VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Mam v PC virus

https://forum.viry.cz:443/viewtopic.php?t=127400

Stránka 1 z 1

Mam v PC virus

Napsal: 20 led 2013 08:25
od Lestatos
Avast hlasi virus ale nevie ho odstranit, prosim o kontrolu a pomoc. Dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-01-20 08:22:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (14%) free of 278 GB
Total RAM: 4003 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:23:11, on 20. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Administrator\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SaveAs - {5A7B890D-29F9-E0A4-4899-A7F4678ABA8B} - C:\ProgramData\SaveAs\50f3d2fb22d1a.dll
O2 - BHO: SaveAs - {5B0873D5-5594-6A5E-C854-FAEC42F510CC} - C:\ProgramData\SaveAs\50f3d212c39a2.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SaveAs - {E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC} - C:\ProgramData\SaveAs\50f3d38c281a2.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-649568267-640355484-1299417552-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-649568267-640355484-1299417552-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-649568267-640355484-1299417552-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-649568267-640355484-1299417552-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Previesť cieľ odkazu do formátu Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Previesť do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridať cieľ odkazu do existujúceho súboru PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Pridať do existujúceho súboru PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8ED9DB4-506D-42A4-9389-5A67CA853A8A}: NameServer = 0.0.0.0
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll c:\progra~2\bcool\sprote~1.dll c:\progra~2\saveas\sprote~1.dll c:\progra~2\justbr~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13632 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A7B890D-29F9-E0A4-4899-A7F4678ABA8B}]
SaveAs - C:\ProgramData\SaveAs\50f3d2fb22d1a.dll [2013-01-14 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B0873D5-5594-6A5E-C854-FAEC42F510CC}]
SaveAs - C:\ProgramData\SaveAs\50f3d212c39a2.dll [2013-01-14 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC}]
SaveAs - C:\ProgramData\SaveAs\50f3d38c281a2.dll [2013-01-14 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-15 113288]
"Cinema ProII AP"=C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [2011-01-25 200192]
"Cinema ProII Controler"=C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [2010-06-25 1689600]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-11-18 1351680]
"UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-01-14 969104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll c:\progra~2\bcool\sprote~1.dll c:\progra~2\saveas\sprote~1.dll c:\progra~2\justbr~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\SysWow64\webcheck.dll [2011-07-19 203776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-19 07:08:50 ----SHD---- C:\Config.Msi
2013-01-18 21:59:36 ----A---- C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-01-18 21:59:36 ----A---- C:\windows\SysWOW64\javaw.exe
2013-01-18 21:59:36 ----A---- C:\windows\SysWOW64\java.exe
2013-01-14 10:32:33 ----AD---- C:\ProgramData\TEMP
2013-01-14 10:24:53 ----D---- C:\Users\Administrator\AppData\Roaming\Babylon
2013-01-14 10:24:53 ----D---- C:\ProgramData\Babylon
2013-01-14 10:24:48 ----D---- C:\Program Files (x86)\BCool
2013-01-14 10:24:47 ----D---- C:\ProgramData\Bcool
2013-01-14 10:17:26 ----D---- C:\ProgramData\Cloud Software LTD
2013-01-14 10:17:25 ----D---- C:\Program Files (x86)\JustBrowse
2013-01-14 10:17:15 ----D---- C:\Program Files (x86)\Optimizer Pro
2013-01-14 10:16:58 ----D---- C:\Program Files (x86)\SaveAs
2013-01-14 10:16:53 ----D---- C:\ProgramData\SaveAs
2013-01-14 10:16:08 ----D---- C:\ProgramData\InstallMate
2013-01-14 10:09:19 ----D---- C:\Program Files (x86)\uTorrent
2013-01-14 10:08:44 ----D---- C:\Users\Administrator\AppData\Roaming\uTorrent
2013-01-13 18:40:21 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe
2013-01-10 13:17:41 ----A---- C:\windows\SysWOW64\msxml6.dll
2013-01-10 13:17:40 ----A---- C:\windows\SysWOW64\msxml3.dll
2013-01-10 13:17:30 ----A---- C:\windows\SysWOW64\win32spl.dll
2013-01-10 13:17:25 ----A---- C:\windows\SysWOW64\ncrypt.dll
2013-01-10 13:17:10 ----A---- C:\windows\SysWOW64\usp10.dll
2013-01-10 13:16:57 ----A---- C:\windows\SysWOW64\gameux.dll
2013-01-10 13:16:56 ----A---- C:\windows\SysWOW64\Wpc.dll
2013-01-10 13:16:35 ----A---- C:\windows\SysWOW64\KernelBase.dll
2013-01-10 13:16:33 ----A---- C:\windows\SysWOW64\kernel32.dll
2013-01-10 13:16:32 ----A---- C:\windows\SysWOW64\ntvdm64.dll
2013-01-10 13:16:31 ----AH---- C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 13:16:31 ----A---- C:\windows\SysWOW64\wow32.dll
2013-01-10 13:16:30 ----AH---- C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 13:16:29 ----AH---- C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 13:16:26 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 13:16:22 ----AH---- C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 13:16:21 ----AH---- C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 13:16:21 ----AH---- C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 13:16:19 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 13:16:19 ----AH---- C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 13:16:19 ----AH---- C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 13:16:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 13:16:17 ----AH---- C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 13:16:17 ----AH---- C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 13:16:17 ----AH---- C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 13:16:17 ----AH---- C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 13:16:17 ----AH---- C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 13:16:17 ----A---- C:\windows\SysWOW64\setup16.exe
2013-01-10 13:16:16 ----A---- C:\windows\SysWOW64\instnm.exe
2013-01-10 13:16:15 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 13:16:13 ----AH---- C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 13:16:10 ----A---- C:\windows\SysWOW64\user.exe
2012-12-22 03:00:35 ----A---- C:\windows\SysWOW64\atmlib.dll
2012-12-22 03:00:31 ----A---- C:\windows\SysWOW64\atmfd.dll

