-05 19:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-03-22 11:31 . 2007-03-05 19:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-03-22 11:31 . 2007-06-24 20:56 47368 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-03-22 11:31 . 2007-06-24 20:56 37384 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 37896 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-03-22 11:31 . 2007-06-24 20:56 16392 ----a-w- c:\windows\system32\btinstall.dll
2012-03-22 11:31 . 2007-03-05 19:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-03-22 11:31 . 2007-03-05 19:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-03-22 11:31 . 2007-03-05 19:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-03-22 11:31 . 2006-10-09 14:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-03-22 11:30 . 2012-03-22 11:30 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-03-22 10:28 . 2012-03-22 11:34 -------- d-----w- c:\programdata\Bluetooth
2012-03-22 09:21 . 2011-11-18 13:37 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-03-22 09:21 . 2011-11-18 13:37 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-03-22 09:21 . 2011-11-18 13:37 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-03-22 09:20 . 2012-03-22 09:21 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-03-20 22:02 . 2012-03-22 08:34 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2012-03-20 21:51 . 2012-03-20 21:51 -------- d-----w- c:\program files (x86)\TeamViewer
2012-03-17 08:20 . 2012-03-23 22:03 -------- d-----w- C:\rsit
2012-03-14 16:48 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 16:48 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 16:48 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 16:48 . 2012-03-14 16:48 -------- d-----w- C:\vag2084
2012-03-14 16:47 . 2012-03-14 16:47 -------- d-----w- c:\program files (x86)\OBD-DIAG
2012-03-14 16:39 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 16:39 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 16:39 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 16:17 . 2012-03-14 17:17 -------- dc----w- c:\users\Martin\AppData\Local\MigWiz
2012-03-14 16:08 . 2012-03-14 16:28 -------- d-----w- c:\program files (x86)\WinTuning 7
2012-03-14 09:34 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-03-14 09:34 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 09:34 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:34 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:34 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 09:34 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:34 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-11 20:27 . 2012-03-24 14:22 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- c:\windows\system32\msmq
2012-03-11 20:27 . 2012-03-11 20:27 -------- d-----w- C:\inetpub
2012-03-09 08:03 . 2012-03-09 08:03 -------- d-----w- C:\found.000
2012-03-06 22:05 . 2012-03-06 22:05 -------- d-----w- C:\MFT 3407
2012-03-06 21:50 . 2012-03-06 21:50 -------- d-----w- c:\users\Martin\AppData\Roaming\AVG
2012-03-06 07:39 . 2012-03-06 07:39 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-03 17:35 . 2012-03-03 17:35 -------- d-----w- c:\users\Martin\AppData\Roaming\Avira
2012-03-03 17:33 . 2012-03-11 17:58 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-03 17:33 . 2011-12-09 11:40 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-03 17:33 . 2011-12-09 11:40 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-03 17:33 . 2012-03-11 17:56 -------- d-----w- c:\programdata\Avira
2012-03-03 17:33 . 2012-03-03 17:33 -------- d-----w- c:\program files (x86)\Avira
2012-03-03 17:23 . 2012-03-20 09:11 -------- d-----w- c:\users\Martin\AppData\Local\Comodo
2012-03-03 17:22 . 2012-03-20 09:08 -------- d-----w- c:\programdata\CPA_VA
2012-03-03 17:16 . 2012-03-03 20:30 -------- d-----w- c:\programdata\Comodo
2012-03-03 17:16 . 2012-03-20 09:08 -------- d-----w- c:\program files\COMODO
2012-03-03 17:16 . 2012-03-20 09:11 -------- d-----w- c:\program files (x86)\Comodo
2012-03-03 17:16 . 2012-03-03 17:16 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-03-03 17:16 . 2012-03-03 17:16 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-02-27 20:53 . 2012-02-27 20:53 -------- d-----w- c:\users\Martin\AppData\Roaming\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files\CheckPoint
2012-02-27 20:52 . 2012-02-27 20:52 -------- d-----w- c:\programdata\CheckPoint
2012-02-27 20:52 . 2012-02-27 21:08 -------- d-----w- c:\program files (x86)\CheckPoint
2012-02-27 19:51 . 2012-02-27 19:51 -------- d-----w- C:\My Backups
2012-02-27 19:51 . 2011-12-22 22:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-02-27 19:51 . 2011-12-22 22:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-02-27 19:51 . 2011-12-22 22:09 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-02-27 19:51 . 2011-12-22 22:09 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-02-27 19:15 . 2012-02-27 19:48 -------- d-----w- c:\program files (x86)\EASEUS
2012-02-26 19:05 . 2012-02-26 19:05 -------- d-----w- c:\users\Martin\AppData\Local\DDMSettings
2012-02-26 19:02 . 2012-03-03 20:15 -------- d-----w- c:\users\Martin\AppData\Roaming\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files\DivX