======List of files/folders modified in the last 1 month======

2013-01-20 08:23:11 ----D---- C:\windows\Prefetch
2013-01-20 08:23:10 ----D---- C:\windows\Temp
2013-01-20 08:23:10 ----D---- C:\Program Files (x86)\trend micro
2013-01-20 08:22:34 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2013-01-20 07:58:33 ----D---- C:\windows\System32
2013-01-20 07:58:33 ----D---- C:\windows\inf
2013-01-20 07:56:18 ----A---- C:\windows\SysWOW64\log.txt
2013-01-19 21:59:51 ----D---- C:\Users\Administrator\AppData\Roaming\vlc
2013-01-19 07:18:59 ----RD---- C:\Program Files (x86)
2013-01-19 07:17:49 ----D---- C:\ProgramData
2013-01-19 07:16:12 ----D---- C:\windows\Tasks
2013-01-19 07:09:29 ----D---- C:\windows\SysWOW64
2013-01-19 07:09:06 ----SHD---- C:\windows\Installer
2013-01-19 07:09:06 ----RD---- C:\Program Files
2013-01-19 07:08:42 ----SHD---- C:\System Volume Information
2013-01-19 07:02:25 ----RD---- C:\Program Files (x86)\Skype
2013-01-19 07:02:23 ----D---- C:\ProgramData\Skype
2013-01-18 22:49:33 ----D---- C:\Program Files (x86)\Full Tilt Poker
2013-01-18 21:59:36 ----D---- C:\Program Files (x86)\Java
2013-01-17 12:28:34 ----D---- C:\Users\Administrator\AppData\Roaming\dvdcss
2013-01-15 08:33:35 ----D---- C:\Program Files (x86)\Google
2013-01-15 08:05:02 ----D---- C:\windows\Downloaded Program Files
2013-01-14 10:17:27 ----D---- C:\Users\Administrator\AppData\Roaming\Apple Computer
2013-01-13 18:41:01 ----D---- C:\ProgramData\Adobe
2013-01-13 17:59:41 ----D---- C:\Windows
2013-01-13 17:04:58 ----D---- C:\windows\debug
2013-01-13 16:06:56 ----D---- C:\Users\Administrator\AppData\Roaming\ChessBase
2013-01-11 06:39:31 ----D---- C:\windows\rescache
2013-01-11 06:05:21 ----D---- C:\windows\Microsoft.NET
2013-01-11 06:05:20 ----RSD---- C:\windows\assembly
2013-01-11 03:28:53 ----D---- C:\windows\winsxs
2013-01-11 03:26:57 ----D---- C:\windows\SysWOW64\sk-SK
2013-01-11 03:26:54 ----D---- C:\windows\AppPatch
2013-01-11 03:11:19 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 07:30:19 ----D---- C:\windows\SysWOW64\Macromed
2013-01-10 07:29:09 ----D---- C:\windows\registration
2013-01-10 07:27:04 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2013-01-08 22:00:00 ----D---- C:\Program Files (x86)\PokerStars
2012-12-21 19:16:42 ----D---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys []
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys []
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\drivers\HECIx64.sys []
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\drivers\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\drivers\nusb3xhc.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys []
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys []
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys []
S3 usbser;Sony Ericsson USB Serial Port; C:\windows\system32\DRIVERS\usbser.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [2011-06-24 160768]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2012-03-10 76888]
R2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-15 251400]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-25 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Re: Mam v PC virus

Napsal: 20 led 2013 11:23
od Rudy
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Mam v PC virus

Napsal: 20 led 2013 12:14
od Lestatos
ComboFix 13-01-17.04 - Administrator . 01. 2013 12:03:30.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4003.1555 [GMT 1:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Funmoods
c:\programdata\Bcool
c:\programdata\Bcool\50f3d3faace2c.dll
c:\programdata\Bcool\50f3d3faace2c.tlb
c:\programdata\Bcool\data\Bcool.dat
c:\programdata\Bcool\settings.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-12-20 to 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 11:09 . 2013-01-20 11:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-20 11:09 . 2013-01-20 11:09 -------- d-----w- c:\users\robert\AppData\Local\temp
2013-01-20 11:09 . 2013-01-20 11:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-20 11:09 . 2013-01-20 11:09 -------- d-----w- c:\users\postgres\AppData\Local\temp
2013-01-20 11:09 . 2013-01-20 11:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-20 06:56 . 2013-01-20 06:56 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F39D1388-8E58-486E-946D-FFBF199BDD04}\offreg.dll
2013-01-18 20:59 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-18 16:48 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F39D1388-8E58-486E-946D-FFBF199BDD04}\mpengine.dll
2013-01-14 09:24 . 2013-01-14 09:24 -------- d-----w- c:\users\Administrator\AppData\Roaming\Babylon
2013-01-14 09:24 . 2013-01-14 09:24 -------- d-----w- c:\programdata\Babylon
2013-01-14 09:24 . 2013-01-19 06:15 -------- d-----w- c:\program files (x86)\BCool
2013-01-14 09:17 . 2013-01-14 09:17 -------- d-----w- c:\programdata\Cloud Software LTD
2013-01-14 09:17 . 2013-01-19 06:14 -------- d-----w- c:\program files (x86)\JustBrowse
2013-01-14 09:17 . 2013-01-15 07:09 -------- d-----w- c:\program files (x86)\Optimizer Pro
2013-01-14 09:16 . 2013-01-19 06:15 -------- d-----w- c:\program files (x86)\SaveAs
2013-01-14 09:16 . 2013-01-19 06:14 -------- d-----w- c:\programdata\SaveAs
2013-01-14 09:16 . 2013-01-19 06:17 -------- d-----w- c:\programdata\InstallMate
2013-01-14 09:09 . 2013-01-14 09:09 -------- d-----w- c:\users\Administrator\AppData\Local\CRE
2013-01-14 09:09 . 2013-01-14 09:09 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-14 09:08 . 2013-01-20 06:55 -------- d-----w- c:\users\Administrator\AppData\Roaming\uTorrent
2013-01-14 09:07 . 2013-01-14 09:07 969104 ----a-w- c:\program files\uTorrent.exe
2013-01-13 17:40 . 2013-01-15 07:04 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-13 17:40 . 2013-01-15 07:04 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-13 17:20 . 2013-01-13 17:20 699912 ----a-w- c:\program files\uninstall_flash_player.exe
2013-01-13 16:51 . 2013-01-13 16:51 4139168 ----a-w- c:\program files\install_flash_player_32bit.exe
2013-01-10 12:16 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-10 12:15 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 12:12 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 06:50 . 2013-01-10 06:50 -------- d-----w- c:\users\robert\AppData\Local\Apple Computer
2012-12-22 02:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 02:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 02:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-11 02:02 . 2012-03-13 06:32 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-17 17:47 . 2012-12-17 17:47 12768400 ----a-w- C:\Opera_1211_int_Setup.exe
2012-12-12 19:36 . 2012-12-12 19:34 21295968 ----a-w- C:\FullTiltSetup.exe
2012-12-03 13:43 . 2012-12-03 13:43 826 ----a-w- C:\keylog1a.zip
2012-11-30 04:45 . 2013-01-10 12:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 08:56 . 2012-11-14 08:56 12768736 ----a-w- c:\program files\Opera_1210_int_Setup.exe
2012-11-14 07:06 . 2012-12-13 06:36 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 06:36 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 06:37 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 06:37 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 06:37 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 06:37 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 06:37 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 06:36 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 06:36 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 06:36 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 06:37 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 06:36 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 06:37 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 06:37 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 06:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 06:37 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 06:36 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 06:37 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 06:37 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 06:37 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 06:37 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 06:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 14:33 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 14:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 16:50 . 2012-05-03 09:41 80521624 ----a-w- c:\program files\iTunes64Setup.exe