2012-02-26 19:02 . 2012-02-26 19:02 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-02-26 19:01 . 2012-02-03 12:35 512472 ----a-w- c:\windows\SysWow64\msxml.dll
2012-02-26 19:01 . 2012-02-03 12:35 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-02-26 19:01 . 2008-04-02 15:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-02-26 19:01 . 2008-04-02 15:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-02-26 19:01 . 2008-04-02 15:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-02-26 19:01 . 2008-09-17 21:17 658432 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-02-26 19:01 . 2012-02-26 19:01 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-02-26 19:01 . 2012-03-22 18:01 -------- d-----w- c:\program files (x86)\PC Tools Registry Mechanic
2012-02-26 18:59 . 2012-02-26 19:03 -------- d-----w- c:\program files (x86)\DivX
2012-02-26 18:57 . 2012-02-26 19:03 -------- d-----w- c:\programdata\DivX
2012-02-26 18:49 . 2012-03-01 20:58 -------- d-----w- c:\program files (x86)\Win7codecs
2012-02-26 18:48 . 2012-03-01 20:58 -------- d-----w- c:\programdata\Win7codecs
2012-02-24 15:45 . 2012-02-24 15:45 -------- d-----w- c:\users\Martin\AppData\Local\Nero_AG
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\MediaGet2
2012-02-24 11:12 . 2012-02-24 11:12 -------- d-----w- c:\users\Martin\AppData\Local\Media Get LLC
2012-02-24 10:57 . 2012-02-24 10:59 -------- d-sh--w- c:\users\Martin\AppData\Local\721e063c
2012-02-23 20:31 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 19:41 . 2012-02-23 21:03 -------- d-----r- C:\BOOTWIZ
2012-02-23 19:41 . 2012-02-23 20:47 24576 --sh--r- C:\bootwiz.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-24 07:39 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-23 15:28 . 2012-01-22 11:48 2851840 ----a-w- c:\windows\system32\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2012-03-23 15:28 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2012-03-23 15:28 . 2012-01-22 11:49 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2012-03-23 15:28 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2012-03-22 12:49 . 2012-02-07 18:21 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-03-13 14:34 . 2012-01-29 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-11 21:13 . 2011-12-19 17:59 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2012-01-17 20:00 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-12-19 17:59 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-12-19 17:58 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-12-19 17:58 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-12-19 17:58 389840 ----a-w- c:\windows\system32\guard64.dll
2012-03-06 07:39 . 2012-02-16 07:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-02-20 21:05 . 2012-02-20 21:05 310368 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-02-20 21:05 . 2012-02-20 21:05 132704 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2012-02-07 07:50 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 23:05 . 2012-01-21 23:05 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-01-21 19:30 . 2012-01-21 19:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-21 19:30 . 2012-01-21 19:30 222208 ----a-w- c:\windows\system32\msls31.dll
2012-01-21 19:30 . 2012-01-21 19:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-01-21 19:30 . 2012-01-21 19:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-21 19:30 . 2012-01-21 19:30 12288 ----a-w- c:\windows\system32\mshta.exe
2012-01-21 19:30 . 2012-01-21 19:30 114176 ----a-w- c:\windows\system32\admparse.dll
2012-01-21 19:30 . 2012-01-21 19:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-21 19:30 . 2012-01-21 19:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-21 19:30 . 2012-01-21 19:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-21 19:30 . 2012-01-21 19:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-21 19:30 . 2012-01-21 19:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-01-21 19:30 . 2012-01-21 19:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-01-21 19:30 . 2012-01-21 19:30 448512 ----a-w- c:\windows\system32\html.iec
2012-01-21 19:30 . 2012-01-21 19:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-01-21 19:30 . 2012-01-21 19:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-21 19:30 . 2012-01-21 19:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-01-21 19:30 . 2012-01-21 19:30 160256 ----a-w- c:\windows\system32\wextract.exe
2012-01-17 03:39 . 2012-01-21 17:36 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E04855C-9FA9-4E5A-8C4C-EA9732E87ED0}\mpengine.dll
2012-01-04 10:44 . 2012-01-22 08:04 14172672 ----a-w- c:\windows\system32\shell32.dll.stp
2012-01-04 10:44 . 2012-02-14 22:19 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 22:19 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-30 06:26 . 2012-02-14 22:19 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 22:19 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 22:18 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-23_21.57.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-03-24 14:24 80170 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-21 17:26 . 2012-03-24 14:24 22876 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2228829363-2496496693-1347899441-1001_UserData.bin