2012-11-02 05:59 . 2012-12-12 14:32 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 14:32 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-30 22:51 . 2012-03-25 16:10 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-03-25 16:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-03-25 16:10 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-03-25 16:10 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-03-25 16:10 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-03-25 16:10 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-03-25 16:10 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-03-25 16:17 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 17:04 . 2012-10-25 17:01 80521624 ----a-w- C:\iTunes64Setup.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-18 13:13 . 2012-10-18 13:13 3041341 ----a-w- c:\program files\DxtorySetup2.0.120.exe
2012-10-18 13:01 . 2012-10-18 13:01 3037059 ----a-w- c:\program files\DxtorySetup2.0.119.exe
2012-10-16 10:13 . 2012-10-16 10:11 4981258 ----a-w- c:\program files\ComboFix.exe
2012-10-09 03:37 . 2012-10-09 03:37 3462033 ----a-w- c:\program files\pci_filerecovery.exe
2012-09-21 13:15 . 2012-09-21 13:15 5896408 ----a-w- c:\program files\tcm801x32_64.exe
2012-09-06 01:47 . 2012-09-06 01:45 22657136 ----a-w- c:\program files\vlc-2.0.2-win32.exe
2012-09-02 11:07 . 2012-09-02 11:07 4472121 ----a-w- c:\program files\CamStudio_Setup_v2.6b.exe
2012-09-01 22:58 . 2012-09-01 22:57 11534325 ----a-w- c:\program files\setupscreenhunterfree.exe
2012-09-01 19:34 . 2012-09-01 19:34 8236984 ----a-w- c:\program files\ScreenshotCaptorSetup.exe
2012-09-01 11:55 . 2012-09-01 11:55 999840 ----a-w- c:\program files\install_flashplayer11x32_chra_au_aih.exe
2012-08-28 10:05 . 2012-08-28 10:03 22716480 ----a-w- c:\program files\Gw2Setup.exe
2012-08-03 14:16 . 2012-08-03 14:13 48359936 ----a-w- c:\program files\calibre-0.8.62.msi
2012-07-20 12:02 . 2012-07-20 12:01 10063000 ----a-w- c:\program files\mbam-setup-1.61.0.1400.exe
2012-07-20 11:58 . 2012-07-20 11:58 16373192 ----a-w- c:\program files\Windows-KB890830-V4.10.exe
2012-07-06 10:38 . 2012-04-20 13:16 296792 ----a-w- c:\program files\SweetImSetup.exe
2012-06-22 14:05 . 2012-06-22 14:05 1505732 ----a-w- c:\program files\MacheteLiteInst38.exe
2012-05-07 12:17 . 2012-05-07 12:16 17210144 ----a-w- c:\program files\jre-6u32-windows-x64.exe
2012-05-07 12:12 . 2012-05-07 12:11 26248832 ----a-w- c:\program files\JDownloaderSetup.exe
2012-04-29 15:00 . 2012-04-22 11:25 118088518 ----a-w- c:\program files\Holdem_Manager_Setup1.12.09.exe
2012-04-29 14:49 . 2012-03-11 18:52 16178184 ----a-w- c:\program files\PokerStarsInstall.exe
2012-04-20 10:58 . 2012-04-20 10:55 46104904 ----a-w- c:\program files\Diablo-III-Beta-enUS-Setup.exe
2012-04-13 18:58 . 2012-04-13 18:56 21853983 ----a-w- c:\program files\wireshark-win64-1.4.12.exe
2012-04-13 12:38 . 2012-04-13 12:37 20855157 ----a-w- c:\program files\ageofconan-en.exe
2012-04-06 07:51 . 2012-04-06 07:49 22259528 ----a-w- c:\program files\vlc-2.0.1-win32.exe
2012-03-31 03:27 . 2012-03-31 03:25 28904504 ----a-w- c:\program files\KindleForPC-installer.exe
2012-03-30 08:22 . 2012-03-11 18:42 3595896 ----a-w- c:\program files\TeamViewer_Setup_sk.exe
2012-03-26 07:08 . 2012-03-26 07:08 739816 ----a-w- c:\program files\GoogleEarthSetup.exe
2012-03-21 19:22 . 2012-03-21 19:21 20924432 ----a-w- c:\program files\the-gimp_2.6.12.exe
2012-03-21 18:49 . 2012-03-21 18:49 24460600 ----a-w- c:\program files\gimp-help-2-2.6.0-en-setup.exe
2012-03-13 15:05 . 2012-03-13 15:05 3870120 ----a-w- c:\program files\battlelog-web-plugins-1.116.0-retail-prod.exe
2012-03-10 17:19 . 2012-03-10 17:04 210810984 ----a-w- c:\program files\295.73-notebook-win7-winvista-64bit-international-whql.exe
2012-03-10 16:19 . 2012-03-10 16:19 292184 ----a-w- c:\program files\dxwebsetup.exe
2012-03-10 14:59 . 2012-03-10 14:58 17054752 ----a-w- c:\program files\OriginThinSetup.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5A7B890D-29F9-E0A4-4899-A7F4678ABA8B}]
2013-01-14 09:42 118784 ----a-w- c:\programdata\SaveAs\50f3d2fb22d1a.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5B0873D5-5594-6A5E-C854-FAEC42F510CC}]
2013-01-14 09:38 118784 ----a-w- c:\programdata\SaveAs\50f3d212c39a2.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC}]
2013-01-14 09:44 118784 ----a-w- c:\programdata\SaveAs\50f3d38c281a2.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-14 969104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-15 113288]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
c:\users\robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-02-10 28992]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-03-25 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-09 283200]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe [2011-06-24 160768]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-04-14 87552]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-04-14 207872]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-13 07:04]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.just-browse.info/
mStart Page = hxxp://websearch.just-browse.info/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Previesť cieľ odkazu do formátu Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Previesť do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridať cieľ odkazu do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pridať do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E8ED9DB4-506D-42A4-9389-5A67CA853A8A}: NameServer = 0.0.0.0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\DataMngr_Toolbar]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,10,c9,
08,9f,bd,e4,0d,bf,9a,a5,0c,88,6d,fb,da
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cc,26,
80,30,19,d8,05,94,c0,0e,3f,72,4b,25,df
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3e,48,
9e,1f,f8,d8,07,b6,21,8e,24,04,ca,cb,1f
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"=hex:51,66,7a,6c,4c,1d,3b,1b,d5,75,c0,
ee,46,4e,63,05,95,50,4a,9e,a8,a1,ff,bc
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1e,64,
ed,ec,ca,2a,07,bf,86,54,f0,45,12,8c,c1
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,23,3b,
5d,8c,3c,1d,08,8a,f9,a2,80,01,76,3f,6c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,ae,65,
64,a3,13,23,08,b2,27,27,0f,ef,7e,36,af
"{5A7B890D-29F9-E0A4-4899-A7F4678ABA8B}"=hex:51,66,7a,6c,4c,1d,3b,1b,1d,91,6d,
4a,cb,7c,c3,af,52,95,f8,af,63,c9,fc,92
"{5B0873D5-5594-6A5E-C854-FAEC42F510CC}"=hex:51,66,7a,6c,4c,1d,3b,1b,c5,6b,1e,
4b,a6,00,39,25,d2,58,a5,b7,46,b6,56,d5
"{E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC}"=hex:51,66,7a,6c,4c,1d,3b,1b,5d,26,b8,
f5,50,26,d1,d7,84,9f,23,ef,b4,e3,2e,e5
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8f,02,
66,c2,83,4b,09,ac,e7,8b,81,f5,9a,6b,5a
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,18,de,
cb,77,f1,3c,0c,a6,78,c3,7e,c5,86,ce,b0
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:14,08,a7,28,47,f2,cd,01
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,90,cc,a8,24,82,98,48,b9,6d,ef,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,90,cc,a8,24,82,98,48,b9,6d,ef,\
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.3fr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.arw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bms"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.CDA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.crw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cs1"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dcm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dib"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dng"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.12"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.emf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.erf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.fff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.gif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ico"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.j2k"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jp2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpe"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jps\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jps"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jxr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.kdc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.M3U"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mac"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mdm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.MP2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mpo"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.orf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pam\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pam"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcx"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pgm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.png"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pnm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pnm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pns\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pns"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ppm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psb"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rle"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rw2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwz"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.sr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tga"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.thm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tiff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x3f\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.x3f"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zbr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zbr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zcl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zcl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoamedcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoamedcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoameddef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoameddef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\SecuROM\License information*]
"datasecu"=hex:96,05,52,b9,0c,12,a4,6e,43,1e,17,72,92,5e,1d,52,d0,40,33,8c,8d,
a4,5b,2e,21,0b,b9,cd,6c,bb,a3,6d,c7,39,70,a5,89,d8,a8,48,54,50,5c,45,99,ba,\
"rkeysecu"=hex:0f,de,9b,d5,06,48,b3,ce,99,56,71,15,7f,b4,67,47
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item1]
@Denied: (2) (Administrator)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item2]
@Denied: (2) (Administrator)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item3]
@Denied: (2) (Administrator)
"Flag"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-20 12:12:02
ComboFix-quarantined-files.txt 2013-01-20 11:12
ComboFix2.txt 2012-07-15 09:47
.
Pre-Run: 42 439 315 456 bytes free
Post-Run: 42 405 265 408 bytes free
.
- - End Of File - - 7F5E361AF8CEA718BF9DA237BAF2120B