- 2012-01-22 02:21 . 2012-03-23 16:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-22 02:21 . 2012-03-24 13:53 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-06 10:04 . 2012-03-24 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-03-06 10:04 . 2012-03-23 16:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-24 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-23 16:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-03-23 16:22 . 2012-03-23 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-24 14:22 . 2012-03-24 14:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-23 16:22 . 2012-03-23 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-24 14:22 . 2012-03-24 14:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-20 04:34 . 2012-03-24 14:24 107008 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-08-03 19:55 . 2012-03-24 08:22 689726 c:\windows\system32\perfh015.dat
- 2009-08-03 19:55 . 2012-03-22 17:05 689726 c:\windows\system32\perfh015.dat
- 2009-08-03 20:06 . 2012-03-22 17:05 632180 c:\windows\system32\perfh00E.dat
+ 2009-08-03 20:06 . 2012-03-24 08:22 632180 c:\windows\system32\perfh00E.dat
+ 2009-07-14 02:36 . 2012-03-24 08:22 616008 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-22 17:05 616008 c:\windows\system32\perfh009.dat
- 2009-08-03 20:00 . 2012-03-22 17:05 631292 c:\windows\system32\perfh005.dat
+ 2009-08-03 20:00 . 2012-03-24 08:22 631292 c:\windows\system32\perfh005.dat
+ 2009-08-03 19:55 . 2012-03-24 08:22 134840 c:\windows\system32\perfc015.dat
- 2009-08-03 19:55 . 2012-03-22 17:05 134840 c:\windows\system32\perfc015.dat
+ 2009-08-03 20:06 . 2012-03-24 08:22 148310 c:\windows\system32\perfc00E.dat
- 2009-08-03 20:06 . 2012-03-22 17:05 148310 c:\windows\system32\perfc00E.dat
+ 2009-07-14 02:36 . 2012-03-24 08:22 106388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-22 17:05 106388 c:\windows\system32\perfc009.dat
- 2009-08-03 20:00 . 2012-03-22 17:05 121914 c:\windows\system32\perfc005.dat
+ 2009-08-03 20:00 . 2012-03-24 08:22 121914 c:\windows\system32\perfc005.dat
+ 2012-03-23 22:24 . 2012-03-23 22:24 414200 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:01 . 2012-03-24 14:21 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-23 16:21 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-21 22:46 . 2012-03-24 14:21 4788860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2228829363-2496496693-1347899441-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 4935792]
"sllaunch"="c:\windows\SysWOW64\sllaunch.exe" [2010-10-16 145843]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files (x86)\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-03-11 342480]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
S2 Start BT in service;Start BT in service;c:\program files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2008-03-19 51816]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-18 2118976]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-03-23 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2012-02-26 12:34]
.
2012-03-22 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\65F49405: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{7CFB3A70-C84F-4431-BF87-1901F690909F}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\progra~2\Yzshadow\YzShadow.exe
c:\progra~2\VirtuaWin\VirtuaWin.exe
c:\progra~2\VirtuaWin\modules\WinList.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files (x86)\Opera\opera.exe
.
**************************************************************************
.
Celkový čas: 2012-03-24 15:33:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-24 14:33
ComboFix2.txt 2012-03-23 22:01
.
Před spuštěním: Volných bajtů: 200 817 389 568
Po spuštění: Volných bajtů: 200 781 340 672
.
- - End Of File - - 9EEB3A5F86A7EE50851BE9A2431E938A
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
karlospatmat
- Vzorný návštěvník
- Příspěvky: 384
- Registrován: 28 led 2012 23:21
- Bydliště: Novosedly nad Nežárkou
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
Vypadá to že je vše vopřádku akorád je dočasně pozastaven antivir a nelze zapnout, ale nejspíše je to reakce od CFka, takže se domnívám že po odinstalaci bude vše ok
Windows 7 64bitový (6.1,sestavení 7601)Service Pack 1
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji: Cclener, MBAM
email:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
Procesor: Celeron Dual-Core CPU T3100 @1.9Ghz 1.90
Paměť ram:4GB. HDD 500GB
Avast free ,
Dokud žiješ, uč se! Nečekej, že moudrost s sebou přinese stáří.
Na průšvihy mám talent od přírody
Doporučuji:
Cclener, MBAMemail:karlospatmat@seznam.cz
--------------------------------------------------------------------------------------
Dobrá nálada nevyřeší všechny tvoje problémy, ale nasere tolik lidí, že stojí za to si jí udržet.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nepodařilo se obnovit windows do dřívějšího stavu
CF odinstalujte Startmenu>přík. řádek (napsat) combofix /uninstall>Enter. Pokud by se AV nezapnul, přeinstalujte ho.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?