Re: Mam v PC virus

Napsal: 20 led 2013 12:32
od Rudy
Ještě dosčistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Folder::
c:\programdata\Babylon
c:\program files (x86)\BCool

RegLock::
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\DataMngr_Toolbar]
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\DataMngr\List\Item3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Regnull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Mam v PC virus

Napsal: 20 led 2013 13:15
od Lestatos
ComboFix 13-01-17.04 - Administrator . 01. 2013 12:52:18.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4003.1396 [GMT 1:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\users\Administrator\Desktop\CFScript.txt..txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BCool
c:\program files (x86)\BCool\sprotector.dll
c:\programdata\Babylon
.
.
((((((((((((((((((((((((( Files Created from 2012-12-20 to 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 11:57 . 2013-01-20 11:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-20 11:57 . 2013-01-20 11:57 -------- d-----w- c:\users\robert\AppData\Local\temp
2013-01-20 11:57 . 2013-01-20 11:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-20 11:57 . 2013-01-20 11:57 -------- d-----w- c:\users\postgres\AppData\Local\temp
2013-01-20 11:57 . 2013-01-20 11:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-18 20:59 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-18 16:48 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F39D1388-8E58-486E-946D-FFBF199BDD04}\mpengine.dll
2013-01-14 09:24 . 2013-01-14 09:24 -------- d-----w- c:\users\Administrator\AppData\Roaming\Babylon
2013-01-14 09:17 . 2013-01-14 09:17 -------- d-----w- c:\programdata\Cloud Software LTD
2013-01-14 09:17 . 2013-01-19 06:14 -------- d-----w- c:\program files (x86)\JustBrowse
2013-01-14 09:17 . 2013-01-15 07:09 -------- d-----w- c:\program files (x86)\Optimizer Pro
2013-01-14 09:16 . 2013-01-19 06:15 -------- d-----w- c:\program files (x86)\SaveAs
2013-01-14 09:16 . 2013-01-19 06:14 -------- d-----w- c:\programdata\SaveAs
2013-01-14 09:16 . 2013-01-19 06:17 -------- d-----w- c:\programdata\InstallMate
2013-01-14 09:09 . 2013-01-14 09:09 -------- d-----w- c:\users\Administrator\AppData\Local\CRE
2013-01-14 09:09 . 2013-01-14 09:09 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-14 09:08 . 2013-01-20 12:10 -------- d-----w- c:\users\Administrator\AppData\Roaming\uTorrent
2013-01-14 09:07 . 2013-01-14 09:07 969104 ----a-w- c:\program files\uTorrent.exe
2013-01-13 17:40 . 2013-01-15 07:04 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-13 17:40 . 2013-01-15 07:04 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-13 17:20 . 2013-01-13 17:20 699912 ----a-w- c:\program files\uninstall_flash_player.exe
2013-01-13 16:51 . 2013-01-13 16:51 4139168 ----a-w- c:\program files\install_flash_player_32bit.exe
2013-01-10 12:16 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-10 12:15 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 12:12 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 06:50 . 2013-01-10 06:50 -------- d-----w- c:\users\robert\AppData\Local\Apple Computer
2012-12-22 02:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 02:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 02:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-11 02:02 . 2012-03-13 06:32 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-17 17:47 . 2012-12-17 17:47 12768400 ----a-w- C:\Opera_1211_int_Setup.exe
2012-12-12 19:36 . 2012-12-12 19:34 21295968 ----a-w- C:\FullTiltSetup.exe
2012-12-03 13:43 . 2012-12-03 13:43 826 ----a-w- C:\keylog1a.zip
2012-11-30 04:45 . 2013-01-10 12:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 08:56 . 2012-11-14 08:56 12768736 ----a-w- c:\program files\Opera_1210_int_Setup.exe
2012-11-14 07:06 . 2012-12-13 06:36 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 06:36 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 06:37 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 06:37 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 06:37 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 06:37 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 06:37 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 06:36 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 06:36 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 06:36 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 06:37 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 06:36 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 06:37 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 06:37 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 06:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 06:37 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 06:36 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 06:37 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 06:37 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 06:37 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 06:37 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 06:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 14:33 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 14:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 16:50 . 2012-05-03 09:41 80521624 ----a-w- c:\program files\iTunes64Setup.exe
2012-11-02 05:59 . 2012-12-12 14:32 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 14:32 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-30 22:51 . 2012-03-25 16:10 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-03-25 16:17 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-03-25 16:10 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-03-25 16:10 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-03-25 16:10 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-03-25 16:10 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-03-25 16:10 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-03-25 16:17 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 17:04 . 2012-10-25 17:01 80521624 ----a-w- C:\iTunes64Setup.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-18 13:13 . 2012-10-18 13:13 3041341 ----a-w- c:\program files\DxtorySetup2.0.120.exe
2012-10-18 13:01 . 2012-10-18 13:01 3037059 ----a-w- c:\program files\DxtorySetup2.0.119.exe
2012-10-16 10:13 . 2012-10-16 10:11 4981258 ----a-w- c:\program files\ComboFix.exe
2012-10-09 03:37 . 2012-10-09 03:37 3462033 ----a-w- c:\program files\pci_filerecovery.exe
2012-09-21 13:15 . 2012-09-21 13:15 5896408 ----a-w- c:\program files\tcm801x32_64.exe
2012-09-06 01:47 . 2012-09-06 01:45 22657136 ----a-w- c:\program files\vlc-2.0.2-win32.exe
2012-09-02 11:07 . 2012-09-02 11:07 4472121 ----a-w- c:\program files\CamStudio_Setup_v2.6b.exe
2012-09-01 22:58 . 2012-09-01 22:57 11534325 ----a-w- c:\program files\setupscreenhunterfree.exe
2012-09-01 19:34 . 2012-09-01 19:34 8236984 ----a-w- c:\program files\ScreenshotCaptorSetup.exe
2012-09-01 11:55 . 2012-09-01 11:55 999840 ----a-w- c:\program files\install_flashplayer11x32_chra_au_aih.exe
2012-08-28 10:05 . 2012-08-28 10:03 22716480 ----a-w- c:\program files\Gw2Setup.exe
2012-08-03 14:16 . 2012-08-03 14:13 48359936 ----a-w- c:\program files\calibre-0.8.62.msi
2012-07-20 12:02 . 2012-07-20 12:01 10063000 ----a-w- c:\program files\mbam-setup-1.61.0.1400.exe
2012-07-20 11:58 . 2012-07-20 11:58 16373192 ----a-w- c:\program files\Windows-KB890830-V4.10.exe
2012-07-06 10:38 . 2012-04-20 13:16 296792 ----a-w- c:\program files\SweetImSetup.exe
2012-06-22 14:05 . 2012-06-22 14:05 1505732 ----a-w- c:\program files\MacheteLiteInst38.exe
2012-05-07 12:17 . 2012-05-07 12:16 17210144 ----a-w- c:\program files\jre-6u32-windows-x64.exe
2012-05-07 12:12 . 2012-05-07 12:11 26248832 ----a-w- c:\program files\JDownloaderSetup.exe
2012-04-29 15:00 . 2012-04-22 11:25 118088518 ----a-w- c:\program files\Holdem_Manager_Setup1.12.09.exe
2012-04-29 14:49 . 2012-03-11 18:52 16178184 ----a-w- c:\program files\PokerStarsInstall.exe
2012-04-20 10:58 . 2012-04-20 10:55 46104904 ----a-w- c:\program files\Diablo-III-Beta-enUS-Setup.exe
2012-04-13 18:58 . 2012-04-13 18:56 21853983 ----a-w- c:\program files\wireshark-win64-1.4.12.exe
2012-04-13 12:38 . 2012-04-13 12:37 20855157 ----a-w- c:\program files\ageofconan-en.exe
2012-04-06 07:51 . 2012-04-06 07:49 22259528 ----a-w- c:\program files\vlc-2.0.1-win32.exe
2012-03-31 03:27 . 2012-03-31 03:25 28904504 ----a-w- c:\program files\KindleForPC-installer.exe
2012-03-30 08:22 . 2012-03-11 18:42 3595896 ----a-w- c:\program files\TeamViewer_Setup_sk.exe
2012-03-26 07:08 . 2012-03-26 07:08 739816 ----a-w- c:\program files\GoogleEarthSetup.exe
2012-03-21 19:22 . 2012-03-21 19:21 20924432 ----a-w- c:\program files\the-gimp_2.6.12.exe
2012-03-21 18:49 . 2012-03-21 18:49 24460600 ----a-w- c:\program files\gimp-help-2-2.6.0-en-setup.exe
2012-03-13 15:05 . 2012-03-13 15:05 3870120 ----a-w- c:\program files\battlelog-web-plugins-1.116.0-retail-prod.exe
2012-03-10 17:19 . 2012-03-10 17:04 210810984 ----a-w- c:\program files\295.73-notebook-win7-winvista-64bit-international-whql.exe
2012-03-10 16:19 . 2012-03-10 16:19 292184 ----a-w- c:\program files\dxwebsetup.exe
2012-03-10 14:59 . 2012-03-10 14:58 17054752 ----a-w- c:\program files\OriginThinSetup.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5A7B890D-29F9-E0A4-4899-A7F4678ABA8B}]
2013-01-14 09:42 118784 ----a-w- c:\programdata\SaveAs\50f3d2fb22d1a.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5B0873D5-5594-6A5E-C854-FAEC42F510CC}]
2013-01-14 09:38 118784 ----a-w- c:\programdata\SaveAs\50f3d212c39a2.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC}]
2013-01-14 09:44 118784 ----a-w- c:\programdata\SaveAs\50f3d38c281a2.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-14 969104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-15 113288]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
c:\users\robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-02-10 28992]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-03-25 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-09 283200]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe [2011-06-24 160768]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-04-14 87552]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-04-14 207872]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-13 07:04]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.just-browse.info/
mStart Page = hxxp://websearch.just-browse.info/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Previesť cieľ odkazu do formátu Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Previesť do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridať cieľ odkazu do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pridať do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E8ED9DB4-506D-42A4-9389-5A67CA853A8A}: NameServer = 0.0.0.0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:14,08,a7,28,47,f2,cd,01
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,90,cc,a8,24,82,98,48,b9,6d,ef,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,90,cc,a8,24,82,98,48,b9,6d,ef,\
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.3fr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.arw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bms"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.CDA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.crw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cs1"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dcm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dib"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dng"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.12"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.emf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.erf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.fff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.gif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ico"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.j2k"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jp2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpe"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jps\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jps"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jxr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.kdc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.M3U"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mac"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mdm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="BSPlayerFile.MP2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mpo"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.orf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pam\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pam"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcx"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pgm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.png"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pnm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pnm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pns\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pns"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ppm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psb"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rle"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rw2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwz"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.sr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tga"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.thm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tiff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x3f\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.x3f"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zbr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zbr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zcl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zcl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoamedcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoamedcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoameddef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoameddef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\SecuROM\License information*]
"datasecu"=hex:96,05,52,b9,0c,12,a4,6e,43,1e,17,72,92,5e,1d,52,d0,40,33,8c,8d,
a4,5b,2e,21,0b,b9,cd,6c,bb,a3,6d,c7,39,70,a5,89,d8,a8,48,54,50,5c,45,99,ba,\
"rkeysecu"=hex:0f,de,9b,d5,06,48,b3,ce,99,56,71,15,7f,b4,67,47
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Completion time: 2013-01-20 13:13:23 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-20 12:13
ComboFix2.txt 2013-01-20 11:12
ComboFix3.txt 2012-07-15 09:47
.
Pre-Run: 42 425 253 888 bytes free
Post-Run: 42 410 475 520 bytes free
.
- - End Of File - - 894A64A9F8DD63DC84521DBB8E717ACF

Re: Mam v PC virus

Napsal: 20 led 2013 15:44
od Rudy
OK. Avast už nic nehlásí?

Re: Mam v PC virus

Napsal: 20 led 2013 16:59
od Lestatos
Avast uz nehlasi nic, zda sa ze je to vyriesene, ale aj tam mam pocit , ze mi nejako pomali nacitava webove stranky . Dakujem

Re: Mam v PC virus

Napsal: 20 led 2013 17:25
od Rudy
1. restartujte modem, příp. další síť. prvek v datové cestě.
2. Startmenu>přík. řádek>(napsat) netsh winsock reset>Enter. Restartujte PC.

Re: Mam v PC virus

Napsal: 20 led 2013 18:42
od Lestatos
Zda sa , ze je vsetko v poridaku, este jedna vec ma trapi, na IE mi vyskakuje nejaky baner s vyhrou, neporadite mi ako sa ho zbavit ? Dakujem

Re: Mam v PC virus

Napsal: 20 led 2013 18:52
od Rudy
Zkuste smazat cache prohlížeče.

Re: Mam v PC virus

Napsal: 20 led 2013 19:08
od Lestatos
Dakujem este raz za vsetko, pc je v poriadku.

Re: Mam v PC virus

Napsal: 20 led 2013 19:41
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz